How to build a telemedicine app: Architecture, compliance, and cost

Most software is forgiving. You ship, you iterate, you fix bugs in production. Telemedicine is not forgiving.

A HIPAA breach costs $100-$50,000 per record, per violation. A prescribing error has human consequences that no post-incident review can undo. And a video call that drops at the moment a doctor is explaining a diagnosis doesn't get a second chance.

This guide is the architecture and compliance playbook we use when building telehealth platforms. No hand-waving. No "consult a lawyer" deflections. The real decisions and the real tradeoffs.

The market behind these decisions is growing fast. McKinsey estimates that up to $250 billion of current U.S. healthcare spend could potentially move to virtual care. Physicians are already there: the American Medical Association found that 71.4% of physicians used telehealth weekly in 2024, nearly triple the 25.1% who did so in 2018. The clinical adoption has happened. The question now is which platforms are built to handle it safely.

What telemedicine apps actually do

Before the architecture, let's agree on scope. "Telemedicine app" covers a wide range:

• Direct-to-consumer telehealth (Teladoc model): Patients pay per visit, see any available provider

• Practice extension (your doctor's office, but remote): Existing patients see their own providers via video

• Specialty-specific platforms (mental health, dermatology, chronic disease management): Condition-focused with async care models

• B2B employer health (Hims & Hers model): Employers pay, employees get access

• Remote patient monitoring (Livongo model): Continuous data collection plus periodic provider review

Each has different requirements. A direct-to-consumer platform needs a provider marketplace. A practice extension needs deep EHR integration. A specialty mental health platform needs note templates tuned to psychiatric workflows.

Define which category you're building before you touch an API.

Core technical architecture

Patient-facing features

Registration and onboarding - Collect insurance information, medical history, state of residence (for licensing validation), and consent forms. The consent layer matters: HIPAA requires documented informed consent for telehealth in many states. Build this with e-signature capture (HelloSign or DocuSign, both sign BAAs).

Appointment scheduling - Choose between on-demand (next available provider) and scheduled (pick a time). On-demand is better for urgent care and mental health crisis. Scheduled works for chronic disease management and established patient relationships. Most platforms offer both.

Video visits - See the SDK comparison below. The core requirements: provider and patient video/audio with screen share capability, visit recording (optional, with consent), chat messaging during call, and document sharing.

Async care - Text and photo-based consultations where patients submit a complaint with photos and providers respond within hours. Async is the right model for dermatology, prescription refills, and many primary care encounters. It costs less to build than live video and handles 60-70% of typical primary care volume.

Medical records access - Patients need to view their visit summaries, prescriptions, and lab results. Build this as a document viewer with controlled access - not a full PHR unless that's your core product.

Provider-facing features

Provider dashboard - Queue management, patient records, note-taking interface, prescription writing, and referral management. This is the most complex part of the build. Budget 30-40% of total engineering time here.

Visit documentation - SOAP notes (Subjective, Objective, Assessment, Plan) with templates for your specialty. Pre-built templates save provider time and improve documentation quality. Budget $15,000-$25,000 for a solid templating system.

Availability management - Providers set their schedules, buffer times, and appointment types. Integrate with their calendar (Google Calendar or iCal) if you're building a practice extension.

Prescribing workflow - Provider writes prescription, system validates controlled substance rules for the patient's state, routes to pharmacy. See the e-prescribing section below.

Admin and operations

Practice management - For multi-provider platforms, you need group management, role assignment, and billing oversight.

Insurance and billing - The hardest part of telemedicine. Insurance reimbursement for telehealth varies by state, payer, and service type. The technical implementation (EDI 837 claim files, ERA remittance parsing) is genuinely complex. Most early-stage platforms use a billing clearinghouse like Waystar or Availity to abstract this. Budget $25,000-$40,000 for basic insurance billing integration.

Analytics and reporting - Visit volume, provider utilization, completion rates, patient satisfaction. Standard reporting, $10,000-$15,000.

HIPAA compliance: The non-negotiable layer

HIPAA is not a checkbox. It is a design philosophy. Every architectural decision gets run through the same question: does this put Protected Health Information (PHI) at risk?

