Telehealth Software 2026: AI Video, HIPAA, Build Cost

Telehealth software is no longer a pandemic-era stopgap — it is the front door of US primary care, behavioral health, chronic-disease management and post-op follow-up. The global telehealth market is on track from USD 153.84B in 2025 to USD 191.88B in 2026, growing at a 21–25% CAGR, and the buyers asking us for proposals are no longer asking if they should build a video-consultation platform. They are asking which video stack to bet on, what HIPAA missteps will sink them, and how to ship in 12–16 weeks without overspending on a 2020-era architecture.

This guide is the playbook we share with healthcare CTOs and founders before we sign an SOW. It covers the video stack you should pick in 2026, the AI features that actually move clinical and revenue KPIs (and the ones that are still hype), the HIPAA / HITECH / SOC 2 controls a software-vendor BAA forces on you, EHR integration via FHIR, realistic MVP cost ranges with agent-engineering accelerated delivery, and the five questions that decide whether you build, buy, or hybrid.

Why Fora Soft wrote this playbook

Fora Soft has been shipping real-time video and audio products since 2005 — long enough to remember Flash-RTMP, the WebRTC bring-up of 2013, the Twilio Video heyday, and now the Twilio Video sunset that is pushing every telehealth platform toward LiveKit, Daily and Agora. About 60% of the projects on our docket are video-first, and a meaningful share are healthcare or telemedicine.

The most directly relevant case is CirrusMED — a HIPAA-compliant subscription telemedicine platform we built for a US private practice. CirrusMED runs DPC (direct primary care) for ~1,500 patients with WebRTC video consultations in-browser (no app download), 24/7 secure doctor-patient messaging, an EMR that captures vitals, allergies, family history and prescriptions, lab/imaging order routing, and subscription billing from $39/mo. The owner, Christopher Highley of Preferred Family Medicine, called the wireframing and scoping “detailed and on time” in his post-launch review — that is the level of pre-build planning we believe telehealth deserves.

If you want a feel for our broader healthcare and real-time-video bench, see the telemedicine service page, the Video Interpretations project (HIPAA-compliant medical-translator video platform with 700+ translators), and our deep-dive on P2P vs MCU vs SFU architectures.

The 2026 telehealth-software stack at a glance

A modern, AI-powered video-consultation platform stacks up into eight layers. Each layer has a real build-or-buy decision behind it, and most teams that overspend got a wrong answer at exactly one of these layers.

The eight layers

1. Identity & access. Patient and clinician auth, MFA, RBAC, optional SSO into hospital IdPs (SAML, OIDC). Buy: Auth0, AWS Cognito, Clerk. HIPAA-eligible only with a signed BAA.

2. Real-time video / audio. WebRTC over an SFU. Build is realistic only if you have a media-server team; otherwise pick a managed SDK (LiveKit Cloud, Daily, Agora, Amazon Chime SDK, Zoom Video SDK).

3. Asynchronous communication. Secure messaging, file/image sharing, push, SMS & email reminders. Twilio (with BAA) and Sendbird are the common picks; Stream Chat is gaining ground.

4. EMR / EHR layer. Either your own lightweight EMR (CirrusMED-style: vitals, allergies, prescriptions tabs) or integration with Epic, Oracle Health (Cerner), Athenahealth, eClinicalWorks via FHIR R4 + SMART on FHIR.

5. Workflow. Scheduling, queueing, intake forms, e-consent, e-prescribing (DrFirst, Surescripts), lab/imaging order routing, billing & claims (CPT 99421–99423, 99441–99443).

6. AI augmentation. Ambient scribing, real-time transcription, translation, noise suppression (Krisp, RNNoise), background blur, agent-assist (clinical decision support during the call).

7. Compliance & observability. Six-year audit logs, key management (KMS), DLP, access reviews, breach-notification flow, SOC 2 + HIPAA + (where applicable) GDPR / HITRUST.

8. Hosting. AWS, Azure or GCP under a BAA. Specialty options: ClearDATA, Aptible. Picking the right region and isolating PHI workloads is half the SOC 2 story.

The video layer: WebRTC, SFU and codec choices that matter

Telehealth video is overwhelmingly 1-on-1 (patient + clinician), with occasional group calls (family, interpreter, specialist consult). That makes the architecture decision simpler than most product teams expect.

P2P, SFU or MCU?

