Model Context Protocol for Healthcare AI
Model Context Protocol (MCP) is rapidly becoming the integration backbone for healthcare AI — solving one of the industry's most persistent problems: connecting intelligent AI systems to the fragmented, regulated, and deeply siloed world of clinical data. With over 80% of hospitals now using AI for patient care and operations, and nearly 80% of healthcare data remaining unstructured and inaccessible, MCP provides the standardized protocol layer that lets AI agents securely access electronic health records, clinical databases, imaging systems, and research repositories without requiring bespoke integrations for every data source.
The FHIR-MCP Convergence: Two Standards, One Interoperability Stack
Healthcare already had a powerful data interoperability standard in FHIR (Fast Healthcare Interoperability Resources), which defines common data models for clinical concepts like patients, observations, medications, and encounters. What FHIR lacked was a standardized way for AI systems to access that data. MCP fills this gap precisely. FHIR provides semantic standardization — common schemas for clinical data. MCP provides integration standardization — a universal protocol for AI to query, retrieve, and act on that data. The convergence of these two standards has created a powerful new interoperability stack. Multiple open-source FHIR MCP servers now exist, enabling any MCP-compatible AI application to interact with any FHIR-compliant health system. WSO2's open-source FHIR MCP server exposes any FHIR endpoint as an MCP server. The Momentum's FHIR MCP server adds built-in LOINC code integration, automatically translating natural-language clinical queries into precise FHIR API requests. Medplum, the open-source healthcare developer platform, ships with native MCP support, exposing its entire FHIR API surface to AI agents. Josh Mandel — a leading figure in health IT standards — built health-record-mcp, an MCP server that connects to EHRs via SMART on FHIR, providing tools for text search, SQL queries, and JavaScript execution against patient data.
From Protocol to Product: MCP in Clinical Practice
In January 2026, Anthropic launched Claude for Healthcare at the JP Morgan Healthcare Conference, with built-in connectors to the CMS Coverage Database, ICD-10, the National Provider Identifier Registry, and PubMed. Health systems including Banner Health and Stanford Healthcare, along with pharmaceutical companies like Novo Nordisk, Sanofi, AbbVie, and Genmab, are already using Claude for clinical documentation, regulatory submissions, and clinical trial analysis. Simultaneously, HealthEx partnered with Anthropic to let Claude Pro and Max users connect their personal health records via an MCP server. HealthEx — an approved vendor under TEFCA (Trusted Exchange Framework and Common Agreement) — consolidates records from over 50,000 provider organizations. Their MCP server dynamically retrieves only the relevant portions of a patient's record for each query, rather than ingesting the full dataset, keeping data exposure minimal and HIPAA-compliant. Meanwhile, AWS released an open-source MCP server for HealthLake, their HIPAA-eligible FHIR data store, providing 11 tools for FHIR resource management with automatic datastore discovery, full CRUD+Search operations, and a read-only mode for compliance auditing.
HMCP: A Healthcare-Specific Extension of MCP
Innovaccer introduced the Healthcare Model Context Protocol (HMCP) in 2025 — an open-source extension of MCP designed specifically for regulated clinical environments. HMCP layers healthcare-specific capabilities on top of the base protocol: HIPAA-compliant access controls, SMART on FHIR authorization, data zone separation (isolating PHI from synthetic/test data and agent logs), comprehensive audit trails, rate limiting, and risk assessment scoring for AI agent actions. This is significant because standard MCP, while powerful, was not designed with healthcare's regulatory requirements in mind. HMCP demonstrates how the protocol can be extended for regulated industries without breaking compatibility with the broader MCP ecosystem — a pattern likely to be replicated in finance, legal, and government sectors. The framework supports compliance with HIPAA, SOC-2, HITRUST, and GDPR simultaneously.
