Purpose/Significance Focusing on the data interaction scenarios of application programming interface (API) in medical institutions, through the construction of an intelligent risk monitoring platform, in order to identify high-risk vulnerabilities, prevent data leakage, and strengthen data interaction security.Method/Process Bypass flow analysis is implemented by adopting the data plane development kit technology to monitor the access behavior of hospital business systems in real time. Based on the 10 types of API security vulnerabilities released by OWASP, an assessment mechanism is established. Abnormal risks are identified through a multi-dimensional risk strategy model. Combined with daily data security operations, a data interaction security guarantee system of “analysis-assessment-monitoring-traceability” is constructed. Result/Conclusion The hospital has carried out special rectification for API security vulnerabilities, data leakage, web attack, account security and other risks detected by the platform, avoiding the occurrence of data leaks, improving the hospital’s data interaction monitoring level and security protection capabilities.