Hospital, Payer & Life-Sciences AI

Clinical-grade AI: imaging triage in <5s, FDA-track CDS, ambient documentation that cuts charting 40%

We build inference systems for hospitals, IDNs, payers, and life-sciences sponsors - DICOM-native imaging triage, guideline-grounded clinical decision support, ambient SOAP-note dictation, and population-health risk stratification. Shipped with the regulatory artefact pack that hospital security review, IRB, and FDA pre-submission actually ask for.

Imaging triage under 5 seconds per study - DICOM ingestion, CNN + Vision Transformer ensemble, AUC 0.94+ at the operating point hospitals actually want (sensitivity ≥0.95 for ICH, PE, large-vessel occlusion)
FDA 510(k)-track clinical decision support - guideline-grounded RAG over UpToDate, DynaMed and specialty bodies; CDS Hooks fired from Epic / Cerner workflows with full citation provenance
Ambient documentation cutting charting time ~40% - multi-speaker diarisation, SOAP-note generation, ICD-10-CM + CPT code suggestion with HCC capture, EHR write-back through SMART on FHIR
PHI never leaves your BAA boundary - full training + inference inside HIPAA-eligible AWS / Azure for Health / GCP Healthcare API; Safe Harbor de-identification or Expert Determination paths for research datasets
Regulatory & Interoperability Coverage

What our clinical AI is built to

Privacy & security
HIPAA + HITECHSOC 2 Type IINIST 800-66GDPR Art. 9UK DPA 2018
Medical device & interop
FDA 510(k) prepFDA AI/ML SaMD PCCPISO 13485IEC 62304ONC Health IT CertHL7 FHIR R4HL7 v2 ADT/ORUDICOM SRUSCDI v3
Track record
50+
Projects delivered
96%
Client satisfaction
2019
Founded

Six AI systems we build for hospitals, payers & sponsors

Each one ships as an inference service plus the regulatory artefact pack - model card, clinical evaluation, ISO 14971 risk file, bias and subgroup-performance report, monitoring playbook - so hospital IT security, IRB, and FDA pre-sub reviews pass on the first cycle.

Medical imaging triage & worklist prioritisation

DICOM-native, <5s per study, AUC 0.94+ at clinical operating points

  • DICOM ingestion direct from modalities (CT, MR, CR, DX, MG, US) and the PACS - DIMSE C-STORE and DICOMweb (QIDO-RS / WADO-RS) with full SOP-class fidelity; structured reports (DICOM SR) emitted on every finding
  • Model ensemble: CNN backbone (EfficientNet-V2, ConvNeXt) plus a Vision Transformer head - trained on rad-confirmed labels, calibrated at the sensitivity hospitals demand (≥0.95 for ICH, PE, large-vessel occlusion, pneumothorax)
  • Workflow integration with Sectra PACS, Philips IntelliSpace, GE Centricity Universal Viewer, Visage 7, Change Healthcare Stratus - bidirectional via HL7 ORM/ORU and FHIR ImagingStudy / DiagnosticReport resources
  • Drift dashboards per modality, per device, per site - scanner upgrades and protocol changes are the #1 cause of silent degradation; we alert on KL-divergence over input feature distributions before AUC ever drops

Guideline-grounded clinical decision support

FDA 510(k)-track CDS, CDS Hooks-fired, citation-traceable

  • Retrieval over the clinical canon: UpToDate, DynaMed, NCCN, AHA/ACC, USPSTF, CHEST, IDSA - every recommendation links to the exact source paragraph and version date the model cited, no hallucinated guidance
  • Drug interaction and dose checks against DrugBank, RxNorm, NDF-RT and First Databank - surfaces QT-prolongation risk, renal-dose adjustments, and pregnancy categories at the point of prescribing
  • Fired through HL7 CDS Hooks (patient-view, order-sign, order-select) from Epic, Cerner, Meditech and athenaOne - sub-second latency on the order-entry hot path, no page-load tax for the clinician
  • 510(k) regulatory pathway support: predicate device analysis, clinical evaluation, software lifecycle per IEC 62304, risk management per ISO 14971, and Predetermined Change Control Plan (PCCP) drafting per the FDA's 2024 guidance

