Stats
Actions
Tags
Pulls verified medical records and digital-identity context from Health Bank One via MCP, handling OAuth authorization and redacted ingestion into a HealthClaw tenant.
How this skill is triggered — by the user, by Claude, or both
Slash command
/healthclaw-guardrails:healthbankoneThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
> **Status:** live. Bootstrap Developer Program onboarded 2026-06-10.
Status: live. Bootstrap Developer Program onboarded 2026-06-10.
MCP endpoint:
https://mcp.app.healthbankone.com/mcpSelf-access auth: OAuth via browser/QR code — no
client_secretneeded for your own records. Claude Code: add to.mcp.jsonand run/mcpto authorize. Multi-patient (commercial) auth uses Open Dynamic Client Registration (RFC 7591).
HBO sits in our health-data source matrix as the OAuth-pulled, identity-verified equivalent of:
healthex-export-redacted)fasten-connect)Claude Code — add to project .mcp.json (already done in this repo):
"healthbankone": {
"type": "http",
"url": "https://mcp.app.healthbankone.com/mcp"
}
Then in a new session run /mcp → browser opens with QR code → scan with the
Health Bank One digital ID app → approve → connected.
Claude Desktop — + → Connectors → Manage Connectors → Add custom connector
→ enter https://mcp.app.healthbankone.com/mcp → Connect → scan QR.
Script pull (for export → redact → ingest pipeline):
export HBO_MCP_URL=https://mcp.app.healthbankone.com/mcp
# Authorize once (opens browser + QR):
python scripts/healthbankone_oauth.py authorize --tenant-id my-tenant
# Then pull + redact + ingest:
python scripts/export_healthbankone_mcp.py --tenant-id my-tenant --discover
Uses Open Dynamic Client Registration (RFC 7591) to obtain client_id +
client_secret. Then standard authorization-code + PKCE per patient. Contact
[email protected] to start a commercial conversation.
For the HealthClaw pipeline:
HBO_CLIENT_ID, HBO_CLIENT_SECRET on Railway HealthClawGuardrails servicepython scripts/healthbankone_oauth.py authorize --tenant-id <patient-tenant>
— opens authorize URL; callback at https://app.healthclaw.io/hbo/callback~/.healthclaw/hbo_tokens.json (local) or Redis (Railway)python scripts/export_healthbankone_mcp.py \
--tenant-id my-tenant \
--output ~/.healthclaw/exports/hbo-$(date +%Y-%m-%d).json
What the script does:
~/.healthclaw/hbo_tokens.json); refreshes if expiredhttps://mcp.app.healthbankone.com/mcp with Authorization: Bearer <token>--discover mode: calls tools/list, invokes every read-safe tool (filters on readOnlyHint annotation + name heuristics)scripts/healthclaw_redact.py — raw response never touches diskpython scripts/import_healthex.py \
--bundle-file ~/.healthclaw/exports/hbo-2026-06-04.json \
--tenant-id my-tenant \
--step-up-secret "$STEP_UP_SECRET"
Note: import_healthex.py expects a FHIR R4 transaction Bundle ({"resourceType":"Bundle","type":"transaction","entry":[...]}). The HBO snapshot format ({"records":{...},"_meta":{...}}) is not a FHIR Bundle — a conversion step is required. Until a convert_hbo.py script exists, use the HBO data directly via MCP tool calls in Claude Code / Claude Desktop rather than the ingest pipeline.
| Command | What it does |
|---|---|
/hbo_connect | Builds the OAuth authorization URL (PKCE S256); user opens link, logs in, grants; tokens cached |
/hbo_pull | Runs the export + redact + ingest pipeline in background; pings Telegram when records arrive |
(Implemented in openclaw/bot.py and scripts/bot_commands.py.)
