The VoxelMD Platform

PHI Never Leaves
Your Network.

VoxelMD de-identifies imaging data on your own infrastructure, processes it in a BAA-covered HIPAA cloud, and has results waiting before the radiologist opens the study. An architecture designed to pass your security review - not to survive it.

Zero PHI leaves your premises
Results ready at study-open
One click to PowerScribe / Rad AI
YOUR NETWORKPHI stays here · your infrastructure, our softwareVOXELMD HIPAA CLOUDde-identified data only · BAA-covered · CMEK encryptedTRUST BOUNDARY · OUTBOUND ONLYModality (CT · US · MR) & PACSstandard auto-forward routing — no workflow changeDe-Identification EngineDICOM PS3.15 profile · pixel-level scrubbing · random study IDIdentity Crosswalk — never leaves your networkencrypted map of patient ↔ study ID · we cannot re-identify dataLocal Result Cacheresults arrive before the radiologist opens the studyRadiologist Workstationinstant overlay at study-open · one click to PowerScribe / Rad AISecure Ingestper-site credentials · TLS 1.2+ · tenant isolationAI Processingstructured report drafting · prior comparison · scoringResults APIevery request audit-logged · auto-deleted after processingde-identified onlyresults pulled backno inbound ports — ever

How a Study Moves Through the Platform

Five steps, one trust boundary, no waiting radiologist.

  1. 1

    Your PACS forwards the study

    A standard auto-forward rule your PACS administrator has configured a hundred times before. The same integration pattern used by leading FDA-cleared radiology AI platforms.

  2. 2

    De-identification happens on your hardware

    Patient identifiers are stripped and replaced per the DICOM PS3.15 confidentiality standard - including pixel-level scrubbing of burned-in text on ultrasound and dose screens. The study receives a random identifier.

  3. 3

    Only de-identified data crosses out

    One outbound TLS connection, authenticated with your site's private credentials. The map linking studies back to patients stays encrypted on your network - VoxelMD is architecturally incapable of re-identifying your data.

  4. 4

    AI processes the study before it's opened

    Report drafting, prior comparison, and structured scoring run in our BAA-covered HIPAA cloud while the study is still sitting on the worklist.

  5. 5

    Results are waiting at study-open

    Your edge node pulls completed results back - no inbound firewall ports, ever. When the radiologist opens the study, the draft appears instantly. One click pushes it to PowerScribe or Rad AI.

The Liability Line

Three Things That Never Leave Your Site

This is the claim your CISO will test. It holds because of architecture, not paperwork.

Protected Health Information

Names, MRNs, dates, accession numbers, and burned-in pixel text are removed on your infrastructure before anything is transmitted.

The Identity Crosswalk

The encrypted table linking studies to patients lives only on your network. A breach of our cloud would yield anonymous images with random IDs - and no way to map them to any person.

The Ability to Re-Identify

Because the crosswalk never leaves your site, re-identification is physically impossible from our side. That is a structural guarantee, not a policy promise.

Built for the Security Review

Every claim below is architectural and auditable. Bring your IT team, your compliance officer, and your hardest questionnaire.

Outbound-Only Connectivity

Your firewall change is a single outbound HTTPS rule. Results are pulled by your edge node, never pushed in. No VPN, no inbound ports, no attack surface added to your network.

Standards-Based De-Identification

DICOM PS3.15 Annex E confidentiality profiles - the same standard used by NIH's Cancer Imaging Archive - implementing HIPAA Safe Harbor, with documented QA sampling during onboarding.

Defense-in-Depth Cloud

Even though only de-identified data reaches our side, we run it to PHI standards anyway: Google Cloud under a signed BAA, customer-managed encryption keys, per-site tenant isolation, automatic deletion after processing.

Full Audit Trail

Every study, request, and result is logged to immutable, retention-locked storage. Your compliance team gets an answer, not a shrug, when they ask what happened and when.

BAA Offered by Default

We sign a Business Associate Agreement with your group even though the architecture means de-identified data only - belt and suspenders, and one less negotiation.

SOC 2 Readiness Program

Continuous-compliance tooling, third-party penetration testing before go-live, and an active SOC 2 roadmap. Security questionnaires answered with evidence.

Zero-Latency by Design

The Radiologist Never Waits for AI

Most AI tools make an API call when the study is opened - and make the radiologist watch a spinner during the busiest part of their day. VoxelMD inverts the timeline: processing happens while the study is still on the worklist.

By the time the radiologist opens the exam, the draft report, prior comparison, and structured scores are already sitting in the local result cache. The overlay appears instantly, and one click pushes it into PowerScribe or Rad AI. No spinner. No workflow change. No excuse not to use it.

Typical AI tool

Study opens → API call → radiologist waits

VoxelMD platform

Study arrives → processed on worklist → result instant at open

Deployment Your IT Team Will Recognize

This is the same edge-node pattern established by leading imaging-AI vendors. Your PACS administrator has done each of these steps before.

One VM on your infrastructure

The edge gateway runs as containers on a modest virtual machine you control - on-premises or in your own cloud tenancy.

One firewall rule

A single outbound HTTPS egress to a named endpoint. Nothing inbound to review, nothing exposed.

One routing rule in PACS

Your PACS admin adds an auto-forward destination - the same procedure used for any DICOM node. We validate together, then go live.

Put It in Front of Your Security Team

We'll walk your IT and compliance stakeholders through the architecture, the de-identification standard, and the audit trail - question by question.