Skip to main content

New features

Telehealth documentation & compliance (CL) A new clinical compliance layer wraps the existing telehealth session flow. It adds per-patient telehealth consent with annual renewal and audit-immutable revocation, a pre-session safety checklist, jurisdiction-mismatch warnings, and mid-session connectivity logging. New Sessions and Compliance pages live under Clinical → Telehealth, and a consent badge surfaces on the patient chart and appointment form. The feature is flag-gated per org with a five-stage rollout — start in surface-only mode for clinician training, then progressively enable consent and safety-checklist blocking. Telehealth billing modifiers continue to flow from the finalized progress note; the compliance layer never publishes modifier data. See the user guide and the admin guide. Embedded payroll run wizard (HR) The new payroll run wizard drives a payroll run end-to-end from Encore — start, preprocess, verify, approve, and submit — while Proliant ReadyPay handles gross-to-net, direct deposit funding, federal and state tax filing, and pay stubs. Drafts can be edited and resumed, finalized runs export to the GL via Finance & Accounting, and the run list at Payroll Runs filters by status. The earlier Gusto Embedded direction has been superseded; /hr/payroll/gusto redirects to the active payroll workspace. See Embedded payroll engine (Proliant ReadyPay). Workspace admin (PF) Org admins can now create, edit, reorder, and disable navigation workspaces from Settings → Navigation & workspaces → Workspace builder. Built-in workspaces (Clinical, Practice Management, HR, and so on) are now defaults that your org can override per workspace, hide, or extend with net-new custom workspaces. Changes appear in the sidebar workspace switcher for every member of your org on next load. See Workspace admin. Navigation telemetry (PF) A new org-admin analytics page surfaces aggregated navigation usage — top routes, active users, top workspaces selected, per-core event volume, cross-core co-navigation pairs, and a daily events time series — over a 7, 30, or 90-day window. The page reads only route templates and event types, never patient or record IDs, so it is PHI-safe by construction. See Navigation telemetry. AI-recommended workspaces (PF) On the workspace builder, a new Suggest workspaces action aggregates the last 30 days of navigation events and returns a structured set of proposed workspaces grounded in real usage. Proposals persist as editable drafts with the AI’s rationale; admins review, edit, and either accept (creating a real workspace) or dismiss. Hallucinated cores or group IDs are stripped before persistence, and recommendations are never auto-applied. See Workspace admin. App Lock: PIN, biometric, and session lock (PF) Staff can now configure a no-PHI lock screen in front of the authenticated app from Settings → Security. Unlock with a 6-digit PIN, a platform biometric (Touch ID, Face ID, Windows Hello, Android biometrics via WebAuthn), or by signing in again. Lock engages on tab background or after your inactivity timeout, preserving session and unsaved work in memory. Org admins can enforce lock-on-mobile and a maximum inactivity timeout that overrides personal preferences. Lock and unlock events are written to the audit log without PHI. See App Lock.

Updates

PHI lane enabled for clinical and practice management AI (PF) The unified AI gateway’s PHI lane is now active for clinical (cl) and practice management (pm) modules. Both modules route to Claude Sonnet 4.6 with a GPT-4o fallback through Vercel AI Gateway under BAA and Zero-Data-Retention. AI calls from these modules that opt into lane: 'phi' no longer fail closed. Modules without an explicit BAA-covered model entry (for example gr, hr, fa, ce) continue to throw PhiLaneNotConfiguredError on the PHI lane and must use the standard lane. See PF-111 Unified AI Gateway Integration. In-workspace sidebar route sync The in-workspace sidebar now stays in sync with the /workspace/:id route — direct deep-links open into the correct workspace on first paint, the entry race that briefly flashed the global sidebar is fixed, and exiting a workspace cleanly returns you to the global navigation state. SMS consolidated on RingCentral RingCentral is now the only supported SMS provider in Encore OS. The Twilio option has been removed from CE Settings → SMS, the Twilio phone-number field is no longer stored, and the Supabase secrets, edge functions, and webhook paths that handled Twilio have been retired. If your organization was previously configured for Twilio, re-provision an SMS-enabled number in RingCentral and finish setup in CE Settings → SMS. See Email & SMS setup and the SMS notifications guide. Teller bank-feed integration removed The unused Teller bank-feed integration has been retired from Finance & Accounting. The Teller-related columns on fa_bank_accounts, the Teller hosts in the platform CSP, and the Teller fields exposed by useBankAccounts are gone. Bank feeds continue to be supported through Plaid plus manual statement import — see Plaid setup and the Plaid integration architecture.