A local-first tool that helps Medicare beneficiaries and their caregivers review Explanation of Benefit records, surface billing discrepancies, and generate formal appeal documentation — without sending a single byte of health data to a cloud server.
"As a caregiver to a disabled Medicare beneficiary, we spend an enormous amount of time reviewing and adjudicating claims. This tool exists to change that."
Medicare beneficiaries with complex medical histories receive dozens of Explanation of Benefit records per year. Billing errors, miscoded procedures, and wrongful denials are common — but identifying and appealing them requires technical knowledge most beneficiaries and caregivers simply don't have time to develop. The administrative burden falls hardest on those least able to bear it.
AI Patient Advocate connects directly to Medicare's official Blue Button 2.0 API, analyzes every EOB against a structured rules engine, classifies patient liability into three actionable categories, and generates CMS-20027 Redetermination Request letters pre-filled with the applicable regulatory basis. Everything runs locally. No intermediaries. No data ever leaves the device.
Every component was designed around the actual Blue Button 2.0 API specification, the CARIN Blue Button Implementation Guide, and the BB2 data dictionary. Nothing is assumed. Everything is sourced.
OAuth 2.0 + PKCE authorization flow to Medicare's official FHIR R4 endpoint. Paginated EOB retrieval across all 8 claim types with auto token refresh.
Per-claim-type parsing keyed on Blue Button variable URLs, not generic FHIR category codes. Handles the multi-entry adjudication structure that causes double and triple counting with naive implementations.
291 CARC codes with triage classification, denial type routing, and patient-facing guidance. Deterministic — every classification decision is traceable to a specific code and CFR citation.
All PHI is stored exclusively on the user's machine. Flask serves only localhost. No database. No cloud sync. No telemetry. The user can delete all data with a single confirmed action.
Ollama running phi4-mini locally generates plain-language claim explanations. The model receives structured data from the engine — never raw PHI. No API calls to external AI services.
Every displayed value is traceable to its source BB variable, the formula applied, and the CMS field definition. Live CMS API verification shows actual response headers as proof of a real-time data fetch.
Blue Button 2.0 emits multiple adjudication entries with the same generic FHIR category code. A naive implementation sums them all and produces values 2–5× too high. This engine keys on the specific BB variable URL in the secondary coding system, which is the only way to correctly identify each financial component.
Each Medicare claim type (Outpatient, Inpatient, Carrier, DME, SNF, HHA, Hospice, PDE) has a structurally different adjudication schema. Patient liability lives in line-item adjudications for some types and in benefitBalance for others. Each type has a dedicated parsing path built from the BB2 field catalog.
Artificial intelligence plays a defined, auditable role in this project. Development is AI-assisted. Runtime explanations are AI-generated but grounded in deterministic engine output. The rules engine itself is deterministic — every triage decision traces to a specific code and regulation.
The application handles the entire workflow — authorization, data retrieval, analysis, and document generation — without the user needing to understand FHIR, CARC codes, or Medicare appeals regulations.
Authorize access through Medicare.gov using the Blue Button 2.0 API. OAuth + PKCE secures the flow. Claims data is downloaded directly to your device. You can revoke access at any time.
The engine analyzes each Explanation of Benefit against 291 CARC codes, classifies patient liability, detects anomalies, and prioritizes claims by financial risk and actionability. Every number traces to its CMS source field.
For flagged claims, generate a draft CMS-20027 Redetermination Request pre-filled with claim details, denial codes, and the applicable 42 CFR regulatory basis. Download as PDF. Submit to your MAC.
Medicare data is among the most sensitive personal information that exists. This application was architected from the ground up around the principle that no health data should ever transit a third-party server.
All downloaded claims data, tokens, reports, and appeal letters are stored exclusively on your personal machine. The application serves only localhost — it is not accessible from outside your device.
There is no backend server, no database, no analytics, no crash reporting, and no usage tracking. The only external connections are to Medicare's own Blue Button API and the local Ollama model server.
A single confirmed action permanently deletes all claims data, tokens, reports, and appeal documents from your device. You can also revoke Medicare API access at any time from within the application.
Active opt-in to Privacy Policy and Terms of Service is required before any Medicare connection is initiated, per CMS Blue Button 2.0 developer requirements. Consent is logged locally with timestamp.
20-year Solutions Architect with DoD and Fortune 500 credentials. AI Patient Advocate is one of 25 AI projects built in the past year — and the most personal. As a caregiver to a disabled Medicare beneficiary, this tool solves a problem I live with every day.
View full background & project portfolio →