AI Agents for healthcare: How to Automate real-time decisioning (single-agent with LangGraph)

Healthcare operations are full of decisions that need to happen in seconds, not hours: prior auth triage, patient routing, claims exception handling, and clinical escalation. A single-agent setup with LangGraph is a good fit when you need one controlled decision-maker that can read context, check policy, call tools, and return an auditable action without spinning up a brittle multi-agent system.

The Business Case

• •

  Reduce triage time from 10–15 minutes to under 60 seconds

  • •For prior authorization intake or referral routing, an agent can classify the request, pull the right policy, and route it to the correct queue.
  • •In a mid-size payer or provider org processing 5,000 cases/day, that saves roughly 800–1,200 staff hours/month.
• •

  Cut manual review costs by 30–50%

  • •A single agent can handle low-risk decisions like eligibility checks, document completeness validation, and first-pass denial reason mapping.
  • •If your ops team spends $18–$35 per case on manual handling, automation can bring that down materially by deflecting routine work.
• •

  Reduce decision error rates by 20–40%

  • •Human reviewers miss missing ICD-10 codes, outdated plan rules, or incomplete attachments under load.
  • •An agent with deterministic guardrails can enforce policy checks consistently before anything reaches a human.
• •

  Improve SLA compliance for high-volume workflows

  • •Claims exceptions, utilization management reviews, and member service escalations often miss same-day SLAs because of queue backlogs.
  • •A real-time decisioning layer can keep first-response times inside a 5-minute or same-shift target for most routine cases.

Architecture

A production setup does not need a swarm of agents. For healthcare decisioning, one well-bounded agent with strict tool access is usually the safer design.

• •

  Decision Orchestrator: LangGraph

  • •Use LangGraph to define the state machine: intake → policy retrieval → risk scoring → action selection → human escalation.
  • •Keep the graph explicit. In healthcare, hidden autonomy is how you end up with compliance incidents.
• •

  Policy and knowledge layer: LangChain + pgvector

  • •Store payer policies, clinical SOPs, CMS guidance, and internal care pathways in PostgreSQL with pgvector.
  • •Use LangChain retrieval chains to fetch only the relevant snippets for the current case.
  • •This works well for things like prior auth rules tied to CPT/HCPCS codes or referral criteria by specialty.
• •

  Tooling layer: EHR/claims APIs + rules engine

  • •Connect the agent to FHIR endpoints, claims systems, eligibility APIs, and document stores.
  • •Add a deterministic rules engine for hard constraints:
    • •HIPAA-required minimum necessary access
    • •age-based routing
    • •covered-benefit checks
    • •exclusion lists for high-risk decisions
• •

  Audit and monitoring layer: immutable logs + SOC 2 controls

  • •Log every input, retrieved policy chunk, tool call, output decision, and human override.
  • •Store audit trails in WORM-style storage or an append-only log.
  • •This matters for HIPAA investigations, SOC 2 evidence collection, and internal model governance.

Reference flow

Request arrives
→ LangGraph state machine classifies request
→ Retrieve policy from pgvector
→ Call FHIR/claims/document tools
→ Apply rules engine
→ Return approve / deny / escalate
→ Write full audit record

What Can Go Wrong

A healthcare agent also needs jurisdiction awareness. If you operate in the EU or UK, GDPR adds stricter requirements around automated decision-making and data minimization. If your organization has enterprise customers or partners asking for assurance reports, SOC 2 controls around access logging and change management are non-negotiable.

Getting Started

1. •

   Pick one narrow workflow

   • •Good pilot candidates:
     • •prior auth intake classification
     • •claims attachment completeness checks
     • •appointment routing
     • •referral specialty matching
   • •Avoid anything that directly determines medical necessity on day one.
2. •

   Define success metrics before building

   • •Track:
     • •average handling time
     • •first-pass resolution rate
     • •human override rate
     • •false escalation rate
     • •SLA adherence
   • •Set realistic pilot targets over 6–8 weeks:
     • •25–35% reduction in handling time
     • •<5% incorrect auto-routing
     • •

       90% audit completeness

3. •

   Build a small cross-functional team

   • •You need:
     • •1 product owner from operations or care management
     • •1 backend engineer
     • •1 ML/AI engineer familiar with LangGraph/LangChain
     • •1 security/compliance partner
     • •part-time SME from billing, UM review, or clinical ops
   • •That is enough for a focused pilot without turning it into a platform project.
4. •

   Run in shadow mode first

   • •Let the agent make recommendations while humans make the final call.
   • •Compare outputs against actual reviewer decisions for at least 2–4 weeks.
   • •Only move to assisted automation when variance is understood and documented.

For healthcare companies evaluating real-time decisioning automation, the right question is not “Can an agent do this?” It is “Can we constrain it tightly enough to be safe, auditable, and useful?” With a single-agent LangGraph design, the answer is often yes—if you start narrow and treat governance as part of the architecture.

Keep learning

• •The complete AI Agents Roadmap — my full 8-step breakdown
• •Free: The AI Agent Starter Kit — PDF checklist + starter code
• •Work with me — I build AI for banks and insurance companies

By Cyprian Aarons, AI Consultant at Topiax.