charm-mcp-server
Verified Safeby CharmHealth
Overview
The CharmHealth MCP Server enables LLMs and MCP clients to interact with patient records, encounters, and practice information within the CharmHealth EHR system.
Installation
docker run --rm -i -e CHARMHEALTH_BASE_URL='your_base_uri_here' -e CHARMHEALTH_API_KEY='your_api_key_here' -e CHARMHEALTH_REFRESH_TOKEN='your_refresh_token_here' -e CHARMHEALTH_CLIENT_ID='your_client_id_here' -e CHARMHEALTH_CLIENT_SECRET='your_client_secret_here' -e CHARMHEALTH_REDIRECT_URI='your_redirect_uri_here' -e CHARMHEALTH_TOKEN_URL='your_token_url_here' charm-mcp-serverEnvironment Variables
- CHARMHEALTH_BASE_URL
- CHARMHEALTH_API_KEY
- CHARMHEALTH_REFRESH_TOKEN
- CHARMHEALTH_CLIENT_ID
- CHARMHEALTH_CLIENT_SECRET
- CHARMHEALTH_REDIRECT_URI
- CHARMHEALTH_TOKEN_URL
Security Notes
The server explicitly handles Protected Health Information (PHI) and includes a critical HIPAA notice, emphasizing user responsibility for compliance (HIPAA-compliant LLMs, BAA, no data retention). It retrieves credentials from environment variables, avoiding hardcoded secrets. OAuth tokens are managed with a shared, client-specific cache and locks for concurrency. Telemetry collection is optional and disabled by default, with clear warnings about PHI in logs if enabled. Input validation is performed at the tool level for required fields, reducing common errors. There is no evidence of `eval`, obfuscation, or arbitrary command execution vulnerabilities in the provided source code.
Similar Servers
fhir-mcp-server
The FHIR MCP Server acts as a bridge between AI/LLM tools and FHIR APIs, enabling seamless search, retrieval, and analysis of clinical information.
mcp-servers
An MCP server for managing files in Google Cloud Storage, supporting CRUD operations (save, get, search, delete) and exposing files as resources.
pyomop
A Python library providing tools for managing OMOP Common Data Model databases, including LLM-powered natural language querying, FHIR-to-OMOP data conversion, and PyHealth/PLP compatibility for machine learning pipelines.
hackmd-mcp
The server provides an interface for LLM clients to access and manage HackMD notes, teams, user profiles, and reading history through the HackMD API.