Sentinel-Health-Guard

A HIPAA-compliant MCP server that audits, masks, and synthesizes patient FHIR data before it reaches any AI model — protecting privacy automatically.

Comment

Inspiration

As an MBA student with a passion for healthcare technology, I was struck by a critical gap: doctors and researchers routinely share sensitive patient data with AI models without any privacy checks. HIPAA violations cost healthcare organizations millions annually, yet the tools to prevent them are complex and inaccessible. I wanted to build something that works silently in the background — like a security guard for patient data.

What it does

Sentinel-Health-Guard is a HIPAA-compliant MCP server that acts as a privacy layer between patient data and AI models. It provides 8 powerful tools:

🔍 Audit Patient Data — Privacy Risk Score (🟢 LOW / 🟡 MEDIUM / 🔴 HIGH) 🛡️ Mask Patient Data — Auto redacts sensitive PII 🔬 Synthetic Data Generator — Fake data for research 🏥 FHIR R4 Audit — Full FHIR R4 compliance check 🔒 FHIR R4 Masking — HIPAA-compliant FHIR masking ✅ Consent Check — Verifies patient consent 📋 Batch Audit — Multiple patients simultaneously 📄 HIPAA Compliance Report — Detailed reports with 45 CFR §164.514 references

Every operation is logged to an automatic audit trail for compliance purposes.

How we built it

FastMCP — MCP server framework Python 3.11 — Core language FHIR R4 Standard — Healthcare data format Claude Desktop — Local MCP integration and testing Prompt Opinion — A2A agent deployment with FHIR Context Extension HuggingFace Spaces — Cloud deployment via Docker

Challenges we ran into

Configuring MCP server with Prompt Opinion's platform was technically challenging FHIR R4 data structure required careful design for both simple JSON and full FHIR resources Cloud deployment had Python 3.13 compatibility issues — fixed with Python 3.11 SSE transport configuration required extensive debugging across multiple platforms DNS rebinding protection needed to be disabled for cloud MCP connectivity

Accomplishments that we're proud of

✅ 8 fully working healthcare privacy tools ✅ Claude Desktop integration — live MCP tools in conversations ✅ Prompt Opinion A2A agent live with FHIR Context Extension ✅ Successfully deployed on HuggingFace Spaces via Docker ✅ Automatic audit trail logging for every operation ✅ Batch audit capability for multiple patients ✅ HIPAA reports with specific regulation references (45 CFR §164.514)

What we learned

MCP is a powerful new standard for AI tool integration FHIR R4 is the future of healthcare data interoperability Privacy-first AI design is not just ethical — it's legally necessary A2A protocol enables powerful multi-agent healthcare workflows Docker deployment is most reliable for MCP servers on cloud platforms

What's next for Sentinel-Health-Guard

🔜 Real-time FHIR Server Integration — Connect directly to hospital EHR systems 🔜 PDF Report Generation — Downloadable HIPAA compliance reports 🔜 Hospital-wide Risk Dashboard — Analytics across all patients 🔜 Multi-language Support — Global healthcare accessibility 🔜 Zero-Trust Privacy Mode — Block all AI access until data is fully de-identified

Built With

  • claude-desktop
  • fastmcp
  • fhir-r4
  • huggingface-spaces
  • mcp-protocol
  • prompt-opinion
  • python
Share this project:

Updates