By Sagar Shankaran, Founder of CallSphere
The December 27, 2024 NPRM elevates MFA from addressable to required. Here is what that means for AI voice dashboards, agent workload identities, and EHR integrations under 45 CFR 164.312 in 2026.
Key takeaways
The 2024 NPRM is the first time HHS spells out MFA by name. By the time the final rule lands in May 2026 with a roughly 240-day compliance window, every PHI-adjacent login at your AI voice vendor needs a second factor.
Person-or-Entity Authentication at 45 CFR 164.312(d) requires regulated entities to implement procedures to verify that the person or entity seeking access to ePHI is the one claimed. The current rule is silent on multi-factor authentication. The December 27, 2024 NPRM changes that — multi-factor authentication is required, with limited exceptions, for any access to systems containing ePHI. NIST SP 800-66 Rev. 2 already mapped 164.312(d) to NIST SP 800-63B Digital Identity Guidelines, which define AAL2 as the floor for sensitive data and AAL3 with hardware-backed authenticators for high-assurance scenarios. NIST SP 800-53 control IA-2(1) (Multi-Factor Authentication to Privileged Accounts) and IA-2(2) (to Non-Privileged Accounts) are the operational mappings.
MFA is straightforward for human dashboards — TOTP, push, FIDO2/WebAuthn, hardware keys. AI changes the picture for non-human identities. AI agents and tool integrations cannot solve a TOTP challenge. The pattern is mTLS plus short-lived workload identity tokens, optionally bound to a hardware-backed key in an HSM or TPM. SMS-based MFA is deprecated for any account touching PHI under NIST 800-63B's restricted-channel guidance. Phishing-resistant MFA — FIDO2 security keys or platform authenticators — is the 2026 best practice.
Hear it before you finish reading
Talk to a live CallSphere AI voice agent in your browser — 60 seconds, no signup.
Every workforce login enforces MFA via Auth0 or Okta with FIDO2 as the preferred factor and TOTP as fallback. SMS is disabled for PHI dashboards. AI agents and tool integrations authenticate via mTLS plus short-lived (24-hour) workload-identity JWTs minted by AWS IAM Identity Center. EHR FHIR endpoints require mTLS plus OAuth 2.0 client-credentials with rotated client secrets. Healthcare Voice Agent's 14 tools each carry a scoped audience claim and only call the EHR endpoints they need. Audit logs capture every authentication attempt with method, AAL, and outcome. The platform is HIPAA and SOC 2 aligned, with 37 production agents, 90+ tools, 115+ DB tables, 6 verticals, 50+ businesses, 4.8/5. Pricing $149/$499/$1,499; 14-day trial; 22% lifetime affiliate. See /lp/behavioral-health for SUD workflows.
flowchart LR
U[Staff Member] -->|FIDO2 + Password| IdP[Auth0/Okta]
IdP -->|AAL2/AAL3| D[Dashboard]
A[AI Agent] -->|mTLS| WI[Workload IdP]
WI -->|24h JWT| T[Tools]
T -->|mTLS+OAuth| EHR[EHR FHIR]
D --> Audit[164.312 b]
T --> Audit
Is SMS-based MFA acceptable? Not for PHI under NIST SP 800-63B's guidance. The NPRM does not explicitly ban SMS but the trend is toward phishing-resistant MFA.
Do we need MFA for on-premises only access? Under the NPRM, yes. MFA is required for access to ePHI-containing systems — not just remote access.
Still reading? Stop comparing — try CallSphere live.
CallSphere ships complete AI voice agents per industry — 14 tools for healthcare, 10 agents for real estate, 4 specialists for salons. See how it actually handles a call before you book a demo.
What counts as a documented exception? Emergency access, workstation locked to a clinical floor with biometric room access, or break-glass scenarios with post-hoc review. Document the alternative compensating control.
Does AI agent-to-agent traffic need MFA? The functional equivalent — mTLS plus short-lived workload identity. Treat it as machine MFA.
How often should we rotate factors? TOTP secrets every 12 months. FIDO2 keys on personnel change. Workload-identity tokens every 24 hours.
Written by
Sagar Shankaran· Founder, CallSphere
Sagar Shankaran is the founder of CallSphere, where he builds production AI voice and chat agents deployed across healthcare, hospitality, real estate, and home services. He writes about agentic AI, LLM engineering, and shipping voice agents that handle real calls in production.
See how AI voice agents work for your industry. Live demo available -- no signup required.
Using GPT-Realtime-2 for healthcare voice agents. BAA scope, PHI handling, retention, logging, and why a managed platform usually wins this build.
The 2024 NPRM proposes mandatory penetration tests every 12 months and vulnerability scans every 6 months. Here is how an AI voice agent should be tested in 2026.
AI voice and chat logs are a treasure trove for analytics and a liability landmine for HIPAA. Here is how the two de-identification methods at 45 CFR 164.514 actually apply to multi-turn AI transcripts.
Dental practices have HIPAA-aligned obligations and a uniquely high-volume recall and insurance-verification workload. The AI agent that handles both is the highest-ROI build in 2026 — if it is wired correctly.
Healthcare Practice Use Case perspective on Harvey AI's enterprise rollout numbers show legal agents have moved past the pilot stage at AmLaw 100 firms.
Healthcare Practice Use Case perspective on Comet's general-availability launch put an agentic browser in front of millions of consumers, and it works better than the demos suggested.
© 2026 CallSphere LLC. All rights reserved.