FHIR MCP Server

29 tools. 0 can modify or destroy data without limits.

Read-only server. Low risk, but rate limits prevent runaway API costs.

Last updated:

0 can modify or destroy data
29 read-only
29 tools total

Community server · catalogue entry verified 30/06/2026

How to control FHIR MCP Server ↓

What FHIR MCP Server exposes to your agents

Read (29) Write / Execute (0) Destructive / Financial (0)

What can go wrong

Even read-only tools carry cost. An agent in a retry loop can make thousands of API calls per minute, exhausting rate limits and running up bills.

How to control FHIR MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and FHIR MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Cap read operations
{
  "get_allergy_by_id": {
    "limits": [
      {
        "counter": "get_allergy_by_id_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register FHIR MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON FHIR →

Instant setup, no code required.

All 29 FHIR MCP Server tools

READ 29 tools
Read get_allergy_by_id Retrieve a specific allergy intolerance by ID. Read get_appointment_by_id Retrieve a specific appointment by ID. Read get_condition_by_id Retrieve a specific condition by ID. Read get_diagnostic_report_by_id Retrieve a specific diagnostic report by ID. Read get_encounter_by_id Retrieve a specific encounter by ID. Read get_fhir_capability_statement Retrieve the FHIR server's capability statement (metadata). Read get_immunization_by_id Retrieve a specific immunization by ID. Read get_medication_request_by_id Retrieve a specific medication request by ID. Read get_observation_by_id Retrieve a specific observation by ID. Read get_patient_allergies Retrieve allergies for a specific patient. Read get_patient_appointments get_patient_appointments Read get_patient_by_id Retrieve a specific patient by their FHIR patient ID. Read get_patient_conditions get_patient_conditions Read get_patient_diagnostic_reports get_patient_diagnostic_reports Read get_patient_encounters get_patient_encounters Read get_patient_immunizations get_patient_immunizations Read get_patient_lab_results Retrieve laboratory observations for a specific patient. Read get_patient_medication_requests get_patient_medication_requests Read get_patient_observations get_patient_observations Read get_patient_procedures get_patient_procedures Read get_patient_vital_signs Retrieve vital signs observations for a specific patient. Read get_procedure_by_id Retrieve a specific procedure by ID. Read search_appointments_by_date search_appointments_by_date Read search_patients_by_address Search for patients by address components. Read search_patients_by_birthdate Search for patients by birth date. Read search_patients_by_email Search for patients by email address. Read search_patients_by_identifier Search for patients by identifier (e.g., MRN, SSN). Read search_patients_by_name Search for patients by name using FHIR search parameters. Read search_patients_by_phone Search for patients by phone number.

Questions about FHIR MCP Server

Is the FHIR MCP Server MCP server safe to use without restrictions? +

The FHIR MCP Server server is primarily read-only with 29 read tools. While it cannot modify data, an agent in a retry loop can make thousands of API calls per minute, exhausting rate limits and running up costs. Rate limiting is still recommended.

How many tools does the FHIR MCP Server MCP server expose? +

29 tools across 1 categories: Read. 29 are read-only. 0 can modify, create, or delete data.

How do I enforce a policy on FHIR MCP Server? +

Register the FHIR MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every FHIR MCP Server tool call.

Deterministic rules across all 29 FHIR MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

29 FHIR MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.