How awaBerry is Transforming Healthcare Research: AI Agents, OMOP Data, and Zero-Trust Access

A lead pharmaceutical researcher transforms a simple natural language request into a global data search across five international hospitals — securely, privately, and without a single open port or VPN. Here is how the awaBerry Agentic API makes it possible.

awaBerry in Healthcare — AI-Driven Patient Data Aggregation

Of all the use cases I get to talk about in my work at awaBerry, healthcare is the one that stops me in my tracks every time. Not because it is the most technically complex — though it is certainly demanding — but because the stakes are so tangible. When we talk about secure access to patient data, we are not talking about convenience. We are talking about research that saves lives.

Let me walk you through a scenario that is not hypothetical. It is the kind of workflow that our customers in pharmaceutical research are running today.

The Researcher and the Challenge

Dr. Elena Vasquez is a lead pharmaceutical researcher working on a multi-centre study of a rare autoimmune condition. Patient data relevant to her research exists at five hospitals across three continents — all of them storing their records in the OMOP Common Data Model, the international standard for structured clinical observational data.

The traditional path to accessing that data involves months of data sharing agreements, VPN configurations at each hospital, bespoke extraction scripts written for each site, and a small army of IT staff coordinating across time zones. By the time the data is in one place, the research window has often narrowed significantly.

Elena's team uses awaBerry instead.

The awaBerry Agentic API in a Healthcare Context

Each participating hospital has registered its research data server with awaBerry. The devices are connected via outbound-only HTTPS tunnels — nothing in the hospital network exposes an inbound port to the internet. The awaBerry Agentic API is configured with a scoped Project Key for Elena's research consortium, with precisely defined permissions: read access to specific OMOP-structured directories, no write permissions, standard user privilege, and an explicit command allowlist that prevents any action outside of the approved data extraction queries.

When Elena is ready to run a data pull, the workflow looks like this:

She describes her query in natural language — for example: "Retrieve anonymised records for patients aged 18–65 diagnosed with condition X in the past five years, including medication history and lab values, from all five partner sites."
Her AI agent translates that into structured OMOP queries using her organisation's data model knowledge.
The agent authenticates with the awaBerry Agentic API using the consortium's Project Key and Secret.
A scoped, encrypted tunnel opens to each of the five hospital research servers — one at a time, or in parallel if the project configuration permits it.
The approved queries execute locally on each hospital's server. Anonymised, aggregated results are returned over the encrypted tunnel.
The agent synthesises the results and delivers a structured analytical output — ready for Elena's research team to work with.

The entire process — from natural language input to aggregated, anonymised insights — takes seconds to minutes, not months.

Why Zero-Trust Is Non-Negotiable in Healthcare

It is worth being explicit about what zero-trust means in this context, because healthcare has specific requirements that general-purpose remote access tools simply cannot meet.

Every access event through the awaBerry Agentic API generates a full audit trail: the calling identity, the timestamp, the specific device accessed, the commands issued, and the data returned. That audit trail is available for inspection in the awaBerry dashboard and can be fed directly into a SIEM. For a hospital's information security team, this is not a nice-to-have — it is a compliance requirement.

The scoped permission model means that even if Elena's Project Key were somehow compromised, the attacker could not escalate beyond the narrow set of read-only OMOP queries on the approved directories. There is no lateral movement. There is no network-level access to the rest of the hospital's infrastructure. The key is useless for anything outside the scope it was issued for.

And when the research project concludes, the project is deleted in the awaBerry dashboard. Access terminates immediately. No VPN credentials to revoke. No firewall rules to clean up. No residual artifacts.

OMOP and the Promise of Structured Clinical Data

The OMOP Common Data Model is one of the most important developments in clinical research of the past decade. By standardising the structure of observational health data across institutions, it makes it possible to ask the same question of multiple hospitals' data without custom translation at each site. awaBerry's Agentic API is a natural complement to OMOP-structured environments: it provides the secure, auditable access layer that lets AI agents traverse OMOP-enabled research networks without opening those networks to unnecessary exposure.

This is what I mean when I say awaBerry is built for the AI age. It was not retrofitted to support agentic workflows. It was designed from the ground up to be the secure access layer that autonomous systems — whether AI agents or scripted pipelines — need to interact with the physical and clinical world responsibly.

The data that saves lives deserves the access model that protects it. Explore the Agentic API →

Business

Automate operations, manage fleets, and enable secure remote work for your entire team.

Try for Free

Private

Access your home devices, automate personal tasks, and share access with family — for free.

Freemium Plan Available

Research

Access lab hardware, automate data collection, and collaborate across institutions.

Request Free Usage