By Sagar Shankaran, Founder of CallSphere
ONC's HTI-1 Final Rule turned predictive decision-support transparency on, USCDI v3 became the baseline January 1, 2026, and information blocking now reaches AI voice and chat. Here is what changed and how to comply.
Key takeaways
Information blocking used to be about EHR exports. In 2026 it reaches the AI voice agent that schedules an appointment, the chat agent that triages a symptom, and the predictive model that flags an at-risk caller — and ONC's HTI-1 Final Rule says transparency is no longer optional.
The Office of the National Coordinator for Health Information Technology (ONC) finalized the Health Data, Technology, and Interoperability (HTI-1) Certification Program Updates, Algorithm Transparency, and Information Sharing rule under the 21st Century Cures Act. The rule introduces first-of-its-kind transparency requirements for predictive decision-support interventions (predictive DSIs) inside certified Health IT — a category that explicitly includes machine learning, natural language processing, and large-language-model outputs. Effective January 1, 2026, the United States Core Data for Interoperability (USCDI) Version 3 becomes the baseline, expanding the dataset to include sexual orientation, gender identity, functional status, disability status, mental and cognitive status, and social determinants of health. The rule also updates the eight information-blocking exceptions and tightens definitions of "actor" and "interference."
In December 2025, HHS published a follow-on proposed rule that would amend the broader Health IT regulatory regime. Throughout, the through-line is the same: if a developer, provider, or health information exchange withholds, slows, or distorts access to electronic health information — including AI-generated outputs that are part of the designated record — the OIG can refer civil monetary penalties up to $1 million per violation.
Hear it before you finish reading
Talk to a live CallSphere AI voice agent in your browser — 60 seconds, no signup.
For AI voice and chat the implications are sharp. First, every predictive DSI riding on certified Health IT must publish source attributes — training data, validation methodology, intended use, fairness metrics, exclusion criteria, and known risks — on demand. Second, anything the AI agent generates and stores in the EHR (call summary, sentiment, lead score, triage outcome, refill prediction) is electronic health information and falls inside the information-blocking framework. Third, USCDI v3 means the agent must be able to capture, transmit, and request SOGI, disability, and SDOH fields cleanly without dropping data on the floor. Fourth, any rate-limiting, fee, or technical hurdle that delays a patient's API access to those AI-generated artifacts is presumptively interference unless an exception applies.
CallSphere is HIPAA and SOC 2 aligned. The encrypted PostgreSQL healthcare_voice database — one of 115+ tables on the platform — stores transcripts, sentiment scores (-1.0 to +1.0), lead scores (0–100), AI summaries, and audit trails. The Healthcare Voice Agent ships with 14 tools, full post-call analytics, and a tamper-resistant audit log. USCDI v3 fields are first-class: the schema accepts SOGI, functional status, and SDOH directly, and FHIR adapters expose them on patient request. Predictive DSI metadata — model name, version, training window, fairness summary — is written next to every scored event so a patient or provider can request the source attributes without engineering work. The platform runs 37 production agents, 90+ tools, 6 verticals, and 50+ businesses at a 4.8/5 rating. Pricing is $149 Starter, $499 Pro, $1,499 Scale, with a 14-day trial and a 22% lifetime affiliate program. Healthcare deployments anchor at /industries/healthcare.
flowchart LR
A[Caller] --> B[Voice Agent]
B --> C[Predictive DSI]
C --> D[Source Attributes\nPublished]
B --> E[(healthcare_voice)]
E --> F[USCDI v3 Fields]
E --> G[FHIR API]
G --> H[Patient Access]
Does the AI's reasoning have to be released to the patient? The output and the source attributes are in scope. The model weights themselves are not. Publish the metadata HTI-1 enumerates and the call-summary text.
Still reading? Stop comparing — try CallSphere live.
CallSphere ships complete AI voice agents per industry — 14 tools for healthcare, 10 agents for real estate, 4 specialists for salons. See how it actually handles a call before you book a demo.
Are non-certified Health IT modules covered? Information-blocking applies to actors, not just certified modules. If your AI sits next to a certified EHR and influences EHI access, you are likely in scope.
What if a tenant restricts data sharing? You can honor a tenant configuration only if it lines up with one of the eight exceptions and is documented in writing.
Does USCDI v3 require new EHR fields? Yes. Plan a schema migration; do not stuff SOGI into a free-text note.
Written by
Sagar Shankaran· Founder, CallSphere
Sagar Shankaran is the founder of CallSphere, where he builds production AI voice and chat agents deployed across healthcare, hospitality, real estate, and home services. He writes about agentic AI, LLM engineering, and shipping voice agents that handle real calls in production.
See how AI voice agents work for your industry. Live demo available -- no signup required.
A founder's guide to the female voice generator landscape: AI female voices, Japanese voices, robot voices, and how CallSphere ships 57+ voices live.
MOS 4.3+ is the band where AI voice feels human. Drop below 3.6 and conversations break. Here is how to measure, improve, and alert on MOS in production AI voice using G.711, Opus, and the underlying packet loss / jitter / latency math.
Texas SB 1188 requires US-resident EHRs from January 1, 2026; Nevada's consumer-health-data law constrains health data; Colorado AI Act takes effect June 30, 2026. AI voice agents must architect for state-by-state data localization.
When your AI voice agent gets one-way audio, missed DTMF, or codec mismatch, sngrep and Wireshark are still the fastest path to root cause in 2026. Here is the playbook.
PCI DSS 4.0.1 future-dated requirements went mandatory March 31, 2025. AI voice agents that take card payments on behalf of healthcare providers — copays, deductibles, payment plans — must meet 12 requirements with DTMF masking and scope reduction.
Transcoding RTP to WebSocket is more CPU-intensive than people expect. For AI voice in 2026, where you place the transcode (edge near the carrier vs central near the model) decides your cost-per-minute.
© 2026 CallSphere LLC. All rights reserved.