By Sagar Shankaran, Founder of CallSphere
DrChrono and Athenahealth both expose schedule, demographics, and appointment APIs. We walk through HIPAA-aware integration patterns for a CallSphere healthcare voice agent.
Key takeaways
The two cloud EHRs with the friendliest APIs for AI integration in 2026 are DrChrono and Athenahealth. Both expose patient demographics, schedule, and appointment write endpoints. CallSphere's healthcare deployment ships pre-built tools for both.
flowchart TD
Client[MCP client · Claude Desktop] --> MCP[MCP server]
MCP --> Tool1[Tool: Calendar]
MCP --> Tool2[Tool: CRM]
MCP --> Tool3[Tool: KB search]
Tool1 --> SaaS1[(Calendly)]
Tool2 --> SaaS2[(Salesforce)]
Tool3 --> SaaS3[(Notion)]A patient calls Monday morning. CallSphere voice agent identifies them by phone in DrChrono, confirms DOB for HIPAA, fetches the next available slot with their preferred provider, books the appointment, sends an intake form via SMS, and confirms insurance is on file. Total time 90 seconds. The medical assistant who used to do this can now triage clinical messages instead.
DrChrono at https://app.drchrono.com/api: GET /patients/?phone_number=... for lookup, POST /patients/ for create, GET /appointments/?date=...&doctor=... for schedule, POST /appointments/ for booking, PATCH /appointments/{id}/ for reschedule. OAuth 2.0 with scopes patients, patients:summary, calendar. Webhooks fire on APPOINTMENT_CREATED, APPOINTMENT_MODIFIED.
Athenahealth at https://api.athenahealth.com/v1/{practiceid}: GET /patients with firstname, lastname, dob for demographic match, POST /patients for create, GET /appointments/open for slot search by department and provider, PUT /appointments/{appointmentid} for booking (Athenahealth uses PUT to claim a pre-existing open slot rather than POST a new one), and PUT /appointments/{appointmentid}/cancel to cancel.
Hear it before you finish reading
Talk to a live CallSphere AI voice agent in your browser — 60 seconds, no signup.
Auth: OAuth 2.0 with Athenahealth-specific token endpoint. Required Practice ID in path.
Both are HIPAA-eligible with BAA. CallSphere maintains BAAs with our subprocessors and runs healthcare workloads in segregated VPC tenancy.
CallSphere's Healthcare vertical ships 14 tools (lookup_patient, create_new_patient, get_available_slots, schedule_appointment, reschedule_appointment, cancel_appointment, verify_insurance, send_intake_link, add_clinical_note, request_callback, escalate_to_clinician, triage_symptom, book_lab, request_refill). The same 14 wrap DrChrono, Athena, eClinicalWorks, and Practice Fusion via a thin adapter. The voice agent never sees the EHR brand.
CallSphere runs 37 specialist agents across 6 verticals with 90+ tools and 115+ DB tables. Pricing $149 / $499 / $1499 with a 14-day trial and a 22% affiliate program. Healthcare vertical.
Still reading? Stop comparing — try CallSphere live.
CallSphere ships complete AI voice agents per industry — 14 tools for healthcare, 10 agents for real estate, 4 specialists for salons. See how it actually handles a call before you book a demo.
patients and calendar. For Athena, request department-scoped access.lookup_patient with two-factor verification: phone match + DOB confirmation. Never confirm match by phone alone.get_available_slots. Filter by provider, location, visit type, and patient insurance acceptance.POST /appointments/. For Athena use PUT /appointments/{id} against an open slot ID returned by appointments/open.APPOINTMENT_MODIFIED so out-of-band schedule changes propagate.// Book an Athenahealth appointment by claiming an open slot
const booking = await fetch(
`https://api.athenahealth.com/v1/${practiceId}/appointments/${appointmentId}`,
{
method: "PUT",
headers: {
Authorization: `Bearer ${athenaToken}`,
"Content-Type": "application/x-www-form-urlencoded",
},
body: new URLSearchParams({
patientid: matchedPatient.patientid,
appointmenttypeid: visitTypeId,
bookingnote: "Booked by CallSphere voice agent",
}),
}
);
Is this HIPAA-compliant? Yes when both vendors have BAAs and the LLM provider is HIPAA-eligible. CallSphere uses HIPAA-BAA models and redacts PHI from non-eligible logs.
How do you handle DOB confirmation? Voice agent asks; speech-to-text outputs are matched against EHR DOB; mismatch routes to a human. We never confirm a patient by phone alone.
Does this work on FHIR? Yes. Both DrChrono and Athena expose FHIR endpoints; CallSphere supports them as an alternate adapter behind the same 14-tool interface.
What about Epic and Cerner? They expose FHIR endpoints with patient context and SMART-on-FHIR auth. Different scope review process; CallSphere supports both for enterprise deployments.
How do I get started? Start a trial, pick Healthcare, and connect your EHR in Settings. See the healthcare vertical page.
Written by
Sagar Shankaran· Founder, CallSphere
Sagar Shankaran is the founder of CallSphere, where he builds production AI voice and chat agents deployed across healthcare, hospitality, real estate, and home services. He writes about agentic AI, LLM engineering, and shipping voice agents that handle real calls in production.
See how AI voice agents work for your industry. Live demo available -- no signup required.
Graphiti is the open-source temporal knowledge graph for AI agents in 2026. Learn how bi-temporal memory beats vector RAG for voice agents and long-running LLMs.
Using GPT-Realtime-2 for healthcare voice agents. BAA scope, PHI handling, retention, logging, and why a managed platform usually wins this build.
Self-correction is now a property of the model, not the framework. What that means for production agent reliability, voice/chat fallbacks, and CallSphere.
How to design a multi-agent system using MCP for tools and A2A for cross-vendor coordination, with a CallSphere voice agent as a participating node.
The 2024 NPRM proposes mandatory penetration tests every 12 months and vulnerability scans every 6 months. Here is how an AI voice agent should be tested in 2026.
Offline evals catch regressions before deploy on a fixed dataset. Online evals catch real-world drift on live traffic. You need both — here is how we run them.
© 2026 CallSphere LLC. All rights reserved.