Server data from the Official MCP Registry
IntakeQ/PracticeQ MCP connector with HIPAA §164.312(b) audit logging on every PHI read/write
IntakeQ/PracticeQ MCP connector with HIPAA §164.312(b) audit logging on every PHI read/write
Valid MCP server (3 strong, 1 medium validity signals). No known CVEs in dependencies. Package registry verified. Imported from the Official MCP Registry. Trust signals: trusted author (3/3 approved).
7 files analyzed · 1 issue found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: INTAKEQ_API_KEY
Environment variable: INTAKEQ_API_BASE
Environment variable: MCP_API_KEY
Environment variable: MCP_ALLOW_NO_AUTH
Environment variable: TRANSPORT
Environment variable: MCP_BASE_URL
Environment variable: PORT
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-oktopeak-intakeq-mcp": {
"env": {
"PORT": "your-port-here",
"TRANSPORT": "your-transport-here",
"MCP_API_KEY": "your-mcp-api-key-here",
"MCP_BASE_URL": "your-mcp-base-url-here",
"INTAKEQ_API_KEY": "your-intakeq-api-key-here",
"INTAKEQ_API_BASE": "your-intakeq-api-base-here",
"MCP_ALLOW_NO_AUTH": "your-mcp-allow-no-auth-here"
},
"args": [
"-y",
"@oktopeak/intakeq-mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
IntakeQ/PracticeQ MCP connector for Claude. Gives Claude access to your IntakeQ scheduling, intake forms, treatment notes, invoices, and client records through the Model Context Protocol.
Every PHI read and write is logged locally in compliance with HIPAA §164.312(b).
Two things must be in place before PHI flows through this connector:
IntakeQ BAA — IntakeQ/PracticeQ includes a Business Associate Agreement. Sign it in your IntakeQ account (Settings → HIPAA) before going live. This is one of IntakeQ's strengths: the BAA is self-serve and included in all plans.
Anthropic enterprise tier with ZDR — With hosted Claude + MCP, PHI goes to Anthropic for inference. The defensible claim is training-disabled + Zero Data Retention under enterprise + BAA — not data locality. "Access" (the model processed it) is the exposure, not just retention. Sign up for Anthropic enterprise and request a BAA before using this with real patients.
What this connector does:
~/.intakeq-mcp/audit.log (HIPAA §164.312(b))npm install -g @oktopeak/intakeq-mcp
{
"mcpServers": {
"intakeq": {
"command": "intakeq-mcp"
}
}
}
Generate your API key in IntakeQ: Settings → Integrations → Developer API
Then tell Claude:
"Set my IntakeQ API key to [your-key]"
Or use the MCP tool directly: set_api_key
| Tool | Description | R/W |
|---|---|---|
set_api_key | Store IntakeQ API key | W |
auth_status | Verify API connection | R |
clear_api_key | Remove stored key | W |
list_clients | Search/list clients | R |
get_client | Single client profile | R |
list_practitioners | All practitioners in the account | R |
list_services | Services configured in the account | R |
list_locations | Locations configured in the account | R |
list_appointments | Appointments by client/date | R |
get_appointment | Single appointment | R |
create_appointment | Book appointment | W |
update_appointment | Reschedule/update | W |
list_intake_forms | Submitted intake forms | R |
get_form | Full form with answers | R |
list_questionnaire_templates | Available form templates | R |
send_intake_form | Send form to client | W |
list_notes | Treatment notes (read-only in IntakeQ API) | R |
get_note | Full note | R |
list_invoices | Client invoices | R |
get_invoice | Single invoice | R |
list_files | Client file metadata | R |
audit_export | Export HIPAA audit trail | R |
Tip: call
list_practitioners,list_services, andlist_locationsbeforecreate_appointmentto obtain valid IDs required by that tool.
| Resource URI | Description |
|---|---|
intakeq://compliance-notice | HIPAA compliance notice — BAA requirements and what the connector logs |
intakeq://auth-status | Live authentication status (JSON) |
Every PHI read and write is appended to ~/.intakeq-mcp/audit.log (JSONL format).
Each entry records: timestamp, session ID, machine IP, tool name, arguments (sanitized),
outcome, practitioner ID, client ID, and result count.
Export the audit log at any time: ask Claude to run audit_export.
Audit logging is fail-open. If the log file can't be written (disk full, permissions),
the tool call still completes rather than blocking clinical work — the failure is written
to stderr with an [audit-log-failure] prefix so it can be monitored/alerted on. If you
need a hard guarantee that PHI access is never left unlogged, monitor process stderr for
that prefix in your deployment.
The server runs in stdio mode by default. To run as an HTTP server (e.g. for multi-user or remote deployments):
MCP_API_KEY=your-secret TRANSPORT=http PORT=3000 intakeq-mcp
The MCP endpoint is at /mcp, gated by a required Bearer token (MCP_API_KEY). The
server refuses to start in HTTP mode without MCP_API_KEY set, since an unauthenticated
endpoint would expose every PHI tool to anyone who can reach the port. To explicitly opt
into an unauthenticated endpoint for local development only, set MCP_ALLOW_NO_AUTH=true —
never do this with real patient data.
HTTP transport does not terminate TLS itself. Run it behind a reverse proxy (nginx, Caddy, your cloud provider's load balancer, etc.) that terminates HTTPS — otherwise the Bearer token and all PHI in transit are sent in plaintext on the network.
Each HTTP session maintains its own API key in memory — the set_api_key tool scopes the key to the session and never writes it to the shared disk file. Sessions are garbage-collected after 24 hours.
Health check: GET /health → { "ok": true, "sessions": <count> }
| Variable | Default | Description |
|---|---|---|
INTAKEQ_API_KEY | — | Fallback API key for CI / headless use (prefer the set_api_key tool) |
INTAKEQ_API_BASE | https://intakeq.com/api/v1 | Override the IntakeQ API base URL |
TRANSPORT | stdio | Transport mode: stdio or http |
PORT | 3000 | HTTP server port (HTTP mode only) |
MCP_BASE_URL | http://127.0.0.1:3000 | Base URL printed in HTTP startup logs |
MCP_API_KEY | — | Bearer token to gate the HTTP /mcp endpoint. Required in HTTP mode unless MCP_ALLOW_NO_AUTH=true |
MCP_ALLOW_NO_AUTH | — | Set to true to explicitly allow HTTP mode without MCP_API_KEY (local dev only) |
IntakeQ enforces ~10 requests/minute. The connector retries automatically on HTTP 429 (up to 3 attempts, with back-off delays of 10 s / 20 s / 30 s). After 3 failures the error is surfaced rather than hanging indefinitely.
Same architecture (encrypted key storage, audit logging, rate limiting), different platforms:
@oktopeak/clio-mcp)@oktopeak/mycase-mcp)@oktopeak/filevine-mcp)Built by Oktopeak — a SaaS product agency for regulated industries.
Be the first to review this server!
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
by Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption