MCP Healthcare Server
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@MCP Healthcare Serverfind available slots for Dr. Lee next week"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
MCP Healthcare Server
A Model Context Protocol (MCP) server for clinical workflows, built per the
design in deep-research-report.md. The server exposes a governed set of
tools (patient lookup, appointment booking, prescription, drug-interaction
check, symptom triage, lab results, insurance eligibility, telehealth) and
enforces role-based access control and audit logging on every call.
This implementation is a development scaffold: data is held in memory
(seeded from src/data/*.json) and there is no real EHR/FHIR integration.
It is a safe environment to exercise the MCP surface and the security
enforcement layer.
Quick start
npm install
npm run dev # tsc-watch-style restart on src changes
# or
npm run build && npm startThe server speaks MCP over stdio and is ready to attach to any MCP-aware
client (Claude Desktop, MCP Inspector, custom agents).
Related MCP server: MCP Healthcare System
Tool surface
Tool | Role required | Purpose |
| any clinical | Look up a patient by MRN or name+DOB |
| any clinical | Recent appointments, conditions, meds |
| any clinical | Provider availability, filterable by specialty |
| clinician / admin | Schedule a new appointment |
| clinician / admin | Move an existing appointment |
| any clinical | Patient's current medication list |
| clinician / pharmacist / admin | Pairwise interaction check |
| clinician / admin | Write a prescription, surfaces allergy + interaction warnings |
| any clinical | Rule-based triage with urgency + specialty |
| any clinical | Recommend a specialty for a description |
| any clinical | Fetch lab data, filter by test name |
| any clinical | Summarize, count abnormalities, flag criticals |
| clinician / admin | Verify insurance coverage and copay |
| clinician / admin | Submit a prior auth request |
| clinician / admin | Create a video session, return URL |
| clinician / admin | Queue session link for delivery (stub) |
Every tool call must include a userId from src/data/users.json. The
server resolves the user, checks role permissions, then runs the handler.
Denials and runtime errors are recorded in the audit log.
Security model
Audit log — one JSON line per call to
logs/audit-<YYYY-MM-DD>.log. Captures timestamp, userId, tool, SHA-256 of the input (16 hex chars — avoids writing PHI in plaintext), outcome, and duration.RBAC — defined in
src/auth/rbac.ts. Read tools accept any clinical role. Write tools requireclinicianoradmin. Pharmacy tools also acceptpharmacist. Unknown user → denial.Input validation — Zod schemas on every tool; the MCP SDK rejects malformed inputs before the handler runs.
File layout
src/
index.ts # bootstrap (stdio transport)
server.ts # createServer(): McpServer + audit + exit hooks
config.ts # env loading (LOG_DIR, DATA_DIR)
types.ts # domain types
audit/logger.ts # append-only audit log
auth/rbac.ts # user lookup + role checks
store/memoryStore.ts # in-memory store + loadSeed()
tools/
registry.ts # central tool context + module list
patient.ts # search_patient, get_patient_history
appointment.ts # find_available_slots, book, reschedule
prescription.ts # create_prescription, check_drug_interaction, get_active_medications
symptoms.ts # analyze_symptoms, suggest_specialist
lab.ts # get_recent_lab_results, analyze_lab_results
eligibility.ts # check_eligibility, create_prior_authorization_request
telehealth.ts # create_telehealth_session, send_telehealth_link
data/ # seed JSON (patients, providers, drugs, labs, etc.)
logs/ # audit log output (gitignored)Seed users (for testing)
userId | name | role |
| Dr. Aisha Khan | clinician |
| Dr. Marcus Lee | clinician |
| Nurse Priya Shah | nurse |
| Jordan Park | receptionist |
| Rita Chen, PharmD | pharmacist |
| Sam Whittaker | admin |
Out of scope (TODO for production)
Real FHIR / HL7 / PACS / DICOM adapters
OAuth2 / SMART-on-FHIR launch
Persistent database (in-memory only)
LLM-backed symptom analysis (rule-based placeholder)
HIPAA-grade audit retention, encryption at rest, key rotation
Rate limiting, network segmentation
References
See deep-research-report.md for the full design rationale, architecture
options, compliance checklist, and roadmap that informed this implementation.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/SaadRiaz99/mcp-medical-tools'
If you have feedback or need assistance with the MCP directory API, please join our Discord server