Purpose/Significance To explore the scenarios, problems and countermeasures of applying application programming interface (API) traffic monitoring technology to the demilitarized zone (DMZ) of hospitals, so as to enhance the hospitals’ data security protection capabilities. Method/Process The API traffic monitoring system is deployed in the DMZ of the hospital. Traffic is obtained through mirroring. Existing data is pre-classified and graded, sensitive data labels are defined, API asset ledgers are established, API security vulnerabilities are analyzed, risk scenario audit models are designed, and user access behaviors are monitored in real time. Result/Conclusion The system actually monitors an average flow of nearly 1G and a peak flow of nearly 2G, identifies over 80 000 API and over 2 000 applications, and achieves full flow monitoring of core business in the hospital’s DMZ, and effectively protects patients’ privacy data.