Ambient clinical documentation

Cuts charting ~40%, write-back via SMART on FHIR

  • Multi-speaker diarisation (clinician / patient / family member) with on-device wake-word and HIPAA-aware redaction - audio is processed inside the BAA boundary, not shipped to a public consumer ASR endpoint
  • SOAP-note generation with explicit headers (Subjective, Objective, Assessment, Plan) and structured Plan items linked to orders - clinician edits become RLHF signal that personalises the model to their dictation style
  • ICD-10-CM and CPT/HCPCS code suggestion with HCC recapture for Medicare Advantage - surfaces conditions that warrant documentation under Risk Adjustment without prompting upcoding
  • EHR write-back via Epic App Orchard, Cerner Code, Meditech Greenfield, or SMART on FHIR launch - DocumentReference, Encounter and Condition resources posted on sign-off, never auto-filed

Population health & risk stratification

Readmission, deterioration, SDOH-aware, fair-care validated

  • 30-day readmission prediction extending LACE+ with claims, SDOH (food insecurity, housing instability, transportation) from area-deprivation indices and Z-codes, and longitudinal lab trajectories - AUC typically 0.78–0.84 on validation cohorts
  • Deterioration prediction (sepsis, AKI, clinical decompensation) on the inpatient floor - streaming features off the Epic Bridges or Cerner Millennium event feed, scored every 15 minutes, results posted into the Rover and PowerChart inboxes
  • Fair-care validation: subgroup AUC, calibration parity, and equal-opportunity-difference metrics across race / ethnicity / payer / language preference - a fairness report ships with every model, mitigations applied where disparities exceed thresholds
  • Clinician explainability via SHAP per case with plain-English reason codes - not a black-box risk score; the bedside RN sees which features (lactate trend, RR variability, MEWS, social factors) drove the alert

Revenue cycle & prior-authorisation automation

Denial prediction, PA NER, claims-edit before submission

  • Denial prediction pre-submission: gradient-boosted models over CARC/RARC denial-reason codes from historical X12 835 remittances - surfaces likely denials before the 837 ever leaves the clearinghouse
  • Prior-authorisation document parsing: NER on insurance forms, payer-policy PDFs, and clinical attachments - auto-fills the payer portal or the X12 278 transaction set, evidence-cited against the payer's medical-necessity policy
  • Underpayment recovery: contract-modelled expected vs paid analysis against fee schedules - flags shortfalls so the revenue integrity team works the high-value claims first
  • Coding QA: flags downcoding risk on E/M documentation and under-captured comorbidities - HCC RAF score uplift without prompting fraud, with full audit trail for OIG-defensible posture

Genomics & multi-modal trial matching

Eligibility-criterion parsing, biomarker-aware cohort scan

  • Eligibility-criterion extraction from clinicaltrials.gov: turns free-text inclusion/exclusion into structured FHIR ResearchStudy + EligibilityCriteria resources matchable against EHR data
  • Biomarker-aware matching for oncology: BRCA1/2, EGFR, ALK, KRAS G12C, PD-L1 TPS, MSI-H/dMMR, HER2 IHC and FISH - pulled from molecular pathology reports via structured DICOM SR and NLP over PDF
  • Cohort embedding search across the patient population: longitudinal vectors over diagnoses, medications, labs and procedures - identifies similar-patient cohorts for retrospective study design and external-control arms
  • Federated learning options for multi-site sponsors - patient-level data never leaves each site's enclave, only encrypted gradients; supports BAA-bounded research consortia and post-market surveillance

Healthcare-grade data infrastructure

Clinical data is not generic event data. It moves through HL7 v2, FHIR R4, DICOM and X12 - not JSON. A misread lab is a clinical incident. A breach is a CMP and a public OCR posting. Here is what we actually build.

Clinical interop protocol fluency

HL7 v2, FHIR R4, DICOM, X12 - the wire formats clinical data actually moves on.

  • HL7 v2.x message handling: ADT^A01/A03/A08 (admit / discharge / update), ORM^O01 + ORU^R01 (orders and results), MDM^T02 (documents), SIU (scheduling) - Mirth Connect or Rhapsody as the bus, signed ACKs, replay from store-and-forward on outage recovery
  • HL7 FHIR R4 over RESTful APIs and bulk export ($export NDJSON) - Patient, Encounter, Observation, Condition, MedicationRequest, DocumentReference, ImagingStudy, AllergyIntolerance, Coverage resources; conformance against USCDI v3 data classes
  • DICOM modality worklist (MWL) + storage commitment + structured reports (SR) - DIMSE on the LAN, DICOMweb (STOW-RS, QIDO-RS, WADO-RS) on the cloud edge, with whole-slide imaging (DICOM WSI) support for digital pathology
  • Payer flows over X12: 837 (claims), 835 (remittance), 270/271 (eligibility), 276/277 (status), 278 (prior auth) - and C-CDA documents for cross-organisational exchange (CCD, Consult Note, Discharge Summary)

PHI handling, de-identification & tokenisation

HIPAA Safe Harbor or Expert Determination - your choice, both audited.

