In November 2023, a bombshell investigation revealed that UnitedHealth Group's AI system for denying prior authorization requests had an override rate of roughly 90 percent when patients appealed. Ninety percent. That means the algorithm was wrong nine times out of ten when a human actually reviewed its decisions. The system, known internally as nH Predict, was processing claims at a pace no team of human reviewers could match. And that was precisely the point.
I have spent over fifteen years building production AI systems for healthcare organizations, federal agencies, and academic medical centers. When I review the technical architecture behind these prior authorization algorithms, I see familiar patterns: predictive models trained on historical claims data, optimized for cost containment, and deployed with minimal human oversight. The legal implications are enormous, and the litigation is just beginning.
How Prior Authorization AI Actually Works
To understand why these systems fail, you first need to understand how they work. Prior authorization AI systems are, at their core, classification models. They ingest a set of inputs about a patient, a diagnosis, a proposed treatment, and the patient's coverage plan. They then predict whether the claim should be approved, denied, or flagged for human review.
The training data comes from years of historical claims decisions. Here is the critical problem: that historical data reflects the decisions of human reviewers who were themselves operating under cost-containment pressure. The AI doesn't learn medical necessity in any clinical sense. It learns the patterns of past approvals and denials. If certain procedures were historically denied at high rates for particular patient demographics or diagnosis codes, the model will replicate those patterns.
UnitedHealth's nH Predict system reportedly used a relatively straightforward predictive model that estimated the probability a patient would be dischargeable by a certain date, then used that prediction to deny continued coverage. The model did not examine the patient's actual medical records in any meaningful way. It operated on structured data fields: diagnosis codes, length of stay, patient age, facility type. The individual patient's clinical reality was, in effect, invisible to the system.
When an AI system denies a claim based on statistical patterns rather than clinical review, it is not practicing medicine. It is practicing cost optimization and calling it medical necessity.
The Lawsuit Landscape
The legal challenges to these systems are mounting rapidly. The class action against UnitedHealth, filed in the District of Minnesota, alleges that the company used its nH Predict algorithm to systematically deny post-acute care coverage to elderly patients on Medicare Advantage plans. The complaint alleges violations of ERISA, breach of fiduciary duty, and breach of contract.
Cigna faces similar litigation over its PXDX system, which reportedly allowed physicians to deny claims in bulk, sometimes reviewing and rejecting hundreds of claims in a matter of seconds. The technical reality here is stark: no physician can conduct a meaningful medical necessity review in 1.2 seconds per case. The system was functioning as an automated denial engine with a physician's electronic signature attached.
Several state attorneys general have also opened investigations, and the Centers for Medicare and Medicaid Services (CMS) finalized a rule in 2024 requiring Medicare Advantage plans to base coverage decisions on individual patient circumstances rather than algorithmic predictions alone. This regulatory development is significant because it creates a clear standard against which expert witnesses can evaluate AI-driven denial systems.
The Expert Witness Angle: Proving Algorithmic Harm
When I am retained as an expert in these matters, my analysis typically focuses on several key technical questions that map directly to legal elements.
First, what data did the model actually use? If the system relied on diagnosis codes and demographic data without reviewing clinical notes, imaging results, or treating physician assessments, that is a fundamental design limitation. It means the system was structurally incapable of assessing medical necessity on an individual basis. This goes to the heart of whether the insurer met its contractual and regulatory obligations.
Second, how was the model validated? A properly validated clinical AI system should be tested against outcomes that matter: patient health outcomes, readmission rates, clinical appropriateness of the decisions. If the model was validated solely on cost metrics or denial rate consistency, that tells you everything about the system's actual purpose.
Third, what was the human review process? The law requires that prior authorization denials involve physician review. If the physician's role was reduced to clicking "approve" on an algorithmically generated recommendation at a pace of hundreds per hour, that is not meaningful review. I can demonstrate this through system logs, click-through rates, and time-per-decision analysis.
The Discovery Battle
One of the most consequential aspects of these cases is the fight over technical discovery. Insurers routinely claim that their AI models, training data, and validation studies are trade secrets. Plaintiffs' attorneys need to push back aggressively on these claims. The model's architecture, its training data composition, its error rates across demographic groups, and the decision logs for the specific patient at issue are all essential to proving the case.
In my experience, the most revealing documents are often the internal communications surrounding model deployment. Engineers and data scientists frequently raise concerns about error rates, bias, or the gap between what the model is designed to do and how it is being marketed to regulators. These communications are discoverable and can be devastating at trial.
What Attorneys Should Know
If you are representing patients whose claims have been denied by AI systems, here are the practical steps that matter most.
Retain technical expertise early. These cases require someone who can read model documentation, evaluate training data, and explain probabilistic decision-making to a jury. Waiting until the expert disclosure deadline to engage an AI expert is too late. You need technical guidance during discovery to know what documents to request and how to evaluate what you receive.
Request the decision logs. Every AI system generates logs. You want the specific inputs the model received for your client's claim, the model's output, any confidence scores or probability estimates, and the timestamp and duration of any human review that followed.
Follow the validation trail. Ask for every validation study, bias audit, and accuracy assessment the insurer conducted before and after deployment. Compare what the insurer told regulators about the system's accuracy with what the internal data actually shows.
The era of AI-driven claim denials operating in the shadows is ending. Courts, regulators, and the public are paying attention. For attorneys willing to dig into the technical details, these cases represent an opportunity to hold insurers accountable for the systems they have chosen to deploy. The algorithms are not neutral. They were built to serve a purpose, and proving that purpose is what expert testimony is for.
The Criterion AI provides expert witness services and litigation support for matters involving artificial intelligence, machine learning, and algorithmic decision-making. For a confidential consultation on an active or anticipated matter, contact us at criterion@thecriterionai.com or call (617) 798-9715.