AWS, Bluesight launch AI assistant for hospital 340B compliance
Prism Assistant for ControlCheck is generally available at 20 health systems; a multi-product 340B GPO compliance agent is scheduled for 2026.
AWS and Bluesight released Prism Assistant for ControlCheck into general availability across 20 health systems. The AI layer is designed to speed controlled-substance investigations and to automate parts of the 340B exception review process. A broader multi-product agent that targets Group Purchasing Organization (GPO) compliance is planned for 2026.
Prism Assistant provides a conversational interface that queries ControlCheck data, generates charts and drafts report material for hospital pharmacy and compliance teams. Bluesight said it began development during a three-day AWS Experience-Based Acceleration engagement in September 2025 and reached general availability in under nine months. ControlCheck is Bluesight’s controlled-substance monitoring product used by hospital diversion teams to detect unusual medication transaction patterns.
The deployment uses Strands Agents with Amazon Bedrock and runs on Amazon Bedrock AgentCore Runtime. AgentCore Gateway exposes ControlCheck APIs as callable tools. Bluesight wrapped existing API endpoints with AWS Lambda functions that return structured data for the agent instead of allowing the model direct database access. Bluesight reported that query latency fell from about five minutes to roughly ten seconds after the redesign. The front end includes chart generation, observability controls, cost attribution, encryption and authentication, and infrastructure-as-code.
Bluesight plans a 340B GPO agent that will combine records from three products: CostCheck for purchase data, ShortageCheck for supply evidence, and 340BCheck for eligibility validation. Architecture tested in March 2026 used Anthropic Claude Sonnet 4.6 as the primary model and Claude Haiku 4.5 for lower-latency tasks through Amazon Bedrock. AgentCore Runtime runs agents in a virtual private cloud with private subnets while AgentCore Gateway connects Lambda-backed tools to the three product systems.
A coordinating agent delegates work to specialist data workers that retrieve invoices, gather shortage evidence and validate eligibility. In synthetic tests on prepared scenarios, the GPO architecture returned a 100 percent invoice discovery rate and 93 percent evidence-justification accuracy against a target of 85 percent. Bluesight and AWS cautioned that synthetic results do not represent production performance and that real hospital data can include gaps, delayed shortage updates, unusual drug identifiers or disputed purchases.
Compliance determinations in the GPO workflow are produced by a deterministic scoring service outside the language model. That service evaluates 13 evidence inputs, applies priority-based matching and configurable time windows, and produces a repeatable score with an audit trail. The language model is limited to record gathering, tool calls and drafting explanations; final determinations depend on the scoring logic and hospital policy settings such as shortage thresholds, acceptable inventory periods and purchase-date windows.
Prism and the planned GPO architecture include HIPAA-focused controls. Amazon Bedrock is HIPAA-eligible and Bluesight operates under a Business Associate Agreement with AWS. Authentication uses Amazon Cognito for OAuth2 and JSON Web Token validation. Data encryption uses AWS Key Management Service, credentials are managed with AWS Secrets Manager, and Amazon CloudWatch records agent decisions, tool invocations and data-access events for audit purposes.
Bluesight reported internal measurements from the 20 health systems using Prism that show faster workflows: recurring report assembly reportedly fell from about six hours to 15 minutes, pre-investigation triage dropped from roughly three hours to 10 minutes, and controlled-substance variance analysis fell from about 30 minutes to under one minute. Samir Neyazi, director of product management at Bluesight, described the assistant as “It gets them to answers faster and takes the manual grind out of every investigation.”
AWS noted that a single 340B covered entity can spend more than 4,000 staff hours annually reviewing whether GPO drug purchases qualify for an exception. Both companies said sites should validate data completeness, drug-code matching, shortage timing and exception rules by running historical cases in parallel with existing review processes before relying on agent-assisted findings. Each production finding should retain the scoring-rule version, source evidence and tool trace that produced it.
Content on BlockPort is provided for informational purposes only and does not constitute financial guidance.
We strive to ensure the accuracy and relevance of the information we share, but we do not guarantee that all content is complete, error-free, or up to date. BlockPort disclaims any liability for losses, mistakes, or actions taken based on the material found on this site.
Always conduct your own research before making financial decisions and consider consulting with a licensed advisor.
For further details, please review our Terms of Use, Privacy Policy, and Disclaimer.