Regulatory Landscape and Compliance Architecture
The regulatory environment for healthcare AI is intensifying. The proposed 2024 HIPAA Security Rule modifications — the most sweeping since 2013 — are expected to be finalized by May 2026, making encryption, multi-factor authentication, and vulnerability scanning mandatory rather than addressable. The FDA and EMA jointly released 10 guiding principles for AI in drug development in January 2026. MCP's architecture is well-suited to this regulatory moment. Every interaction between an AI agent and a clinical data source passes through an MCP server that can enforce access controls, log audit trails, apply data masking, and limit what the AI can access or modify. This provides the traceability, auditability, and reproducibility that regulators demand. For healthcare organizations building agentic AI systems — where multiple AI agents collaborate on complex clinical workflows — MCP provides a single control plane for data governance rather than requiring each agent to implement its own compliance layer. Anthropic's signing of the CMS Health Tech Ecosystem Pledge and MCP's donation to the Linux Foundation's Agentic AI Foundation in December 2025 further signal the protocol's trajectory toward becoming critical healthcare infrastructure.
The Agentic Healthcare Future
MCP is a foundational building block of the agentic economy in healthcare. Today, physician AI usage has risen from 38% to 66% year-over-year, and AI-assisted documentation has reduced clinician burnout from 51.9% to 38.8%. But most current healthcare AI operates in isolation — a documentation tool here, a diagnostic assistant there, each with its own integration. MCP enables the shift from isolated AI tools to composable agentic systems: an AI agent that can simultaneously query a patient's EHR, cross-reference clinical guidelines in PubMed, check drug interactions, verify insurance coverage against the CMS database, and generate a clinical note — all through standardized MCP connections. AI-supported hospitals already report a 42% reduction in diagnostic errors. As MCP matures and healthcare-specific extensions like HMCP become production-ready, these gains will compound. The healthcare AI market is projected to reach $208.2 billion by 2030, and MCP is positioned as the protocol layer that makes that market interoperable rather than fragmented.
Applications & Use Cases
Clinical Documentation & Ambient Scribing
MCP enables AI scribes to securely access patient records, medication lists, and clinical history in real time during patient encounters. With 100% adoption activity among surveyed organizations, ambient clinical documentation is healthcare's leading AI use case — and MCP provides the standardized connection layer between the AI and the EHR. Anthropic's Claude for Healthcare, used by Banner Health and Stanford Healthcare, leverages MCP connectors to ICD-10 and CMS databases for accurate coding during documentation.
Patient Record Access & Personal Health AI
HealthEx's MCP server lets patients connect health records from over 50,000 provider organizations to AI assistants. The server dynamically retrieves only relevant record portions per query via FHIR patient-access APIs under TEFCA, keeping data exposure minimal. This enables patients to ask AI questions about their own medical history, medications, and test results with full clinical context.
Clinical Decision Support
FHIR MCP servers enable AI agents to query patient data, cross-reference clinical guidelines, and surface relevant evidence at the point of care. The MCP-FHIR framework (documented in academic research) demonstrates how LLMs connected to clinical data via MCP can provide contextualized decision support that accounts for individual patient history, current medications, and relevant literature from PubMed — reducing diagnostic errors by up to 42% in AI-supported settings.
Clinical Trial Matching & Research
MCP servers for ClinicalTrials.gov enable AI agents to match patients with eligible trials based on their full medical profile. Pharmaceutical companies including Novo Nordisk, Sanofi, AbbVie, and Genmab use Claude with MCP connectors for clinical trial analysis, regulatory submissions, and drug development research — accelerating the pipeline from data to insight.
Revenue Cycle & Prior Authorization
AI agents connected via MCP to CMS Coverage Databases, payer systems, and EHRs can automate prior authorization workflows — querying patient eligibility, verifying coverage criteria, and generating authorization requests. MCP's standardized integration reduces the custom integration burden that has historically made revenue cycle automation brittle and expensive to maintain.
Multi-Agent Clinical Workflows
MCP enables composable multi-agent systems where specialized AI agents collaborate on complex clinical workflows — one agent handling triage, another reviewing imaging, another checking drug interactions — all accessing clinical data through a unified MCP protocol layer with consistent access controls, audit logging, and HIPAA compliance enforced at the server level rather than per-agent.
Key Players
- Anthropic — Developed both MCP and Claude for Healthcare (launched January 2026). Built-in connectors to CMS, ICD-10, NPI Registry, and PubMed. Partnered with HealthEx for patient record access. Signed CMS Health Tech Ecosystem Pledge.