The IBM Cost of a Data Breach Report 2024 shows what's at stake: healthcare had the costliest data breaches of any industry for the 14th consecutive year, averaging $9.77 million per incident - more than double the $4.88 million global average across all industries. And healthcare breaches take an average of 279 days to identify and contain, five weeks longer than other sectors.

"Every HIPAA audit we've seen catches the same things: log files containing PHI, non-BAA vendors used because they were faster to set up, and access controls that were supposed to be role-based but weren't enforced at the API layer. Compliance is an architecture decision, not a legal checkbox you tick after the code is written." - Ashit Vora, Captain at RaftLabs

What counts as PHI

Name, date of birth, address, phone number, email, SSN, medical record number, health plan ID, account numbers, biometric identifiers (fingerprints, retinal scans), full-face photos, IP addresses in certain contexts, and any other identifier that could connect a health condition to a specific person.

Most of your app's data is PHI. Design accordingly.

Technical safeguards required

Encryption at rest and in transit - All PHI stored in your database must be encrypted. All data in transit must use TLS 1.2 or higher. This is table stakes - any serious cloud provider gives you this with minimal configuration. The risk is in the gaps: log files, backups, error messages that might include PHI.

Access controls - Role-based permissions (providers see their patients, admins see all, patients see only their own data). Session timeout after 15-30 minutes of inactivity. Multi-factor authentication for providers.

Audit logs - Every access, modification, and deletion of PHI must be logged with timestamp, user ID, and action. Logs must be retained for 6 years and protected from modification. AWS CloudTrail plus a structured logging system handles this well.

Business Associate Agreements (BAAs) - Every vendor that touches PHI must sign a BAA. This includes your cloud provider (AWS, Google Cloud, Azure all offer BAAs), your video SDK provider, your payment processor, your analytics platform, and your support ticketing system. If a vendor won't sign a BAA, you cannot use them for anything touching PHI.

Risk assessment - HIPAA requires a documented security risk analysis covering threats, vulnerabilities, and mitigations. This is a real document, not a template exercise. Budget $5,000-$15,000 for a security firm to conduct this if you don't have internal expertise.

The BAA checklist

Before you select any vendor, confirm they will sign a BAA:

• Video SDK: Daily.co (yes), Twilio (yes), Vonage (yes), Zoom Healthcare (yes, standard Zoom no)

• Cloud: AWS (yes), GCP (yes), Azure (yes), generic hosting (probably not)

• Analytics: Segment HIPAA plan (yes), standard Mixpanel (no), Amplitude Healthcare tier (yes)

• Payment: Stripe (yes, but PHI must not touch their servers), Braintree (yes)

• Support: Zendesk for Healthcare (yes), standard Zendesk (no)

Using non-BAA vendors for PHI-adjacent workflows is the most common HIPAA gap in early-stage telehealth startups.

Choosing your video infrastructure

Option 1: Daily.co

Cost: $0.01-$0.04/participant minute. $99/month minimum.

Why it works: Simplest API in the space. Their HIPAA-compliant plan includes BAA signing. SDK is well-documented. Custom UI is straightforward.

Limitation: Less control over infrastructure than Twilio. Network routing is managed, not configurable.

Best for: Teams that want to move fast and don't need custom video network routing.

Option 2: Twilio video

Cost: $0.004/participant minute (Group Rooms). More complex pricing for large deployments.

Why it works: More control over recording, composition, and network topology. Strong documentation and community.

Limitation: More engineering effort to get right. HIPAA compliance requires a specific setup and signed BAA.

Best for: Teams building complex multi-participant workflows (group therapy, case conferences).

Option 3: Amazon chime SDK

Cost: $0.0017/attendee minute. Cheapest at scale.

Why it works: Native integration with AWS infrastructure. Strong if you're already deep in the AWS ecosystem.

Limitation: More complex setup. Documentation is solid but the SDK is less developer-friendly than Daily or Twilio.

Best for: Platforms expecting very high call volume where per-minute costs matter significantly.

EHR integration: Do you need it day one?

Honest answer: probably not.

