MCP Nextmotion: GDPR Compliance & Responsibilities

The Model Context Protocol (MCP) is an open standard created by Anthropic in 2024. It allows an AI assistant like Claude to connect to external applications through a secure connector, to read information and execute actions.

The Nextmotion MCP connector allows your team to interact with your Nextmotion account in natural language from Claude Desktop, Claude.ai, or Claude Code. Examples of available actions: viewing appointments, creating quotes, searching patient records, and extracting activity statistics.

The Nextmotion MCP is currently available with Scale and Enterprise plans. It is activated upon client request, via OAuth authentication from mcp.nextmotion.net.

This section describes precisely what happens when a user submits a request via Claude to the Nextmotion MCP.

Typical request flow

1. 1

   The user submits a request in Claude (Claude Desktop, Claude.ai, or Claude Code).

2. 2

   Claude, hosted by Anthropic, interprets the request. If it requires Nextmotion data, Claude calls the Nextmotion MCP connector.

3. 3

   The Nextmotion MCP connector receives the call, authenticates the user via their account's OAuth token, and queries the Nextmotion API hosted on our HDS-certified servers in France.

4. 4

   The Nextmotion API returns the requested data to the MCP connector, which transmits it to Claude.

5. 5

   Claude receives the data in its processing context to formulate a response. The data is processed in memory by Claude, then the response is displayed to the user.

What this means for your data

Your patient data is stored at rest on our HDS-certified servers in France. It remains under Nextmotion's control.

When a user triggers an MCP request involving patient data, the elements necessary for that request are transmitted to Claude for processing. These elements then transit through Anthropic's infrastructure.

Anthropic does not persistently store this data under a Claude Team or Enterprise subscription with the "no training" policy enabled. However, a transfer does take place, and this transfer must be legally framed by your organization (see section 4).

Nextmotion, as a data processor under Article 28 of the GDPR, undertakes the following commitments.

HDS-certified hosting

All personal health data of your patients is hosted on our servers certified as HDS (Hebergeur de Donnees de Sante / French Health Data Hosting certification, v2.0), in accordance with Article L.1111-8 of the French Public Health Code. Data centers located in France. Encryption at rest and in transit.

MCP connector security

The Nextmotion MCP connector operates via OAuth-authenticated APIs. No patient data is accessible without prior authentication. All calls are logged for audit purposes.

Access tokens are revocable at any time from your Nextmotion admin dashboard. You can disable the MCP instantly if you have any concerns about access.

Data Processing Agreement (DPA)

Nextmotion offers a data processing agreement compliant with Article 28 of the GDPR to each client clinic. This DPA is available upon request from our team and specifies:

• The purposes and means of processing
• Technical and organizational security measures
• Nextmotion's obligations regarding incident notification
• Sub-processing conditions

Documentation & audit

We make the following available to auditing clients:

• Our information security policy
• Our HDS compliance reports
• The list of our sub-processors
• Our incident management and notification procedures

These documents are accessible upon signed request (NDA possible).

As the data controller, your organization (practice, group, clinic) retains several obligations that Nextmotion cannot assume on your behalf.

Choose an appropriate Claude subscription

For GDPR-compliant use of the MCP with patient data, your organization must subscribe to Claude Team or Claude Enterprise (not Claude Free or individual Claude Pro). The choice of subscription tier is your responsibility. Nextmotion cannot control which Claude subscription your users connect to the MCP.

Sign a DPA with Anthropic

Anthropic provides a DPA (Data Processing Addendum) that your organization must download, sign, and archive. This document legally frames the processing by Anthropic as a sub-processor. Without a signed DPA with Anthropic, any personal data transfer via the MCP is challengeable under Article 28 of the GDPR.

Enable EU data residency

When creating your Claude Team or Enterprise workspace, you must enable the "EU data residency" option. This activation is not retroactive: it can only be configured during the initial workspace creation. If your workspace already exists without this option, creating a new dedicated workspace may be necessary.

Document the processing in your GDPR register

Your register of processing activities (Article 30 of the GDPR) must explicitly mention:

• The activity "AI Assistance via Nextmotion MCP"
• The purposes of processing
• The categories of data concerned
• The recipients (Nextmotion as processor, Anthropic as sub-processor)
• Associated security measures

Conduct a Data Protection Impact Assessment (DPIA)

Article 35 of the GDPR requires an impact assessment for large-scale health data processing. Using the MCP with patient data falls into this category. This DPIA must be written, dated, and retained by your organization. A template is provided in section 6 of this page.

Inform your patients

Your patient-facing privacy policy must mention the use of artificial intelligence tools in the processing of their data, as well as the processors involved. This information is required under Articles 13 and 14 of the GDPR.

For a clinic getting started with the Nextmotion MCP, here is the minimum recommended configuration.

Subscription

Claude Team starting from two users (indicative pricing around 25 to 30 euros per user per month). Claude Enterprise for organizations with more than fifty users or multi-site clinic groups.

Settings to enable at workspace creation

• Data region: Europe
• Training on conversations: disabled (default on Team and Enterprise)
• SSO: recommended for organizations with more than 5 users
• Audit logs: enabled and accessible by the administrator

Settings to monitor after activation

• Periodic log export for archiving (quarterly recommended)
• Review of users with MCP access (biannual recommended)
• Verification of Anthropic's sub-processor list (annual)

Alternatives for more sensitive use cases

If your organization processes large volumes of particularly sensitive data, or if your DPO requires a stricter level of compliance, alternatives exist:

• Azure OpenAI Service (HDS-certified in France via Microsoft)
• Mistral via Outscale (SecNumCloud 3.2 and HDS)

These alternatives are not yet natively compatible with the Nextmotion MCP connector. They will be considered in a future product version based on demand.

This section provides a simplified DPIA template that your DPO can use as a starting point to document the use of the Nextmotion MCP.

For any inquiry regarding the compliance of the Nextmotion MCP:

• DPA requests, audit or technical documentation: contact@nextmotion.net
• Client support: contact form

This page is updated regularly. Last revision: April 22, 2026.