Integration architecture
EHR Integration for Medical AI: How AI Reads and Writes to Your EHR Safely
A medical AI agent is only as useful as its connection to the chart. This is the technical reference for how MedReception AI integrates with 23 production EHR and practice management systems, what the AI is allowed to read and write, and how the integration stays safe when an upstream API has a bad day.
EHRs Integrated
23
Production EHR and PM systems in active use
FHIR Native
14
Systems supported via FHIR R4 read and write
RPA Fallback
9
Legacy systems automated via secure UI workers
Write Success
99.7%
Successful writes across all integration paths
Integration approaches
Four Ways the AI Talks to Your EHR
No single integration approach covers every EHR. MedReception AI uses the highest-fidelity path each vendor supports, then falls back through a documented hierarchy when needed. The AI agent is identical across approaches, only the transport changes.
FHIR R4 (preferred)
- • SMART on FHIR OAuth 2.0 client credentials
- • Patient, Appointment, Slot, Practitioner resources
- • Native read and write with vendor-issued client IDs
- • Used by Athena, Epic, Cerner, ModMed, Elation, DrChrono, Cerbo
- • Sub-second average response time
Vendor REST APIs
- • Tebra Kareo REST, Jane App API, AdvancedMD JSON
- • Per-tenant API keys stored in AWS Secrets Manager
- • Schedule, demographics, insurance, task endpoints
- • Rate-limit aware client with exponential backoff
- • Two to four second average round-trip
HL7 v2 over MLLP
- • SIU (scheduling) and ADT (demographics) messages
- • Inbound listener for chart updates, outbound for writes
- • Used where vendors expose interface engine only
- • Tunneled over VPN or AWS PrivateLink
- • ACK-tracked with automatic retry on AE/AR responses
RPA / UI automation (fallback)
- • Headed Playwright workers running on isolated EC2
- • Used for Office Ally, Accuro Cloud (Citrix), legacy Allscripts
- • Vision fallback (xdotool + screenshot OCR) for Citrix
- • Session keeper holds login warm to avoid 24h cooldowns
- • Four to seven second round-trip including page transitions
Read scope
What the AI Reads From Your EHR
Read scope is intentionally narrow. The AI pulls only the data it needs to confirm a patient, book a slot, or answer a clinical question, and nothing else. Every read is logged with the caller phone number and the field accessed.
Scheduling context
- • Provider schedule for the next 90 days
- • Slot availability filtered by appointment type
- • Room and resource constraints per visit type
- • Blocked time, lunch breaks, holiday closures
- • Existing appointment for the caller (reschedule lookup)
Patient identity
- • Demographics: name, DOB, address, phone
- • Active insurance plan and member ID
- • Preferred pharmacy on file
- • Established vs. new patient status
- • Assigned PCP or specialty provider
Clinical summary (opt in)
- • Active problem list (last 24 months)
- • Last visit date and visit type
- • Active medication list for refill verification
- • Allergy list (drug allergies, anaphylaxis flags)
- • Outstanding lab and imaging orders
Practice configuration
- • Provider roster and accepted insurance per provider
- • Appointment type catalog with duration rules
- • Location list and per-location intake requirements
- • Specialty-specific triage and safety protocols
- • Self-pay pricing and deposit rules
Write scope
What the AI Writes Back to Your EHR
Write actions are scoped, auditable, and reversible. Every write produces a tenant-side audit row plus an EHR-side note tagged with the AI agent identity. Clinical orders are never written, only flagged as tasks for staff review.
Appointments
- • Book new appointment with provider, slot, type
- • Reschedule existing appointment (cancel and rebook)
- • Cancel with reason code from the conversation
- • Confirm and mark arrived for inbound check-in calls
- • Add appointment note with caller intent
Demographics and insurance
- • Update address, phone, email on file
- • Capture or refresh insurance card details
- • Update emergency contact and preferred pharmacy
- • Flag patient as deceased or moved on caller report
- • Merge candidate when duplicate is detected
Staff tasks and messages
- • Refill request routed to the prescribing provider
- • Lab or imaging result inquiry as a task
- • Billing question routed to the billing inbox
- • Voicemail with transcription attached to chart
- • Clinical callback request with urgency level
Audit and chart notes
- • Call summary appended to patient chart
- • Full conversation transcript stored per-tenant
- • Action log with timestamp, agent ID, intent
- • Recording link (when state law and consent allow)
- • Outcome code for analytics (booked, transferred, voicemail)
Security architecture
How PHI Stays Safe in Transit and at Rest
The AI never sees more than it needs. Security is layered across credentials, transport, storage, and audit. Every tenant has its own isolated credential set and its own encryption key.
