From 60 Minutes To 60 Seconds: Production MCP Workflows for Healthcare Billing - Andrew Espira, Kustode

by Andrew Espira

Day 1 · Juilliard Complex (5th Floor) · Apps and Agents · 19 min · 3 min read

Applied AI AI Safety & Ethics

TL;DR

Andrew Espira demonstrated a multi-agent MCP system that reduces healthcare billing claim review from roughly 60 minutes to 60 seconds. The system uses a security layer, an agent orchestrator, and a Sentinel governing agent to validate actions, block PHI access, and enforce confidence thresholds. One prompt calls eight tools to return codes, modifiers, and coverage data.

The 60-Minute Billing Problem

▶ Watch (0:05)

Healthcare billing requires billers to juggle seven browser tabs and six PDFs to find the right CPT codes, modifiers, and coverage rules. Once submitted, insurers deny claims for small coding errors. Each appeal takes 45 to 50 days. Insurers now build models trained to detect errors and deny as many claims as possible. The process takes 60 minutes per claim — if everything goes well.

MCPs and Agents: One Prompt, Eight Tools

▶ Watch (3:55)

Espira’s team built a knowledge layer with APIs pulling data from CMS. MCP servers let a single prompt call six different tools in one session. Agents do not predict or reason — they synthesize retrieved data and choose the correct tool. The agent does not need patient PHI; it only needs procedure type, service date, and codes. A reasoning layer logs why each tool was called and every decision made.

Demo: Sentinel, Security, and the 92% Confidence

▶ Watch (9:44)

Espira demoed a $40,000 surgical procedure. A single prompt triggered eight tool calls. The security layer analyzed the prompt for PHI before passing it to the agent orchestrator. The Sentinel governing agent validated each decision. It returned a confidence score of 92% and a full audit trail of tool calls and reasoning. A prompt injection attempt was blocked. When the agent flagged a denial, Sentinel required human review before proceeding. Responses below 60% confidence were discarded and fed back as context.

Roadmap: Private Insurer Rules and Open-Source Security

▶ Watch (15:16)

Next steps include building web crawlers that pull payer rules from private insurer websites into the data layer. Multi-agent orchestration will handle the growing complexity. The team will harden the security layer and open source all security protocols for agent guardrails. The goal is to prevent agents from breaching any security protocols while scaling to more insurers. “Let the community continue building on it,” Espira said.

Notable Quotes

very small stuff integration of MCPS into existing workflows Andrew Espira · ▶ Watch (6:31)

agents try to be smart all the time. They try to jump guardrails Andrew Espira · ▶ Watch (7:28)

all the security protocols that we are working on, we are going to open source all of them Andrew Espira · ▶ Watch (16:24)

Key Takeaways

MCPs reduce healthcare billing from 60 minutes to 60 seconds by consolidating multiple data sources.
A Sentinel governing agent and confidence thresholds prevent agents from accessing PHI or making unsafe decisions.
Kustode will open source its security protocols to help the community build safer agent systems.

About the Speaker

Andrew Espira is a Site Reliability Engineer with over seven years of experience in DevOps, Infrastructure, and Site Reliability Engineering. He specializes in optimizing large-scale system environments, cloud infrastructure, and distributed systems. He is passionate about cloud-native technologies and building secure, scalable AI systems for healthcare.

Filed under

Applied AI AI Safety & Ethics