Health Provider & Compliance Intelligence
Developers

API & MCP reference

Base URL https://health.dropwatchhq.com. Auth via x-api-key header or ?key=. No key = free tier (single screens + limited lookups). Public data only — no PHI.

1 · screen the core compliance call

Screen a provider against OIG-LEIE (and SAM.gov if configured). NPI match is exact; name match is flagged and identity-cautious.

GET /v1/screen?npi=1234567890
GET /v1/screen?name=Acme%20Medical%20LLC&state=FL

# response
{ "matched": true, "clear": false,
  "findings": [ {"list":"OIG-LEIE","matchType":"npi","name":"...",
     "exclType":"1128a1","exclDate":"2024-03-19","source":"https://oig.hhs.gov/..."} ],
  "checkedAgainst": ["OIG-LEIE (HHS)"], "disclaimer": "..." }

2 · providers territory data

GET /v1/providers?specialty=Cardiology&state=TX&limit=200
GET /v1/providers?npi=1234567890
# returns NPI, name, specialty, license, location (+ excluded flag)

3 · new_exclusions the alert feed

Newly-added OIG-LEIE exclusions, optionally scoped by state/specialty. The signal behind the daily digest + webhook.

GET /v1/new_exclusions?state=FL&limit=60

4 · fda_enforcement

GET /v1/fda_enforcement?firm=Acme%20Devices%20Inc

5 · MCP (agent-callable)

Point any MCP client at https://health.dropwatchhq.com/mcp (Streamable HTTP, JSON-RPC 2.0). Tools: provider_lookup, screen_exclusion, new_exclusions, fda_enforcement.

curl -s https://health.dropwatchhq.com/mcp -H "content-type: application/json" \
  -H "x-api-key: hik_live_xxx" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call",
       "params":{"name":"screen_exclusion","arguments":{"npi":"1234567890"}}}'

6 · Watchlists & webhooks paid tiers

POST /v1/filters    {"name":"tx-cardio","filter":{"specialty":"Cardiology","state":"TX"}}
POST /v1/watchlist  {"target":"1234567890","webhook":"https://your.app/hook"}
# We POST {event:"new_exclusion",provider:{...}} to your webhook the day a watched
# provider (by NPI or name) is added to the OIG-LEIE list.

Honest scope

Provider and exclusion data are real and current (public NPPES + OIG-LEIE). The new-exclusion history (our moat) accrues from daily snapshots — thin the first days, sharper over weeks. NPI exclusion matches are exact; name matches are flagged as potential false positives. We never process PHI.