Push Notes (Outbound)

After an AI-assisted encounter completes on the Insight Health platform, we push the generated clinical note to your EHR’s webhook endpoint.

Direction: Insight Health → Your EHR
Method: POST to the webhook URL you provided during onboarding

What you need to build

An HTTPS POST endpoint on your side that accepts the note payload. During onboarding, you provide the URL, an API key for Insight Health to use, and a signing key.

Headers we send

Property	Type	Description
`Content-Type`*	`string`	Always application/json.
`X-API-Key`*	`string`	The API key you provided to Insight Health. Identifies Insight Health as the caller.
`X-Webhook-Signature`*	`string`	HMAC-SHA256 of the body, signed with the signing key you provided. Formatted as sha256=<hex>.

* Required field

Payload fields

Property	Type	Description
`patient_id`*	`string`	The patient's ID in your EHR. This is the same ID you sent in the appointment sync.
`encounter_id`*	`string`	The encounter or visit ID in your EHR.
`summary_id`*	`string (UUID)`	Unique identifier for this specific note generation. A new UUID is assigned each time a note is generated or regenerated for the same encounter. Use this for deduplication or version tracking.
`template_name`*	`string`	Name of the clinical template used to generate the note (e.g., "SOAP Note", "H&P", "Progress Note"). Useful for routing the note to the correct section in your EHR.
`sections`*	`object`	Key-value pairs where each key is a section name (snake_case) and the value is the section content. Sections are dynamic and determined by the template.

* Required field

Every time a note is generated or regenerated for an encounter, a new summary_id is assigned. If you receive multiple pushes for the same encounter_id, compare the summary_id to determine if it is a new version.

Understanding the `sections` object

The sections object contains the clinical note content broken into named sections. The section names and count are not fixed — they are determined by the template configured in the Insight Health platform for the provider or organization.

All section keys are snake_case (e.g., chief_complaint, history_of_present_illness). The keys are derived from the template section headings by converting to lowercase and replacing spaces with underscores.

Your implementation must handle sections as a dynamic key-value object. Do not hardcode expected section names. New sections may appear if the template is changed or customized. Always iterate over whatever keys are present.

Example: SOAP Note


{
  "patient_id": "pat-67890",
  "encounter_id": "enc-999",
  "summary_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "template_name": "SOAP Note",
  "sections": {
    "subjective": "Patient reports mild discomfort at incision site...",
    "objective": "Vitals stable. Wound healing well, no signs of infection...",
    "assessment": "Post-operative recovery progressing normally.",
    "plan": "Continue current medication. Follow up in 2 weeks."
  }
}

Example: H&P


{
  "template_name": "H&P",
  "sections": {
    "chief_complaint": "Persistent headache for 3 days.",
    "history_of_present_illness": "Patient describes bilateral frontal headache...",
    "past_medical_history": "Hypertension, Type 2 Diabetes.",
    "medications": "Metformin 500mg BID, Lisinopril 10mg daily.",
    "allergies": "NKDA",
    "review_of_systems": "Positive for headache. Negative for fever, vision changes...",
    "physical_exam": "Alert and oriented. CN II-XII intact...",
    "assessment": "Tension-type headache, likely stress-related.",
    "plan": "Ibuprofen 400mg PRN. Stress management counseling. Return if worsening."
  }
}

Example: Progress Note


{
  "template_name": "Progress Note",
  "sections": {
    "interval_history": "Patient returns for follow-up of hypertension...",
    "current_medications": "Lisinopril 10mg daily.",
    "vital_signs": "BP 128/82, HR 72, Temp 98.6F.",
    "assessment_and_plan": "Hypertension - well controlled. Continue current regimen."
  }
}

Handling sections in your code

Python


for section_key, section_content in payload["sections"].items():
    save_to_ehr(section_key, section_content)

JavaScript


for (const [sectionKey, sectionContent] of Object.entries(payload.sections)) {
  saveToEhr(sectionKey, sectionContent);
}

Expected response from your endpoint

Status Code	Meaning
`200`, `201`, or `204`	Note received successfully.
`401`	Authentication failed. We will log and alert.
`4xx` / `5xx`	Error. We will log and may retry.

Verifying our requests

On your side, verify the X-Webhook-Signature header using the signing key you gave us. This is the same HMAC-SHA256 mechanism described in Authentication, but you are the receiver.


import hmac
import hashlib
 
def verify_insight_signature(body_bytes, signing_key, signature_header):
    expected = "sha256=" + hmac.new(
        signing_key.encode("utf-8"),
        body_bytes,
        hashlib.sha256,
    ).hexdigest()
    return hmac.compare_digest(expected, signature_header)