The integrity of distributed healthcare databases is continuously threatened by unauthorized modifications, hardware faults, software vulnerabilities, and increasingly sophisticated cyberattacks. Traditional relational and NoSQL database systems rely on centralized access-control mechanisms and periodic audit logs that cannot provide cryptographic proof of unaltered history or real-time anomaly detection. This paper presents ChainGuard, a novel middleware framework that integrates Ethereum-based smart contracts, a network of IoT integrity-sensing nodes, and an AI-powered anomaly classifier to provide end-to-end, tamper-evident integrity assurance for distributed healthcare information systems. ChainGuard records SHA-256 hash digests of critical database state snapshots onto a permissioned Ethereum ledger, while a constellation of lightweight IoT agents embedded at database server nodes continuously monitors system-level indicators—I/O throughput, memory bus activity, and cryptographic nonce validation—at ten-second intervals. Deviations from baseline behavior trigger smart-contract-enforced quarantine procedures that freeze suspect transactions and emit verifiable incident records onto the immutable ledger. A Random Forest classifier trained on 12,000 synthetic database-event logs achieves 96.4% accuracy in discriminating legitimate bulk insertions from covert data-tampering attempts. Evaluation across three clinical deployment scenarios demonstrates that ChainGuard reduces mean time to tamper detection from 47 minutes (baseline centralized audit) to 38 seconds, with a false-positive rate of 1.7%. The framework is deployable on existing PostgreSQL and MongoDB infrastructure without schema modification, making it an immediately practicable path toward regulatory compliance with HIPAA, GDPR, and the forthcoming NIS2 Directive.