- Innovaccer — Created HMCP (Healthcare Model Context Protocol), an open-source healthcare-specific extension of MCP with HIPAA compliance, SMART on FHIR authorization, and data zone separation. Available on GitHub and AWS Marketplace as Innovaccer Gravity.
- HealthEx — Built an MCP server connecting personal health records from 50,000+ provider organizations to AI assistants via FHIR patient-access APIs under TEFCA. Partnered with Anthropic in January 2026.
- Amazon Web Services — Released an open-source MCP server for AWS HealthLake (HIPAA-eligible FHIR data store) with 11 FHIR management tools, automatic datastore discovery, and read-only compliance mode.
- Medplum — Open-source healthcare developer platform with native MCP support, exposing its entire FHIR API surface to AI agents through a custom fhir-request tool.
- WSO2 — Published an open-source FHIR MCP server that turns any FHIR endpoint into an MCP server, enabling natural-language interaction with healthcare data.
- The Momentum — Built an open-source FHIR MCP server with integrated LOINC code validation, automatically translating natural-language clinical queries into FHIR API requests.
- Microsoft — Integrated Claude into Microsoft Foundry for healthcare and life sciences customers (announced January 2026), enabling MCP-powered AI workflows in Azure's healthcare cloud.
Challenges & Considerations
- HIPAA Compliance at the Protocol Level — Standard MCP was not designed for regulated healthcare data. Every MCP interaction involving PHI requires encryption, access controls, audit trails, and data minimization. Extensions like Innovaccer's HMCP address this, but there is no universal standard yet for HIPAA-compliant MCP deployments. The proposed 2024 HIPAA Security Rule modifications (finalization expected May 2026) will make encryption and MFA mandatory, raising the compliance bar further.
- Data Fragmentation and Unstructured Data — Over 60% of healthcare executives cite data silos as a major barrier to AI adoption, and nearly 80% of healthcare data remains unstructured (clinical notes, imaging reports, pathology results). MCP can standardize access to structured FHIR resources, but connecting AI to the vast unstructured clinical data landscape requires additional tooling and infrastructure.
- Clinical Liability and Human Oversight — When an AI agent makes a clinical recommendation based on data accessed via MCP, questions of liability arise. Who is responsible if the MCP server returns stale data, or if the AI misinterprets a lab result? Healthcare MCP deployments must enforce human-in-the-loop oversight for clinical decisions, and frameworks for doing so are still maturing.
- Authentication and Authorization Complexity — Healthcare data access requires fine-grained, role-based permissions that go beyond standard OAuth. SMART on FHIR provides scoped authorization, but integrating it with MCP's client-server model adds complexity. Each MCP server must enforce provider-level, patient-level, and encounter-level access controls consistently.
- Ecosystem Fragmentation — Multiple competing FHIR MCP server implementations (WSO2, Medplum, The Momentum, AWS, Innovaccer) risk fragmenting the ecosystem before it matures. Without convergence on healthcare-specific MCP conventions, developers face the same integration complexity MCP was designed to eliminate.
- Patient Consent and Data Governance — MCP enables AI agents to access patient data dynamically, but patient consent models vary by jurisdiction and institution. Ensuring that MCP-mediated data access respects patient preferences, institutional policies, and evolving regulations (like the February 2026 deadline for revised Notices of Privacy Practices) requires governance infrastructure that most health systems have not yet built.
Further Reading
- Market Map of the Agentic Economy — Jon Radoff's comprehensive mapping of the companies and infrastructure powering the agentic economy, including healthcare AI platforms
- Introducing HMCP: A Universal Open Standard for AI in Healthcare — Innovaccer's technical overview of the Healthcare Model Context Protocol extension
- Building Healthcare AI Agents with Open-Source AWS HealthLake MCP Server — AWS's guide to deploying FHIR-based MCP servers for clinical AI agents
- Anthropic Launches Claude for Healthcare at JPM26 — Fierce Healthcare's coverage of Anthropic's healthcare-specific AI launch and MCP integrations
- Anthropic Signs CMS Health Tech Ecosystem Pledge — Anthropic's commitment to advancing healthcare interoperability through MCP and open standards