// MCP TOOL REFERENCE

HIPAA AGENT TOOLS

36 tools from the HIPAA Agent MCP Server, categorised by risk level.

View the HIPAA Agent policy → Token cost: 4,191 tokens →
// ALL 36 HIPAA AGENT TOOLS
READ 32 tools
Read batch_scan Dispatch fresh HIPAA compliance scans for multiple practices at once. Each practice costs 150 credits. If i... Read check_vendor Check vendor risk profile including breach history, BAA coverage, and security score. Input vendor_name or ... Read get_audit_log Retrieve the SHA-256 hash chain audit trail for a practice. Returns timestamped, tamper-evident log entries... Read get_blockchain_anchor Get the blockchain anchor proof for a specific date. Returns the SHA-256 root hash of all audit events from... Read get_breach Check if a practice has been involved in any known HIPAA breaches reported to HHS. Matches by practice name... Read get_breach_probability Calculate breach probability for a practice. Model: HHS base rate by specialty, adjusted by security grade ... Read get_breach_score Calculate a breach exposure risk score for a practice based on breach history, breached credentials, and in... Read get_compliance_delta Get compliance controls that changed status since a given date. Shows improved and regressed controls with ... Read get_compliance_score Get the HIPAA Agent Compliance Score breakdown for a practice. Returns overall grade, numerical score, and ... Read get_compliance_state Get the HIPAA compliance readiness state for a practice. Tracks 13 requirements against the May 2026 deadli... Read get_controls Get HIPAA/NIST control-level assessment for a practice. Maps scan findings to 13 standardized controls with... Read get_evidence_package Compile a 10-component evidence package for auditors and insurers. Includes scan results, policy attestatio... Read get_incidents Get incident history for a practice. Returns all logged security and privacy incidents with status, severit... Read get_internal_findings Get the latest internal network scan results including encryption status, MFA compliance, network segmentat... Read get_internal_scan_status Check the status of the internal network scan agent deployment and whether results have been received. Cost... Read get_model_insights Get HIPAA Agent data intelligence model stats — vulnerability patterns discovered, remediation effectivenes... Read get_outreach_status Get the outreach and drip campaign status for a practice. Returns email send history, drip stage, and engag... Read get_policies Get HIPAA policy documents generated for a practice. Optionally email them to a recipient. Requires active ... Read get_practice_summary Get a comprehensive summary of a practice combining scan results, compliance score, findings count, breach ... Read get_report Get the full compliance report for a practice including all findings, severity breakdown, grade, and HIPAA ... Read get_reputation Get HIPAA Agent verified reputation stats — total scans, unique practices, documents generated, breaches tr... Read get_scan_status Check the status of the latest scan for a practice. Returns grade, scan date, and whether data is available... Read get_state_coverage Get scanning coverage by US state — total NPIs in registry, scanned count, average grade per state. Shows w... Read get_threat_intel Get recent healthcare threat intelligence alerts from FBI Watchdog, HHS HC3, CISA KEV, and MS-ISAC. Returns... Read get_training_status Get staff training completion records for a practice. Returns staff members and their training course compl... Read get_vendor_baa_list Get vendor Business Associate Agreement tracking records for a practice. Returns all vendor BAAs with statu... Read list_webhooks List active webhook subscriptions for a practice. Cost: 25 credits. Read log_incident Log a HIPAA security or privacy incident for a practice. Creates an incident report with type, description,... Read lookup_practice Look up a healthcare practice by NPI number. Always fetches from the NPPES registry and augments with HIPAA... Read scan_practice Trigger a fresh HIPAA compliance scan for a healthcare practice. Always dispatches a new 70+ control scan v... Read subscribe_webhook Register a webhook URL to receive HIPAA compliance event notifications. Events: breach_detected, score_drop... Read validate_workflow Validate whether a data workflow is HIPAA-compliant. Synchronous guardrail — returns allowed/denied with ri...
WRITE 2 tools
Write generate_baa Generate a Business Associate Agreement for a vendor. Requires active subscription or platform/MSP key. Cos... Write generate_sra Initiate a HIPAA Security Risk Assessment. Returns the first batch of questions for the respondent to answe...
EXECUTE 2 tools
Execute execute_agent_baa Execute a digital Business Associate Agreement between two healthcare practices. Verifies both parties have... Execute trigger_internal_scan Generate a deploy token for the internal network scanner agent. Returns an API key and installation instruc...
// FAQ
How many tools does the HIPAA Agent MCP server have? +

The HIPAA Agent MCP server exposes 36 tools across 3 categories: Read, Write, Execute.

How do I enforce policies on HIPAA Agent tools? +

Route the HIPAA Agent server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard — they are enforced on every call before it reaches the server.

What risk categories do HIPAA Agent tools fall into? +

HIPAA Agent tools are categorised as Read (32), Write (2), Execute (2). Each category has a recommended default policy.

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

SECURE YOUR MCP →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.