athenahealth
athenahealth has the broadest API surface of the EHRs reviewed, with 800+ proprietary endpoints covering clinical, scheduling, and billing workflows. However, clinical notes write requires embedded SMART apps, and the push-based event system is still in alpha.
Medium complexitySelf-serveProprietary RESTFHIR R4HL7v2C-CDA
FHIR Version
R4 (US Core STU3.1.1)
Rate Limit
Not published — enforced via 403
Sandbox
Yes — auto-provisioned on app creation
ONC Certified
Yes
Capability Matrix
| Capability | Read | Write |
|---|---|---|
| Patients | Via FHIR or proprietary API. | Create + Update via proprietary API after contract + BAA. |
| Appointments | Full scheduling via proprietary API. | Book, update, cancel, check-in via proprietary API. |
| Encounters | Write primarily through embedded SMART on FHIR apps, not direct API. | |
| Clinical Notes | DocumentReference + DiagnosticReport read. | Writing to encounter note sections possible via SMART on FHIR embedded apps. Scope approval required from athenahealth. |
| Document Upload | POST /patients/{id}/documents/clinicaldocument — PDF upload to patient chart. | |
| Lab Results | DiagnosticReport + Observation via FHIR. | |
| Medications | Write access restricted to specific partner types. | |
| Allergies | FHIR + proprietary API. | No direct write endpoint in standard API. Possible via embedded SMART app pattern. |
| Conditions | FHIR + proprietary API. | Write possible via embedded SMART app pattern. |
| Immunizations | FHIR Immunization read. | |
| Vitals | FHIR + proprietary API. | Write possible via embedded SMART app pattern. |
| Billing / Claims | Claims, charges via proprietary API. | Charge entry, claim creation, credit card payments via proprietary API. |
| Coverage / Insurance | FHIR Coverage + proprietary /insurances. | Capture patient insurance information via proprietary API. |
| Referrals | ||
| Bulk Data Export | EHI Export feature + Data View SQL editor for analytics. | — |
| Events / Webhooks | Legacy polling-based Changed Data Subscriptions (production). FHIR push-based Event Subscriptions in limited alpha (v0.13). | — |
YesLimited (hover for details)No
What's hard about this EHR
- Clinical notes write requires embedded SMART app pattern — no simple 'create note' API endpoint
- FHIR event subscriptions are in limited alpha (v0.13) — not production-ready
- Quarterly breaking changes with mandatory testing deadlines require ongoing maintenance
- No published rate limits or uptime SLAs
- Documentation is SPA-rendered, making automated discovery difficult
- Two separate OAuth flows for proprietary vs. FHIR API tracks
When you might need Cobalt
- Clinical notes write needed: Notes write requires SMART app embedding and scope approval. Cobalt provides a unified write interface.
- Production-ready eventing needed: Push-based event subscriptions are alpha-only and scopes aren't self-service. Cobalt provides production-ready eventing.
- Ongoing API maintenance: Quarterly breaking changes require continuous maintenance. Cobalt absorbs API version management.
- [Vendor]Main API Docs
- [Vendor]Developer Console
- [Vendor]All APIs Reference
- [Vendor]FHIR APIs
- [Vendor]athenaOne Core IG v5.8.0
- [Vendor]Onboarding Guide
- [Vendor]Authorization Overview
- [Vendor]Changed Data Subscriptions
- [Vendor-GitHub]FHIR Event Subscriptions
- [Vendor]ONC Certification
- [Vendor]Marketplace Partners
- [Vendor]Developer Portal Overview