P2P (peer-to-peer). Cheapest to run — no media server. Works fine for 1-on-1 visits with cooperative networks. Falls apart at 3+ participants (mesh blows up CPU on each client) and offers nowhere to record server-side, attach a transcription pipeline, or enforce a media policy. Default to P2P only if your roadmap is locked at “1 patient + 1 clinician, no recording, ever.”

SFU (Selective Forwarding Unit). The 2026 default. The server forwards each participant’s media stream to the others without re-encoding. Low CPU, sub-200ms latency, simulcast-friendly, and the natural attach point for recording, transcription and AI scribes. LiveKit, Daily, Agora, mediasoup, Janus, Pion, Jitsi all run SFUs.

MCU (Multipoint Control Unit). Re-encodes streams into one composite. Saves client CPU and bandwidth, costs you server CPU and adds 200–500ms latency. Telehealth has rarely needed it since 2020. Defensible only when clients are very low-bandwidth (older Android, rural broadband) AND you have to support 4+ participants.

Codec choices: VP8, VP9, H.264, AV1

VP8. Universally supported. Safe default. Lowest CPU. Bandwidth-hungry compared with VP9.

VP9 / H.264. Better compression. Use VP9 with simulcast for diverse-bandwidth panels (clinician on fiber, patient on rural LTE). H.264 if you have to interop with hardware endpoints or recording archives.

AV1. The 2026 long-term bet. ~30% better compression than VP9 at equal quality. Encoder CPU is the catch — offload to hardware where you can. Worth enabling for the clinician side first; defer aggressive client-side AV1 until older patient devices age out.

Latency targets that actually matter for clinical UX

Clinicians read interruptions and crosstalk as “the platform feels broken.” Hold yourself to glass-to-glass latency under 300ms p95, MOS > 4.0 on the standard 1–5 audio scale, and a packet-loss-tolerant audio codec (Opus DTX + RED). Anything over 500ms latency makes natural turn-taking impossible and reliably lowers patient NPS.

AI features that actually earn their keep in telehealth

Healthcare AI vendors will sell you sentiment dashboards, “AI co-pilots” and emotion-recognition mosaics. Most of those are demo candy. The features that move clinician satisfaction, throughput and revenue in 2025–2026 are narrower and more boring.

Ambient AI scribing — the only feature with proven ROI

An ambient scribe listens to the visit, generates a structured SOAP note, and writes it into the EHR for the clinician to review and sign. Real evidence of impact: clinicians report saving 1–2 hours per day on documentation. Abridge, Nuance DAX Copilot (now Microsoft Dragon Copilot), Suki, Augmedix, DeepScribe and Ambience all sell production-grade scribes. KLAS rated Abridge top of category in 2025 and the FDA cleared autonomous prescribing/lab-order queueing for one ambient-scribe vendor in early 2026 — the first time a scribe has crossed that line.

For an in-house build, the cleanest pattern is: SFU side-track a clean audio stream → managed STT (Deepgram Nova-3 Medical, AssemblyAI Universal-2, or Azure Speech in HIPAA mode) → LLM (GPT-4o, Claude 3.7 Sonnet, or a fine-tuned medical model) for SOAP-note extraction with a strict JSON schema → clinician review UI → FHIR DocumentReference into the EHR.

Real-time transcription & translation

Real-time captions help hard-of-hearing patients, non-English-dominant patients, and post-visit summary generation. Translation lets one English-speaking clinician serve a Spanish-speaking, Mandarin-speaking, or ASL-via-VRI patient population without booking a human interpreter for every visit. We built exactly that pattern for the Video Interpretations project — HIPAA-compliant 3-way calls between patient, clinician and one of 700+ on-demand human interpreters, with AI translation as a fallback for off-hours.

Background noise suppression

Krisp (HIPAA-eligible, bidirectional) outperforms RNNoise for clinical settings. Patients call from cars, kitchens, and pediatric chaos — suppression lifts MOS by 0.4–0.8 in our internal tests. Either license Krisp at the SDK level or run an open-source RNNoise/DeepFilterNet pipeline in the SFU egress.

Symptom-checker chatbots and pre-visit triage

A pre-visit triage bot can shave 4–7 minutes per visit by collecting chief complaint, history, allergies and current meds before the clinician joins. Useful, but build to a clinically validated symptom-rule library (Buoy, Infermedica APIs) instead of free-form LLM diagnosis — the FDA and your malpractice carrier care about that distinction.

