Healthcare's Next AI Problem Isn't Adoption. It's Agent Sprawl.

What's happening

The first wave of healthcare AI was relatively easy to contain. You deployed an ambient scribe in one unit, a coding assistant in another. Each tool had a defined job, a defined data source, and a team responsible for watching it. The blast radius of any single failure was manageable.

The second wave looks different. Hospitals are standing up agents that read clinical notes to identify missing authorization, navigate payer portals, draft appeals, submit claims, and route exceptions — often without a human touching most of those steps. Separate agents handle medical coding, documentation review, policy lookup. Individual deployments are producing real results: CentralReach reports 25-40% reductions in workflow time for revenue cycle tasks, and Innovaccer's coding agent autonomously handles roughly 80% of patient encounters.

Now health system leaders are starting to ask what happens when all of these agents run simultaneously, and nobody has a clear view of how they interact.

City of Hope's Nasim Afsar put it plainly this week: organizations could soon have "tens, hundreds, thousands of agents" each doing their own thing, and the challenge isn't whether any individual agent works. It's orchestration across many point-solution deployments. Simon Nazarian frames the shift as distributed responsibility rather than centralized permission.

That's a diplomatic way of saying nobody's fully in charge.

Why this matters more in healthcare than elsewhere

In most industries, orchestration failure is a cost problem. In healthcare, it delays care.

The prior authorization burden is already severe before agentic automation enters the picture. According to the AMA's 2024 Prior Authorization Physician Survey:

• 27% of physicians say prior auth requests are often or always denied
• Physicians complete an average of 39 prior authorizations per week
• 93% say the process negatively impacts patient outcomes
• 94% say it delays access to necessary care

Now consider what happens when agents handling prior auth, coding, and appeals pull from different versions of payer policy documents, or from files that haven't been updated since the last contract cycle. The error doesn't surface as a hallucination. It shows up as a valid decision made on outdated rules — and by the time anyone traces it back to a source document, the patient has already waited.

The breakdown

From copilots to cross-workflow agents

The first-wave model was built around human closure. A coder got suggestions and made the call. A prior auth specialist received a pre-filled form and submitted it. An ambient scribe drafted notes that a physician reviewed before signing. Automation extended human judgment; it didn't replace the handoffs.

Agentic revenue cycle systems change the architecture. According to Unite.AI's reporting on agentic RCM, today's deployments can read clinical notes, identify missing authorization, navigate payer portals, submit requests, build appeals, and route exceptions across a single patient encounter. Human involvement shifts to exception handling, not transaction processing.

The efficiency gains are real and documented. The visibility problem is equally real. Each additional agent in a workflow is another place where a wrong document, a stale policy, or a permission boundary gets crossed without anyone noticing until a claim fails.

Orchestration failure is the new failure mode

Healthcare AI governance conversations used to center on hallucination — models fabricating clinical information, inventing drug interactions, generating confident nonsense. That risk is better understood now and increasingly addressed at the model layer.

The risk that's harder to catch is different. Two agents acting on contradictory versions of the same payer policy. A handoff between a coding agent and a claims agent that drops relevant context. An appeals agent working from rules that changed three weeks ago. These failures don't announce themselves. They embed in workflows as valid-looking transactions, and tracing them back requires knowing what each agent retrieved and when.

That's not a model problem. It's a source problem.

Document-heavy admin workflows are where agents land first

Prior auth. Claims. Coding. Appeals. Documentation. Policy lookup. These are the workflows where agents are deploying now, and they share a common dependency: they require accurate, current documents.

Payer requirements change. Coverage policies update. Formularies shift. Appeal windows vary by payer and contract cycle. A prior auth agent working from last quarter's coverage policy will generate requests that get denied for reasons the agent cannot explain. A claims agent relying on a coding guide that was superseded in January will produce submissions that fail clean.

The scale of autonomous coding deployments makes this concrete. At 80% of patient encounters coded without human review, a documentation error in the source knowledge doesn't get a sanity check on the way through. It gets processed.

Security and governance converge on the same gap

HealthcareInfoSecurity reported this week that organizations often cannot secure AI agents because they lack control over the underlying data. Security teams frequently lack visibility into models, training data, and retrieval pipelines.

That's not strictly a security problem, though it shows up in security audits. It's a knowledge governance problem with security consequences.

Australia's newly established National Clinical Governance Committee for Digital Health is explicitly focused on safe AI implementation in healthcare settings alongside virtual care and information sharing. The committee's creation suggests regulators are trying to formalize governance structures before deployment fully matures. Whether the US develops comparable oversight before agent count scales is still an open question.

What it means for healthcare operations

The missing layer isn't a better model. It's a governed source of truth that all agents can consistently depend on.

When agents handle prior auth, coding, claims, documentation, and appeals across the same patient population, they all draw from the same body of knowledge: payer policies, coverage criteria, coding guidelines, appeal rules, clinical protocols. For that to work at scale, the source layer needs to be current, permission-aware, contradiction-free, version-traced, and auditable. Not for compliance theater — because agents acting on fragmented, stale, or inconsistent information produce fragmented, stale, and inconsistent decisions.

Ambient clinical AI is already creating medical record governance problems as AI-generated documentation enters the permanent record. Multi-agent RCM operations add a second governance layer on top: now agents are acting on those records, not just creating them.

Platforms like Mojar AI are designed around this problem — retrievable, governed, version-traced document intelligence that gives agents a consistent and auditable source to work from. The framing isn't about replacing agents. It's about giving the agents something reliable to read.

Healthcare organizations that deploy agents before solving the knowledge governance problem are optimizing individual workflows while introducing system-wide fragility. That's not a model risk. It's an architecture risk.

What to watch

Hospital governance committees are starting to appear in vendor conversations, which is new. Watch whether health systems build oversight frameworks before agent count grows — or only after a high-profile orchestration failure forces the question. Watch vendor claims about "agentic automation": the relevant question isn't whether the agent works, it's what it reads and whether that source is governed. And watch whether the US develops formal governance structures comparable to Australia's clinical committee before agents are running at production scale across every major health system.

Healthcare's next AI bottleneck may not be model quality. It may be whether hospitals build a shared, governed source of truth before every department starts deploying agents that act on different documents, different rules, and different assumptions about what's current.