charliehzm

charliehzm / medharness

Public

Harness Engineering for Medical AI Coding · HIPAA + PIPL compliant · 12-step SOP + 5-step micro + 23 Skills + 8 MCP servers · Apache 2.0

github.comcharliehzmmedharness ai-coding claude-code compliance healthcare hipaa
13
1
85% credibility
Found May 24, 2026 at 18 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

MedHarness is a framework for building medical AI coding applications with healthcare compliance built into every step. It provides a 12-step workflow (SOP) that guides teams through planning, building, and deploying AI features while automatically protecting patient privacy. The system includes automatic detection and protection of sensitive health information, controlled routing of AI models through approved lists, and tamper-proof audit logging. It's designed for healthcare software teams that need to comply with regulations like HIPAA (US) or PIPL (China) while building AI-assisted medical tools.

How It Works

1
🏥 Your team needs to build medical AI software

You work at a healthcare company and need to create AI-assisted tools that handle patient information safely while following healthcare regulations.

2
🛡️ You discover a compliance-first framework

MedHarness offers a structured way to build medical AI applications with built-in protection for patient privacy and healthcare compliance built into every step.

3
⚙️ You set up the framework for your project

A setup wizard asks about your company type, team size, and which regulations you need to follow (like HIPAA or PIPL), then creates a customized project for you.

4
Your team works through the 12-step process
🔍
Automatic privacy protection

Before any patient information reaches an AI model, it's automatically scanned and protected

📋
Model routing control

Your AI models are chosen from an approved list, ensuring they meet your compliance requirements

📝
Complete activity logging

Every action is recorded in a tamper-proof audit trail that proves what happened and when

5
Compliance officers review and approve

Before your feature goes live, a compliance officer signs off on it, and the system verifies all requirements are met.

🎉 Your feature is ready and auditable

Everything is packaged into a complete audit bundle with proof of compliance, ready for deployment or regulatory review.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 18 to 13 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is medharness?

Medharness is a Python-based compliance framework for medical AI development that enforces HIPAA and PIPL regulations throughout the entire coding workflow. It provides a structured 12-step standard operating procedure with built-in guardrails, including real-time PHI detection, data desensitization, and audit logging with cryptographic hash chains. The framework runs as a collection of MCP servers that intercept AI model calls, validate compliance tags, and route requests through approved model allowlists.

Why is it gaining traction?

Medical AI developers face a minefield of compliance requirements that are easy to accidentally violate. Medharness addresses this by making compliance automatic rather than manual. The fail-closed design philosophy means any uncertainty results in blocking rather than risky permissive behavior. Developers get a complete audit trail with tamper-evident logging, and the model router ensures prompts only reach pre-approved endpoints. The framework also includes a dry-run mode for testing workflows without touching production systems.

Who should use this?

Healthcare software teams building AI-assisted features should evaluate this framework, particularly those working with patient data or operating under strict regulatory oversight. Compliance officers who need verifiable audit trails for HIPAA or PIPL audits will appreciate the cryptographic hash chains and sealed audit bundles. Organizations using Claude Code, Copilot, or similar AI coding tools for medical applications can use Medharness as a governance layer. Note that this is an early-stage project with limited community adoption, so teams should budget time for integration work and expect to contribute back findings.

Verdict

Medharness tackles a real problem with thoughtful architecture, but with only 13 stars and alpha status, teams should treat it as a serious engineering investment rather than a plug-and-play solution. The 0.85 credibility score reflects solid technical design, but maturity concerns warrant a trial evaluation before committing to production use.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.