Own your health data. Connect any AI.
MyHealth-Europe is an open-source Model Context Protocol (MCP) server that gives European citizens self-hosted control over their health data and lets them connect any AI agent to it — on their own terms. Built on FHIR, MCP, and OAuth 2.1.
The problem
European health data lives in vendor silos.
Apple Health, Google Health Connect, Epic MyChart — each holds a fragment of a citizen's medical history, and none lets a European resident point a third-party AI agent at that data under their own conditions. The agent layer is captured by whoever holds the data.
Data lock-in
Records are scattered across providers, labs, pharmacies, and devices. Even where HL7 FHIR exists, real interoperability is patchy. Patients export PDFs, not queryable data.
Agent lock-in
When a vendor offers an AI assistant over your health data, it runs on the vendor's infrastructure, on their chosen model. You cannot swap in a local, open-weights, or EU-hosted model.
No AI-data permissions standard
OAuth gives apps access; FHIR gives APIs to data. But there is no widely deployed standard for "AI agent reads my data, with these scopes, for this duration, with audit log".
The solution
An open-source MCP server you run yourself.
The citizen self-hosts the server on a personal device or hosted instance. Imports their FHIR records once from any compliant source. When an AI agent — any agent, any model — needs access, it requests specific scopes. The user approves. The agent gets a bounded, time-limited, audit-logged token. Nothing leaves the user's environment unless the user sends it.
Built on open standards
Three open standards. No proprietary glue.
We do not invent new protocols. We compose three open, well-governed standards in a way that hasn't been codified before for AI-agent access to personal health data.
The lingua franca of EU national e-health systems. Used by Germany ePA, Estonia Digilugu, France Mon Espace Santé, and EU Health Data Space (EHDS).
Model Context Protocol. An open, multi-vendor specification for connecting AI agents to data sources. EU-friendly: no vendor licensing, runs on any model.
Universal authorization framework. We extend the standard scope semantics for AI-specific access patterns: per-record-type scope, time-bound tokens, per-access audit entries.
What we deliver
Nine months. Open source. Audited.
Concrete, milestone-tracked deliverables under recognised open-source licenses. Every release is signed. Every interface is documented. Independent third-party security audit before final release.
FHIR ingester for 3 source types
Adapters for eHealth Ukraine bulk export, Estonia Digilugu, and Apple Health export.OAuth 2.1 consent gateway
Scope-by-record-type tokens, time-bound access, per-access audit log.Reference UI client
Web-based, self-hosted UI for the consent flow. WCAG 2.1 AA compliant.Cross-border reference agent
Prescription continuity, insurance comparison, and language bridging for UA-EE-PL-DE flows.Self-hosting + replication guide
Deployment kit for individuals, hosting providers, and downstream adopters.Independent security audit
Third-party EU/NL audit firm with FHIR experience. Report published. All medium+ findings closed before v1.0.Threat model + operational guide
Self-hosting shifts certain risks to the user — we address them as a first-class deliverable.License plan
Permissive on infrastructure. Copyleft on the reference.
A deliberate license split. Apache 2.0 on infrastructure components so national e-health teams, hospital integrators, and other open-source projects can adopt without copyleft friction. AGPL 3.0 on the deployable reference agent to close the SaaS loophole — no closed forks of the reference deployment. Same pattern as Mastodon, Nextcloud, Sentry, Standard Notes, Open edX.
| Component | License | Why |
|---|---|---|
| MCP server core | Apache 2.0 | Maximum adoption by integrators and downstream projects. |
| FHIR ingester adapters | Apache 2.0 | Reusable plumbing — should not be friction. |
| Reference UI client | Apache 2.0 | Template for downstream UI implementations. |
| Cross-border reference agent | AGPL 3.0 | The deployable artifact. Strong copyleft prevents closed SaaS forks. |
| Documentation, replication kit | CC BY-SA 4.0 | Standard for shareable documentation. |
Project status
Where we are.
Transparent. Pre-submission stage. We publish status updates here as the project moves.
Project scoped to citizen-controlled MCP server with cross-border reference agent. Name "MyHealth-Europe" adopted.
14-section Ukrainian internal brief + form-ready English proposal pre-sized to NLnet character limits.
Letters of intent from individual cross-border pilot testers in Germany. Public repository with README and license files.
Live Q&A with the NLnet team before final submission.
Final form submission to NGI Zero Commons Fund (3-day buffer to hard deadline 1 June 2026 12:00 CEST).
9-month implementation window. M1 milestone (public repo, CI/CD, security baseline) within first month.
The team
Four co-founders. One internal cooperation agreement.
MyHealth-Europe is delivered by a four-person team with defined roles. Ruslan Hryban is the formal applicant and project lead; the team operates collectively under an internal cooperation agreement.
Ruslan Hryban
11+ years systems engineering, 3+ years AI-agent product engineering. Operator of HealBot.pro (health AI agent in production). Ukraine.
Oleksandr Suraiev
Project management, coordination with funder, regulatory tracking, reporting interface. Ukraine.
Dmytro Myroshnykov
EU partnerships, outreach to municipalities and downstream adopters, post-grant sustainability strategy. Ukraine.
Tetiana Hryban
Healthcare and regulatory navigation, end-user voice for the cross-border use case. Germany-resident, native carrier of the UA-EU cross-border health-data scenario.
Building European health-data commons.
Follow the public repository for release tags, milestone updates, and contributor calls. No mailing list, no tracking — just commits.