Emotion and sentiment detection — useful for behavioral health, optional everywhere else

Real-time facial-emotion analysis and voice-prosody features can support behavioral-health clinicians by flagging anxiety markers or affect changes mid-call. Peer-reviewed evidence is improving. But this is a clinician-aid signal, not a diagnostic, and treating it as the latter creates regulatory and ethical risk. If your platform isn’t purpose-built for psych or psychiatry, treat emotion AI as a v2 feature.

Clinical agent assist (CDS during the call)

An always-on agent that listens to the visit, surfaces relevant chart history (last A1C, last BP, allergies), suggests differential diagnoses, and pre-fills referral and order forms. We’ve built this pattern with LiveKit Agents on top of an SFU — see our walkthrough on LiveKit AI agent development.

Video SDK comparison: Daily vs LiveKit vs Agora vs Chime SDK vs Zoom Video SDK

Five managed SDKs cover ~95% of new telehealth builds in 2026. The Twilio Video sunset has redirected most of that pipeline to LiveKit and Daily, with Agora holding strong in cross-border and Chime SDK winning AWS-native shops. Here is the side-by-side we use in scoping calls.

HIPAA, HITECH, GDPR and SOC 2 — what your telehealth platform actually has to do

“HIPAA-compliant” is not a product feature; it is a posture. The OCR has been escalating fines — the 2024–2025 enforcement cycle delivered seven-figure penalties for breaches caused by missing audit logs and unsigned BAAs. Below is the minimum control set every telehealth platform must demonstrate.

1. BAA chain. Every PHI-touching vendor — cloud, video SDK, messaging, monitoring, error tracking, analytics, AI scribe, transcription — must sign a Business Associate Agreement. Sentry without a BAA inside an HIPAA app is a breach waiting to happen.

2. Encryption. AES-256 at rest, TLS 1.2+ in transit, DTLS-SRTP for media. Application-layer field encryption for high-sensitivity fields (genetics, behavioral-health notes). KMS for key rotation; envelope encryption for backups.

3. Access controls. RBAC at minimum (clinician, admin, billing, patient, family proxy), MFA for all clinical and admin roles, automatic session timeout (15 min idle is the OCR norm), and a documented break-glass procedure for emergencies.

4. Audit logging. Six-year immutable retention. Every PHI read/write, login, failed login, data export, and admin action. Watermark exports with the requestor identity. Tamper-evident storage (S3 Object Lock, Azure Immutable Blob).

5. Breach notification. 60-day window. Documented runbook, on-call legal, pre-drafted notice templates. Test the runbook annually — auditors will ask.

6. GDPR overlap (if you serve EU patients). Lawful basis (Art. 6 + 9), data subject access & deletion within one month, EU data residency, EU representative, DPIA before launch. Health data is “special category” under GDPR — treat it as the strictest tier.

7. SOC 2 Type II. Not legally required, but every health-system buyer asks. Aim for Type II with Security + Availability + Confidentiality + Privacy. Add HITRUST CSF only if you target large IDNs.

8. Patient isolation in shared infrastructure. Tenant isolation at the data-row level (tenant_id everywhere) and ideally at the database/schema level for enterprise customers. Cross-tenant queries are a frequent audit-finding pattern.

EHR / EMR integration: FHIR R4 is table stakes

If your buyer is an existing health system, “does it integrate with our EHR?” is the second question after pricing. The answer in 2026 is FHIR R4, with a path to R5.

The four standards you need to know

FHIR R4 / R5. RESTful API for Patient, Encounter, Observation, Condition, MedicationRequest, AllergyIntolerance, DocumentReference, ServiceRequest, AppointmentScheduling, etc. Epic, Oracle Health (Cerner), Athenahealth and eClinicalWorks all expose FHIR endpoints, and the 21st Century Cures Act forces them to keep doing so.

SMART on FHIR. The OAuth2 + OpenID Connect launch flow that lets a clinician click a button inside Epic/Cerner and open your telehealth app, pre-authenticated, with the right patient context already loaded. This is what makes your app a “launchable” clinical tool, not a separate tab.

HL7 v2. The legacy messaging protocol. You will still bump into it for ADT (admission/discharge/transfer), ORU (lab results) and ORM (orders) feeds at older facilities. Plan for a Mirth Connect or Redox integration broker.

USCDI v3 / v4. The minimum data set ONC requires for interoperability. Your FHIR resources should map cleanly to USCDI — otherwise certification gates will fail.

EHR integration patterns

Direct FHIR. You implement the SMART app, register with each EHR’s vendor program (Epic App Orchard / Vendor Services, Oracle Health Code, Athena Marketplace), and integrate site by site. Highest control, highest ops cost.

Aggregator. Redox, Health Gorilla, 1upHealth or Particle Health give you one API that fans out to dozens of EHRs. Slower to customise but dramatically lower per-site engineering cost. Recommended for startups under 20 customer sites.

Roll your own EMR. The CirrusMED pattern: a private practice without a separate EHR runs on your platform’s built-in vitals, allergies, prescriptions and lab-order tabs. Right answer for DPC and concierge models; wrong answer for any health system.

Reimbursement and licensure: the rules that decide whether your platform is billable

A platform that doesn’t fit reimbursement workflows is a platform clinicians won’t use. The CMS post-PHE landscape has consolidated, and the 2025–2026 picture for the US is broadly favourable.

CPT coverage. 99421–99423 (online digital E/M, established patient, 5–10 / 11–20 / 21+ minutes), 99441–99443 (telephone E/M), and the synchronous 99201–99215 series with modifier 95. Behavioural-health audio-only is permanently allowed by CMS.

Telehealth flexibilities extended. CMS extended originating-site and geographic waivers for Medicare telehealth services into the 2027 fiscal year. Behavioural-health audio-only and audio-video are permanent. Most commercial payers have followed CMS’s lead.

State licensure. Clinicians must hold a license in the state where the patient is physically located at the time of the visit. The Interstate Medical Licensure Compact and Nurse Licensure Compact help, but multi-state hire-and-license workflows are still part of every serious platform’s ops. Build credentialling status into the scheduler so a Texas patient is never offered a NY-only physician.

Controlled substances (Ryan Haight Act). The DEA extended pandemic-era flexibilities for telemedicine prescribing of controlled substances through 2026, but the long-term picture is a special telemedicine registration regime. Schedule II prescribing especially still demands an in-person evaluation in most states. Build your e-prescribing workflow around DrFirst or Surescripts and capture an audit trail of in-person history before allowing controlled-substance e-prescribing.

Claims plumbing. Plan for an X12 837P claim generator (or a clearing-house integration with Change Healthcare, Availity or Waystar), eligibility checks (X12 270/271), and an ERA (835) ingestion pipeline so revenue cycle isn’t stuck on paper.

A reference telehealth architecture that ships

The skeleton below is what we deploy when an SOW lands and there are no exotic constraints. It is opinionated on purpose — opinionated stacks ship faster.

Visit data flow (greatly simplified)

Patient books a slot → pre-visit triage bot collects chief complaint → SMS & email reminders fire at T-24h, T-1h, T-15min → clinician opens visit room (LiveKit) → SFU side-tracks audio to STT → LLM drafts SOAP note in real time → clinician reviews and signs → FHIR DocumentReference posted to EHR → ePrescription routed via Surescripts → lab/imaging order routed via integration broker → X12 837P claim queued for clearing-house → patient gets summary in portal + secure messaging follow-up.

Mini case — CirrusMED, a HIPAA telemedicine platform for a US private practice

Situation. Preferred Family Medicine, a US private practice, wanted to escape per-visit billing and run a true direct-primary-care subscription model: monthly, quarterly and annual plans starting at $39/mo with unlimited video visits, 24/7 secure messaging with the chosen physician, lab orders, prescriptions and a lightweight EMR — all HIPAA-compliant, all in-browser, no app download for either side.

What we shipped. A subscription telemedicine platform with WebRTC video chat (HIPAA-compliant), doctor-availability scheduling with SMS & email reminders, 24/7 doctor-patient messaging, a structured EMR (vitals, allergies, family history, surgeries, social history, prescriptions, BMI auto-calculated), lab/imaging order routing direct to testing centers, and a billing/subscription engine for DPC plans. Full case study: CirrusMED on forasoft.com.

Outcome. All ~1,500 patients in the practice now video-chat with their physicians on the platform. The practice is expanding online-first to attract patients beyond its physical catchment area — the entire reason a DPC practice gets built on telemedicine in the first place. Christopher Highley, the practice owner, called the wireframing and user-story phase “detailed and on time” and credited it with cleaner cost estimation and stack decisions on the engineering side.

Cost model — what telehealth software actually costs to build in 2026

The real number depends on three things: the breadth of clinical workflows, the depth of EHR integration, and how much AI you wire in. We work agent-engineering accelerated — less manual code, more LLM-assisted scaffolding and review — which is why our delivery times are typically 25–40% shorter than the 2022 reference data you’ll find on most legacy comparison blogs.

