The Math That Used to Work

My friend is fighting a work comp claim for a neck injury. Among the 2,000 pages of "discovery" that the defense dumped on her, we (with the help of Claude's Opus) found her pap smear results for the past 3 years.

Colonoscopies, gynecological records, pharmacy histories—all packaged as "relevant" to a spine injury.

The data dump was never about transparency. It was manipulation.

The Math That Used to Work

Who has time to read 2,000 pages on a CD? (Does anyone own a CD reader?) How will you get the data transferred so you can read it? Do you want to figure it out or just give up?

Processing 2,000 pages costs thousands in paralegal hours or weeks at home. Most people understandably give up before page 400. And if they don't, they may walk away to protect their sanity. The volume is the business model.

Opus processed the epic dump in an hour. I had one task—"review the attached PDFs and create a matrix. List what each PDF contains, note any duplicative files, calculate the total number of pages, and the percentage of garbage."

That's when I found the pap smears buried amongst neck injury details.

Then she showed the court exactly what the insurer, and their lawyers, were doing. Needless to say, they went through some things. After she flagged every irrelevant record—the gynecological history, the colonoscopies, the pharmacy—it was clear what was relevant and what was clinical voyeurism dressed up as discovery.

At the end of the courtroom assisted "clarity meeting," things shifted.

53 Documents

Last week, the neurosurgeon appointed for a second consult received 53 documents—including the referral. She got her copy via email.

From 2,000 pages to 53.

In the past, the excuse for sending every file possible was always that filtering information was too expensive, time-consuming, and complicated. That "reasonable efforts" under HIPAA couldn't possibly mean actually sorting through records.

Hospitals claimed they didn't have the resources. Insurers claimed it wasn't their job. TPAs claimed it was standard practice. Everyone pointed at everyone else, and the patient drowned in paper and denials.

But their immediate ability to send only 53 clinically relevant documents proves the capability always existed. It was always a choice.

Her History Doesn't Belong to Her

Our personal medical history doesn't belong to us. It belongs to the institutions.

Every step of this process required my friend to ask for her own records. The neurosurgeon, who never had to request anything, got everything she needed via fax. My friend got her copy as a "courtesy." The architecture still defaults to the institution holding the data and requires the patient to request access.

Why is the history of our bodies less deserving of control?

Think about your credit profile. If you suspect fraud or want to avoid a random credit check you never authorized, you can lock your credit file with a single click. Three agencies hold the data. You control access. Simple.

When we need our own medical records, we navigate a hospital portal and "request permission" like guests in our own lives. We fill out forms, wait, and call back when the forms don't go through. We explain why we need our own history. We pay fees for copies of information we generated by showing up and being patients.

The architecture is backwards. Hospitals hold the "master" record. Insurers decide what gets shared and how. Patients stand outside the system, asking for scraps of their own story.

The Personal Vault

The next architectural evolution isn't a better portal. It's an AI-driven Personal Vault.

Whoever wants my medical history should be knocking on my digital door. Rather than "donate" my files, I can lease specific pieces of them. I grant a doctor access to a relevant folder during a visit, and when I leave, the key expires.

No more 2,000-page dumps. No more pap smears in spine files. An AI gatekeeper—loyal to me, not to them—filters for relevance. The doctor gets the ortho history. The insurer gets the claim documentation. Nobody gets gynecological records because they’re lazy.

The HIPAA "Minimum Necessary" rule already requires this. But it’s been a dead letter for decades because patients couldn't push back. AI changes that equation. The technology to filter exists. I used it to help my friend.

Who Builds It

Who is going to build the vault? If it's the hospitals, it's business as usual. If it's insurers, or Amazon, or OpenAI, they're in control. Amazon already owns PillPack, One Medical, Amazon Pharmacy. They see what drugs you buy, when you refill, what you eat, and what Alexa hears. Google sees searches, location, devices, and now gets to scrape from Apple users.

OpenAI just launched a healthcare platform marketed as "efficiency."

They all have the same long game. Pattern mining. Turning medical histories into predictive shadows. If these companies build the vault, they hold the key. The architecture may change, along with the "sell," but the power dynamic doesn't.

How do we finally get a patient-first system that isn't controlled by a private company?

The Gap

The technology to protect patients exists. The will to use it doesn't. My friend's 2,000 pages arrived on a 1978 CD. Insurers can authorize robotic surgeries, deploy AI to deny claims in seconds, integrate with electronic health records across hospital systems—but they're still burning CDs.

What Remains

I can afford Opus and offer my time. Most people can't. So, tomorrow another dump lands on someone else's doorstep—another CD that doesn't work on a 2022 laptop.

The default hasn't changed. But something is shifting. We showed a court how a data dump was designed to obscure rather than reveal. The next specialist got 53 documents instead of 2,000.

So, the fight still remains. But I have hope.

I look forward to AI tools that bring balance to processes that were never really for the user.