HIPAA Compliance MCP
Automate HIPAA healthcare compliance for AI systems handling PHI.
Administrative safeguards · Physical safeguards · Technical safeguards · BAA templates · Breach notification · Minimum necessary rule
Penalties: up to $2.1M per violation category per year.
Install · Tools · Pricing
Why This Exists
Healthcare AI is the fastest-growing sector for ML deployment — and the most regulated. Every AI system touching Protected Health Information (PHI) must comply with the HIPAA Security Rule, Privacy Rule, and Breach Notification Rule. Business Associate Agreements (BAAs) are required for every vendor in the chain.
This MCP assesses your AI system against all three HIPAA safeguard categories, checks PHI handling workflows, generates BAA templates, and verifies breach notification readiness.
Install
pip install hipaa-compliance-mcp
Tools
| Tool | Safeguard | What it does |
|---|---|---|
assess_administrative |
Administrative | Security management, workforce training, contingency plans |
assess_physical |
Physical | Facility access, workstation security, device controls |
assess_technical |
Technical | Access controls, audit controls, transmission security |
check_phi_handling |
Privacy Rule | PHI use/disclosure, minimum necessary, de-identification |
generate_baa |
— | Business Associate Agreement template |
assess_breach_readiness |
Breach Rule | 60-day notification, risk assessment, documentation |
run_full_audit |
All | Complete HIPAA readiness assessment |
sign_attestation |
— | HMAC-SHA256 signed compliance certificate |
Pricing
| Tier | Price | What you get |
|---|---|---|
| Free | £0 | 10 calls/day |
| Pro | £199/mo | Unlimited + HMAC-signed attestations |
| Enterprise | £1,499/mo | Multi-tenant + co-branded reports |
Attestation API
POST https://meok-attestation-api.vercel.app/sign
GET https://meok-attestation-api.vercel.app/verify/{cert_id}
Links
- Website: meok.ai
- All MCP servers: meok.ai/labs/mcp/servers
- Enterprise support: [email protected]
License
MIT