Per-tenant encryption
- • Dedicated AWS KMS key per practice
- • EHR credentials in AWS Secrets Manager, never in source
- • DynamoDB at-rest encryption with tenant-scoped IAM
- • TLS 1.2+ enforced on every outbound API call
- • Recordings stored in S3 with bucket-policy isolation
Audit and observability
- • Every read and write logged with caller ID and field
- • Seven-year retention on audit trail (HIPAA aligned)
- • CloudWatch alarms on anomalous read volume
- • Daily reconciliation against EHR change feed
- • Per-tenant access reports available on request
BAA and minimum necessary
- • Signed BAA before any integration credential is issued
- • Read scope locked to documented field list
- • Prompts redacted of PHI before LLM logging
- • No clinical decision support, no diagnosis generation
- • Staff escalation for anything outside scripted scope
Network and identity
- • AWS PrivateLink or VPN for HL7 v2 endpoints
- • Per-integration IAM role with least privilege
- • Credential rotation alarms on 90-day cadence
- • Failed-login lockout protection (one attempt, then alert)
- • No shared bot account across tenants, ever
Failure modes
When the EHR API Goes Down, What the AI Does
Every integration eventually fails. The AI is designed to degrade safely: it never invents a slot, never confirms a booking it cannot verify, and always tells the caller the truth about what just happened.
EHR completely unreachable
- • Caller is told the booking system is briefly offline
- • Callback request is captured with preferred time window
- • Sentinel alarm fires within 60 seconds to on-call
- • Practice staff get Slack and SMS notification
- • Auto-recovery test runs every 5 minutes
Write succeeds but verification fails
- • Post-write read confirms the appointment landed
- • If verification fails, AI does not tell the caller it booked
- • Booking is queued for staff manual confirmation
- • Caller is told staff will confirm by SMS within 1 hour
- • Reconciliation job catches orphaned writes overnight
Rate limit or auth expired
- • Exponential backoff with jitter, max 3 attempts
- • Auth refresh runs in parallel with first retry
- • If still failing, falls back to staff transfer
- • Credentials flagged as DEAD for 24h cooldown
- • Persistent failure raises permanent alert, not a retry loop
RPA worker desynced
- • Session keeper detects login screen vs. expected page
- • Relogin is attempted in a fresh browser tab
- • If two attempts fail, worker is marked DEAD
- • Inbound calls fall back to staff transfer immediately
- • Healed state automatically restores AI routing
Integration depth
What Depth You Actually Get Per EHR
Integration depth varies by what the vendor exposes. These four hubs show the full range: native FHIR with deep write support, vendor REST with full booking, RPA fallback for legacy, and a Canadian system with hybrid handling.
FHIR R4 Native
athenahealth
Full read and write via SMART on FHIR. Booking, demographics, refill tasks.
Vendor REST
Tebra Kareo
Production REST integration. Schedule, patient lookup, booking with EC2 session keeper.
RPA Fallback
Office Ally
Headed Playwright workers, auto-relogin, daily HTML scrape for live availability.
Vendor REST
Jane App
Canadian PHIPA-aware integration. Booking, intake forms, charting handoff.
Security posture
Review the Security and HIPAA Stack
Per-tenant KMS keys, signed BAAs, seven-year audit retention, and minimum-necessary read scope. The full security architecture and HIPAA control mapping is published.
See it on your stack
Test the Integration Against Your EHR
Bring your EHR, your credentials, and a real call. We will demo a live booking end to end and show you the audit row that lands in your chart.
Keep exploring