Three realistic build tiers

Tier 1 — DPC / concierge MVP. Web + responsive mobile, 1-on-1 video, scheduling, secure messaging, lightweight built-in EMR, e-prescribing via DrFirst, subscription billing, HIPAA controls. Roughly 12–16 weeks, ~$40K–$90K with our team. CirrusMED-shaped products live here.

Tier 2 — Multi-specialty platform with EHR integration. Adds Epic or Oracle Health integration via Redox/1upHealth, multi-state credentialling, X12 claims plumbing, ambient AI scribe, role-based dashboards (clinician, biller, admin, patient). Roughly 4–6 months, ~$120K–$280K depending on integration breadth.

Tier 3 — Enterprise / health-system grade. SSO into hospital IdPs, native iOS & Android, multi-tenant white-label, HITRUST CSF, deep Epic App Orchard listing, fully owned media stack (self-hosted LiveKit), 24/7 SRE rotation. Typically 9–14 months and $400K+. We don’t over-quote ranges past this band — if a vendor gives you a tight number on enterprise telehealth without a discovery sprint, push back.

Hosting and run-rate

A small DPC platform serving 1,500–5,000 patients runs on AWS HIPAA-eligible services for roughly $1.5K–$5K/month, dominated by RDS Multi-AZ, video minutes (LiveKit Cloud or Daily), and storage for recordings. A health-system tenant with 50K MAU and recordings-on-by-default will sit at $10K–$50K/month. Self-hosting LiveKit on bare-metal Hetzner once concurrency justifies it is the cheapest scale path we know.

A more granular treatment of build cost lives in our telemedicine platform cost guide.

A decision framework — build, buy, or hybrid in five questions

Most failed telehealth builds we get called in to triage went sideways because the team answered “build” on a question that should have been “buy.” Run through these five — if you say “yes” to three or more, you should build.

Q1. Is the clinical workflow your differentiator? If your value prop is a faster cardio diagnostic flow, an SMI-specific pathway, or a DPC subscription model, you need to own the workflow code. Off-the-shelf platforms (Doxy.me, Zoom for Healthcare) won’t bend that far without breaking. Build.

Q2. Are you the payer or the provider? Payers (insurers, employers) need analytics and authorisation hooks no provider-facing platform offers. Providers can sometimes ride a hosted platform (Doxy.me) for the first year. Payer = build. Provider = depends on Q1.

Q3. Will you serve more than one health system? Multi-tenant white-label is hard to retrofit. If your roadmap involves four or more health-system buyers, build with multi-tenant from day 1. Single-system: a platform-and-customise approach is fine.

Q4. Do you need deep EHR integration on day 1? If “launches inside Epic via SMART on FHIR” is a sales requirement, you build. Hosted platforms surface only the integrations they choose. SMART app launch is a senior engineering effort — don’t expect it from a SaaS subscription.

Q5. Are AI features (ambient scribe, agent-assist, triage) part of the value prop? Vendors are catching up, but if AI is the headline, you need control of the call data flow, the LLM choice, and the prompt-engineering loop. That means owning at least the SFU+AI layer. Build.

Five pitfalls that sink first-time telehealth builds

1. Skipping the BAA chain. Teams sign a BAA with their cloud and call it a day. Then Sentry, Mixpanel, Datadog and the AI scribe quietly start touching PHI. The OCR doesn’t care about intent — it cares about signed agreements. Maintain a vendor BAA register the day discovery starts.

2. Ignoring state licensure in the scheduler. The scheduler offers a Texas patient a New York-only physician, the visit happens, the platform gets named in a complaint. Bake licensure into the matching layer: clinician_state_licenses table joined to patient.address.state at booking time, not at the door of the visit room.

3. Treating WebRTC as “just another integration.” Real-time media is a different ops discipline. Reconnects, ICE failures, simulcast tuning, codec fallbacks, jitter buffers — if your team has never run a media product, license a managed SDK and revisit self-hosting at year two. Our WebRTC overview is a decent primer for product folks.

4. Designing for the median device. Telehealth patient devices skew older, smaller-screen, lower-bandwidth and one-handed. Test on a 5-year-old Android in airplane mode with the WiFi flickering. WCAG 2.2 closed captions, ≥48px tap targets, font-scaling support, and screen-reader friendly forms aren’t nice-to-haves — they’re the difference between a 70% and a 92% visit completion rate.