EHR integration (Epic, Cerner, Athenahealth) is the single biggest scope addition you can make. It costs $30,000-$60,000 in development, adds 2-4 months to your timeline, and requires extensive testing with each health system's specific configuration.

You need EHR integration when:

• You're selling to hospitals or health systems that require it for their workflows

• Your clinical protocols depend on accessing a patient's medication history or problem list in real time

• You're applying for reimbursement under value-based care programs that require claims data reconciliation

You don't need it when:

• You're building a direct-to-consumer platform with no existing patient relationships

• Your providers use your platform as a standalone practice

• Your focus is async care where real-time EHR data is not part of the workflow

Most telemedicine startups launch without EHR integration and add it in year two when they start selling to health systems.

E-prescribing: The details nobody talks about

If providers on your platform prescribe medications, you need a certified e-prescribing integration. "Certified" means DEA EPCS (Electronic Prescribing for Controlled Substances) compliant for Schedule II-V drugs, and compliant with state prescribing laws.

The integration requires:

• A prescribing network partner (Surescripts is the dominant network)

• State-by-state controlled substance validation (each state has different rules for telemedicine prescribing)

• Two-factor authentication for providers when prescribing controlled substances

• Prescription routing to patient's preferred pharmacy

DrFirst is the most common middleware layer for teams that don't want to build directly on Surescripts. Their API is documented and they handle the network complexity. Expect $20,000-$30,000 in development plus $2,000-$4,000/month in licensing.

State licensing validation

This is the most overlooked compliance requirement in telemedicine.

Providers must be licensed in the patient's state at the time of service. Not their home state. Not the state where they practice in-person. The patient's state.

Your platform must:

1. Capture patient state at registration
2. Validate each provider's license status in that state before allowing a visit
3. Block visits where the provider is not licensed (or show only providers who are)

The technical implementation requires a licensing database - either built internally or sourced from a provider like Nursys (nursing), Federation of State Medical Boards (physicians), or a licensing verification service like Modio or Medallion.

Budget $15,000-$25,000 for a solid licensing validation system. Build it wrong and you're liable for unlicensed medical practice.

Build plan: 12-week MVP

Here is the sequenced build for a basic telemedicine MVP:

This gets you to a working telehealth platform in 12 weeks. Not feature-complete. Working. From here, you add EHR integration, insurance billing, and e-prescribing as separate phases.

The mistakes teams make

Using non-BAA tools because they're faster. Teams under pressure grab Calendly for scheduling or standard Zoom for video calls. Both are HIPAA violations waiting to happen. The fix takes a sprint. The breach investigation takes months.

Building the provider experience last. Provider dashboards are where visits actually happen. Underinvesting here means providers have a terrible experience and the platform fails not from patient adoption but from provider attrition.

Skipping state licensing validation. It seems like a detail until your first out-of-state visit triggers a licensing board complaint.

Assuming async care is simpler than video. Async care has its own compliance requirements (documented response time SLAs, escalation protocols, coverage for when a provider is unavailable). It's a different product, not a simpler one.

Under-specifying the note-taking system. Generic text fields for clinical notes create liability. Build structured note templates with the clinical team from day one.

How much does it cost to build a telemedicine app?

HIPAA compliance adds 20-30% to build cost regardless of tier - covering encrypted storage, audit logging, BAA procurement with every vendor, and a security risk assessment. EHR integration is a separate line item that adds $30K-$60K and 2-4 months.

See how much a healthcare app costs for a detailed breakdown.

How long does it take to build a telemedicine app?

The 12-week path treats compliance as a design constraint from week 1, not a checklist at the end. EHR integration is always a separate phase - add it after you have provider demand that justifies the cost.

RaftLabs has shipped HIPAA-compliant telemedicine platforms in 12 weeks. The key is designing the data architecture and BAA procurement in week 1, not week 10.

What to build vs. what to buy

The principle: build what differentiates your clinical workflow. Buy infrastructure and compliance tools where established vendors have regulatory relationships that would take you years to build.

That's how you ship a production-grade telemedicine platform in 12 weeks instead of 18 months.