| Variable | Required | Notes |
|---|---|---|
HBO_MCP_URL | Yes | https://mcp.app.healthbankone.com/mcp |
HBO_CLIENT_ID | Commercial only | From HBO DCR registration |
HBO_CLIENT_SECRET | Commercial only | Same |
HBO_AUTHORIZATION_ENDPOINT | Commercial only | From HBO DCR metadata |
HBO_TOKEN_ENDPOINT | Commercial only | From HBO DCR metadata |
HBO_REDIRECT_URI | Commercial only | Default: https://app.healthclaw.io/hbo/callback |
HBO_SCOPES | Optional | Space-separated; default: openid offline_access |
If HBO's MCP server advertises SHARP (capabilities.experimental.fhir_context_required) or the PromptOpinion FHIR Extension, HealthClaw can also act as a forwarding layer — an MCP client that pulls from HBO using SHARP headers on every call instead of pre-pulling a snapshot. This eliminates the export-to-disk step entirely and matches the pattern PromptOpinion uses with us today. Ask on the call whether they advertise either spec. If yes, we can offer to demo HealthClaw + HBO as a SHARP-compliant pair.
14 tools confirmed live. All paginated tools use page (1-indexed int, default 1) and return <pagination> with has_more + next_page.
| Tool | Params | Returns |
|---|---|---|
get_patient_basic_info | — | XML demographics (name, DOB, address, phone, email, insurance IDs, id_status) |
get_conditions | page, status (enum: active/recurrence/relapse/inactive/remission/resolved) | RAG-retrieved clinical notes + structured condition rows |
get_medications | page, status (enum: active/on-hold/cancelled/completed/entered-in-error/stopped/draft/unknown) | Prescription records with RxNorm/NDC codes |
get_lab_results | page | Lab results with LOINC codes, reference ranges, flags |
get_vital_signs | page | BP, pulse, temp, height, weight, BMI, SpO2 from visit records |
get_allergies | page | Allergy list with SNOMED codes and verification status |
get_care_plans | page | Care plan / treatment plan excerpts from clinical notes |
get_encounters | page | Full visit records: dates, providers, diagnoses, clinical notes |
get_immunizations | page | Vaccination history with CVX/NDC codes, lot numbers, dates |
get_procedures | page | Procedure records and CPT codes from visit documents |
list_patient_documents | — | XML list of indexed documents: UUID, name, provider, file type, uploaded_on |
search_medical_data | query (string), document_ids (optional list), page | Semantic search across all patient documents |
search_faqs | query (string) | Platform FAQ search (about HBO features, not personal data) |
summarize_document | document_id (UUID from list_patient_documents) | Full plain-text summary of a specific document |
get_conditions, get_encounters etc. return semantically-retrieved excerpts from indexed PDF documents, not parsed FHIR JSON. Expect rich narrative clinical text alongside structured rows.list_patient_documents returns the indexed source PDFs. Each retrieved document has a UUID. Multiple tool calls may return the same document UUID when that document contains the relevant data.get_* tools support pagination; list_patient_documents does not. For complete records, page until has_more=false.get_patient_basic_info returns XML (not JSON). Parse accordingly.| Aspect | HealthEx | Fasten Connect | Health Bank One |
|---|---|---|---|
| Source skill | healthex-export-redacted | fasten-connect | healthbankone (this one) |
| Auth | Bearer token in env | Stitch widget public key + webhook HMAC | OAuth 2.x per-consumer |
| Identity verification | Done by HealthEx | CLEAR / ID.me via TEFCA | HBO Digital Identity (IAL2/AAL2) |
| Transport | MCP Streamable HTTP pull | Webhook push | MCP Streamable HTTP pull |
| Data freshness | On-demand via update_records | Push on EHR change | On-demand via pull (refresh cadence TBD) |
| FHIR format | R4 + US Core | R4 NDJSON | R4 (per their materials) |
| Writebacks | No | No | Yes — Engagement service |
| Pricing | Free / paid tiers | Paid keys (test_ / live_) | Bootstrap free, post-launch TBD |
npx claudepluginhub aks129/healthclawguardrails --plugin healthclaw-guardrailsGuides users through installing the HealthClaw + OpenClaw personal-health-agent stack, including OpenClaw gateway, FHIR server, EHR connection, and guardrails.
Provides HIPAA-specific compliance rules and decision gates for healthcare software handling PHI. Delegates to healthcare-phi-compliance and healthcare-reviewer for implementation and review.
Provides expert guidance for Azure Health Data Services development including FHIR/DICOM APIs, bulk export/import, de-identification, events, and Synapse/ADF integrations. Covers troubleshooting, best practices, architecture, security, and deployment.