5. Building AI before building observability. Ambient scribes hallucinate. Agent-assist suggests the wrong differential. Without per-visit telemetry (latency, ASR WER, LLM token use, hallucination flags, clinician edits to AI output) you cannot detect drift. Wire the dashboards before you wire the AI.

KPIs — what to measure on a telehealth platform

Quality KPIs. Visit completion rate (target ≥90%), MOS for audio ≥4.0 on the 1–5 scale, glass-to-glass video latency ≤300ms p95, ASR word-error-rate ≤8% on medical terms, clinician-edited AI scribe sentences ≤15%. These are the technical floor. Below them, clinicians blame the platform, not the network.

Business KPIs. No-show rate (industry average ~23%, best-in-class <5% with reminders + predictive outreach), time-to-first-visit, average visits per subscriber per quarter, NPS ≥45, claims clean-rate ≥98%, net collection rate 95–99%. Patient retention beats acquisition spend by an order of magnitude on lifetime value — track 90-day and 12-month retention separately.

Reliability KPIs. 99.95% uptime on the visit room, <1% disconnects per visit, mean-time-to-recover under 15 minutes for media-server outages, audit-log integrity 100% (zero gaps in retention), <60-second cold-start time for scheduling and clinician dashboard. Reliability is what gets you renewed; everything else gets you sold.

When NOT to build a custom telehealth platform

Honesty over upsell: there are situations where the right answer is to license, not build. We tell prospects this on scoping calls and we will tell you here.

You are a single-physician practice doing <100 visits/month. Doxy.me, SimplePractice, or your existing EHR’s built-in video module is fine. A custom build won’t pay back.

You don’t have a unique workflow. If your “edge” is “like Doxy.me but for our brand,” that’s a marketing problem, not a software problem. Buy.

You can’t fund 12 months of operations. Custom telehealth software has a long compliance tail (BAAs, audits, breach drills). If your runway can’t cover a year of ops on top of build, license-and-grow is the right call.

Your buyer is a single existing health system that loves its EHR. Use Epic Telehealth or Oracle Health’s native video, integrate around the edges, and ship in 6 weeks instead of 6 months. The platform problem you imagine you have is rarely worth the integration cost.

The competitive landscape — who you are really compared to

Buyers will benchmark your platform against the names below. Knowing what they’re weak at is half the value-prop conversation.

Teladoc & Amwell. Enterprise-grade, deep insurer relationships, weak on niche workflows. Sell against them on specialty depth and clinician UX.

MDLIVE. Speed and consumer UX. Strong on urgent care; thin on chronic-disease workflows. Sell against them on continuity of care.

Doxy.me & SimplePractice. Solo-clinician focus, friction-free signup, no real EHR or revenue cycle. Sell against them on platform breadth, especially for groups >5 clinicians.

eVisit, Mend, Updox. Mid-market verticals (urgent care, specialty groups, primary care). Sell against them on AI scribe quality and EHR-launch UX.

Zoom for Healthcare & Microsoft Teams Healthcare. Cheap, ubiquitous, generic. Sell against them on healthcare-native workflow (intake, e-prescribing, claims) — they don’t and won’t do those layers.

Implementation roadmap — a 16-week sprint plan that ships

The plan below is what we run for a Tier 1 telehealth MVP. Tier 2 doubles each phase; Tier 3 adds a discovery sprint and a pre-cert audit before any code.

FAQ

What to read next

Ready to ship telehealth software that clinicians actually use?

A telehealth platform that earns its place in 2026 is opinionated about the video stack (SFU over P2P, AV1-ready, MOS-monitored), unapologetic about HIPAA controls (signed BAA chain, six-year audit logs, RBAC, MFA), narrow about AI (ambient scribing first, agent-assist second, emotion detection later), and serious about EHR integration (FHIR R4 + SMART on FHIR launch). Skip any of those and you ship a demo, not a product.

If your build is a Tier 1 DPC MVP, plan for 12–16 weeks and a $40K–$90K budget with an agent-engineering accelerated team. If it’s Tier 2, double both. If it’s Tier 3, run a discovery sprint first — nobody quotes Tier 3 telehealth on a one-call SOW honestly. Whichever tier you’re in, the cheapest 30 minutes you spend on this project is the call where you stress-test your stack and compliance plan with someone who has shipped the same shape of platform before.