Secure. Anonymize. De-Identify. Encrypt.
The cmEdge™ application is software that can be installed on an existing hospital or clinic machine. It contains a DICOM listener that receives images via a STORESCU request from a client’s PACS. When an image is received the cmEdge application anonymizes DICOM PHI by removing unnecessary information from the DICOM headers. Only anonymized DICOM files are uploaded to the CureMetrix Cloud Platform for processing. Elements in the DICOM header that are required for communication with the client’s PACS are obfuscated in the DICOM header by replacing them with unique random text. The original values are stored in an encrypted state in the cmEdge process.
Once the images are analyzed by the CureMetrix Cloud Platform, a DICOM Structured Report (SR) is returned to the cmEdge application. In order to link the DICOM SR to the original patient, the cmEdge application maintains an encrypted index on the local system. When DICOM SR results are received, the cmEdge application de-anonymizes identifying fields in the report and sends the de-anonymized DICOM SR back to the calling PACS for review. The cmEdge application returns the DICOM SR back to the hospital PACS via a STORESCU request.
Encrypted PHI stored in the cmEdge application is deleted once the DICOM SR is received by the client’s PACS or after 24 hours, whichever happens first. All communication between the cmEdge application and the CureMetrix Cloud Platform uses the HTTPS protocol. DICOM files stored in the cloud are encrypted at rest using AES-GCM.