# HealthWatch > HealthWatch is a private, invitation-only health-research companion for people who track everything — and a health-reasoning substrate that AI agents can call. It fuses one person's labs, CGM, wearables, and FHIR records with 1,400+ curated longevity sources and PubMed, then returns grounded answers with provenance, calibrated confidence, and an honest verdict. HealthWatch has two users: the human who owns the data, and the AI agent acting on their behalf. The same neutral fusion layer serves both — humans get a chat + biometric dashboard; agents get a verifiable `HealthAssertion` (claim, evidence, calibrated confidence, verdict, provenance) over MCP, trust-tiered by who is asking. Important: HealthWatch is positioned as educational and research, not medical advice. It does not diagnose, prescribe, or auto-act — no ordering, booking, or purchases. Every assertion carries its grounding and an explicit "not medical advice" flag. Raw personal health data (PHI) is never exfiltrated to a third-party agent. ## For humans - [Home](https://healthwatch.id/): What HealthWatch is — fuse your health data into grounded, cited answers with debate mode and N-of-1 experiments. Invitation only. - [Pricing](https://healthwatch.id/pricing): Plans and what each tier includes. - [Sign in](https://healthwatch.id/signin): Invitation code, then Google sign-in. ## For AI agents - [Agent overview](https://healthwatch.id/for-agents): The human-readable contract — the HealthAssertion envelope, the trust × PHI tiers (T0–T3), and the planned MCP tool surface. Honest status: most tools are spec/preview, not yet live. - [Machine contract](https://healthwatch.id/.well-known/agent.json): Machine-readable discovery — name, contract version, tier map, planned tools, metering rails, contact. - [HealthAssertion schema](https://healthwatch.id/.well-known/health-assertion.schema.json): JSON Schema for `HealthAssertion/v1`, the unit of trust every answer is returned as. ## What an answer is Every HealthWatch answer is a `HealthAssertion/v1` object, not free prose: a `claim`, the `evidence` behind it (each with a source + trust tier + url), a `verdict` (one of STRONG_SUPPORT / MODERATE_SUPPORT / WEAK_SUPPORT / INSUFFICIENT_EVIDENCE / CONTESTED / AGAINST), a calibrated `confidence` in [0,1], explicit `uncertainties`, walk-it-back `provenance`, and a `not_medical_advice` flag. The uncertainty that makes a human hesitate is exactly what an agent needs to act responsibly. ## Trust × PHI tiers (who is asking decides what they see) - T0 — Public: any agent. Curated KB + PubMed grounding and evidence synthesis. Zero PHI. (MCP, planned.) - T1 — Aggregate: any paid agent. Cohort statistics with a k-anonymity floor (cells under the threshold are suppressed, not estimated). (MCP, planned.) - T2 — Compute-to-data: vetted agent + consent. An algorithm runs inside HealthWatch over consented data; only the aggregate result leaves. Raw rows never move. (ACP job + review, planned.) - T3 — Personal: the user's own delegated agent only. That user's full record, Twin, and N-of-1 — with their revocable consent. (Delegated OAuth, planned.) ## Legal - [Terms](https://healthwatch.id/terms): Terms of use, including the not-medical-advice and user-responsibility terms. - [Privacy](https://healthwatch.id/privacy): How personal health data is handled and the PHI boundary guarantees. ## Contact - Agent access requests and questions: danny.taniwan@gmail.com