HealthcareValley: Secure MCP Server for Healthcare AI Agents
Inspiration
Healthcare AI agents hold enormous potential to improve clinical workflows, but they are currently held back by fragmented data silos, complex integration plumbing, and serious privacy and safety risks. The Agents Assemble hackathon's focus on MCP (Model Context Protocol), A2A, FHIR, and SHARP context perfectly matched my existing work on pyCampfireValley — a secure, distributed multi-agent orchestration library I've been building. I saw a clear opportunity to turn my library into a production-grade Healthcare MCP Superpower that any Prompt Opinion agent could safely discover and use.
What it does
HealthcareValley is a secure, policy-enforced MCP server built on top of pyCampfireValley. It exposes discoverable, SHARP-compliant tools such as:
- FHIR data fetching and validation
- Clinical note processing with automatic sanitization
- Patient commitment tracking with policy enforcement
Every interaction flows through a "valley" of specialist campfires (nodes) with built-in AES-256 encryption, digital signatures, PHI redaction, and Justice System policy rules. This allows Prompt Opinion agents to call powerful healthcare tools while maintaining strict privacy and safety guardrails.
How we built it
We treated pyCampfireValley as a core imported library (git+https://github.com/MikeHibbert/pyCampfireValley.git@main). Using the existing Docker-based example from the repo, we created a new HealthcareValley class that extends the base Valley.
New specialist campfires were added for FHIR integration, SHARP context propagation, clinical note processing, and commitment tracking. A dedicated MCP tool registry makes every campfire instantly discoverable by the Prompt Opinion platform. The entire system runs via docker-compose up, with the familiar LiteGraph web UI visualizing the torch (message) flows in real time.
Challenges we faced
- Mapping the existing Redis-based MCP pub/sub and torch routing to the exact expectations of the Prompt Opinion platform and SHARP extension specs.
- Ensuring SHARP context (patient ID, FHIR token, consent flags) is automatically injected and respected across all campfires without breaking the library's security chain.
- Balancing powerful AI capabilities with strict healthcare privacy requirements — every outgoing piece of data must pass through Sanitizer and Justice campfires.
The biggest technical lift was extending the library cleanly while keeping it modular so other developers can reuse it as a simple import.
What we learned
This project reinforced how critical interoperability standards (MCP + FHIR + SHARP) are for moving healthcare AI from prototypes to production. We also saw firsthand how a well-designed multi-agent orchestration layer with strong security primitives can dramatically reduce the "last mile" integration pain that plagues most healthcare AI projects.
Most importantly, building on an existing secure foundation (pyCampfireValley) allowed us to focus on healthcare-specific value instead of reinventing basic plumbing.
What's next
We plan to publish the HealthcareValley MCP server to the Prompt Opinion Marketplace and continue evolving the campfires with more advanced clinical workflows. Long-term, the goal is to make secure, interoperable healthcare agent networks as easy to deploy as spinning up a simple web service.
Log in or sign up for Devpost to join the conversation.