AI Insurance Policy Decoder for Cancer Patients
ChemoCompass
Identifying the need
85% of cancer patients face insurance barriers before they even start treatment. The problem? A typical insurance policy is 50+ pages of legal jargon written in 8-point font. Deductibles buried on page 23. Out-of-pocket maximums hidden in footnotes. Prior authorisation requirements scattered across sections.
When you're fighting cancer, you don't have time to decode insurance. You need to know: how much will this cost me? What's covered? What do I do next? But getting those answers requires either hiring a professional or spending hours with a highlighter and calculator.
So I built what cancer patients needed: an AI-powered policy decoder that analyses any insurance PDF in 30 seconds and extracts what actually matters — deductibles, coverage, next steps — all in plain language. This isn't a chatbot. It's a translator between insurance companies and humans fighting for their lives.
Mapping out the solution
I started by interviewing the problem. Downloaded real insurance policies (anonymised). Read through 50+ pages of one policy. Timed how long it took to find the deductible: 12 minutes. The information architecture is deliberately opaque.
Next came technical research: PDF text extraction, AI analysis, and security. I needed Azure OpenAI to extract specific fields — deductible, out-of-pocket max, coinsurance, covered services, prior auth requirements. The challenge was handling messy real-world PDFs: scanned images, multi-column layouts, missing sections, OCR errors. The solution: confidence scoring.
Security research revealed the gaps — prompt injection attacks, non-insurance documents, data validation. I designed a 4-layer security system: input validation before AI, hardened AI prompts, output sanitisation after AI, and graceful error handling.
The Product
The upload experience uses a drag-and-drop zone with real-time validation. Upload any insurance policy PDF, watch a 20-30 second analysis, and receive a comprehensive dashboard with extracted information.
The dashboard displays financial overview (deductible, out-of-pocket max, coinsurance with confidence indicators), coverage details (covered services, prior auth requirements), key insights (3-5 most important facts), and next steps (prioritised action items with time estimates).
Security implementation: 4 layers — input validation, AI prompt hardening, output sanitisation, and graceful error handling. Zero data retention — analysis happens in real-time, nothing is stored.
Final Product
Tech Stack
What I Learned
Key Takeaways
Security isn't optional in healthcare tech
Handling medical documents requires 4 security layers: input validation, hardened prompts, output sanitisation, and error handling. This is baseline, not paranoia.
Confidence scoring builds trust more than accuracy
Saying "Deductible: R1,500 (low confidence — verify with insurer)" is more valuable than confidently stating a wrong number. Transparency about uncertainty builds trust.
Real-world PDFs are messier than test data
I built for clean, well-formatted PDFs. Actual insurance policies: scanned images, multi-column layouts, OCR errors. Solution: graceful degradation and clear warnings.
Full-stack deployment teaches what tutorials skip
Local development: works perfectly. Production: CORS errors, missing env variables, cold start delays. Troubleshooting deployment failures taught me more than building features.
Healthcare UX requires empathy, not just usability
Cancer patients are stressed and often on phones in hospital waiting rooms. That informed every design choice: large touch targets, confidence indicators, print functionality.
Next step
See more of my work