  • Safe Harbor de-identification per 45 CFR §164.514(b)(2): all 18 identifiers stripped (names, geographic subdivisions smaller than state, dates more granular than year for anyone over 89, etc.) - automated pipeline with manual QA on edge cases
  • Expert Determination path when Safe Harbor is too lossy for research utility - statistical disclosure risk assessment, k-anonymity / l-diversity / t-closeness on quasi-identifiers, certified by a qualified statistician
  • Tokenisation for cross-source linkage without re-identification: HMAC-SHA256 with per-tenant pepper held in HSM, deterministic on (first_name_phonetic, dob, sex) so the same patient links across sites without ever exposing PHI
  • Audit-trail immutability for HIPAA breach investigations: every PHI access logged with user, purpose-of-use, resource, and timestamp - WORM storage on S3 Object Lock or Azure Immutable Blob, retained per state law (some require 25 years for minor records)

EHR integration - without breaking nightly batch

Epic, Cerner, Allscripts, athenaOne, Meditech, AdvancedMD.

  • Epic: App Orchard apps, Bridges interfaces, Cosmos research data, FHIR APIs, Chronicles / Clarity reporting - we have shipped SMART on FHIR launches that pass the Epic security review and Open .Epic certification
  • Cerner Millennium / Oracle Health: PowerChart integration via Cerner Code, Discern Explorer reports, CCL extraction, FHIR APIs and Ignite open developer experience
  • Allscripts Sunrise / TouchWorks, athenaOne via athenahealth Marketplace, Meditech Expanse via Greenfield APIs, AdvancedMD - adapter library maintained per vendor, version-pinned
  • Customer-path reads only against EHR read replicas or CDC; we never write back synchronously on patient-care critical paths. End-of-day census and billing batch windows are respected - pipelines checkpoint and resume

Streaming clinical pipelines & feature stores

From HL7v2 events to model-ready features in seconds.

  • Apache Kafka as the clinical event bus - HL7 v2 messages translated to FHIR R4 inline (e.g. ORU^R01 → Observation resources), partitioned by patient MRN for ordering guarantees, idempotent producers so a Mirth retry never double-posts a lab
  • PostgreSQL + TimescaleDB for time-series clinical data (vitals streams, telemetry, continuous glucose, cardiac), with hypertables compressed and downsampled - continuous aggregates for the 5-min / 1-hour / 24-hour rolling windows that ML features need
  • Pinecone or Qdrant for clinical embedding stores (note embeddings, problem-list embeddings, similar-patient retrieval) - Qdrant self-hosted inside the BAA boundary when leaving the enclave isn't allowed
  • dbt for quality-measure transformations - CMS eCQMs (eMeasures), HEDIS, MIPS - every metric a tested model with documented value sets from VSAC, not a hand-tuned SQL script no one trusts

FDA-trackable model registry & monitoring

Locked artefacts, PCCP-ready, drift detection that matters clinically.

  • MLflow as the model registry with locked, signed artefacts - every cleared model identified by hash, training data manifest, and validation report; no silent retraining on a 510(k)-cleared algorithm without a documented change
  • Predetermined Change Control Plan (PCCP) instrumentation per FDA's 2024 final guidance - pre-specified modifications, modification protocol, and impact assessment, with monitoring evidence captured live in production
  • Drift detection that actually matters clinically: subgroup calibration shifts, performance on rare-but-serious findings (LVO, perforation, sepsis), and demographic disparity over time - not just feature-distribution KL divergence
  • Audit-defensible MLOps: every prediction logged with model version, input features (de-identified where possible), output, and downstream clinician decision - feeds outcome-based monitoring and post-market surveillance reports

BAA-scoped cloud topology & multi-jurisdiction

HIPAA-eligible services only. EU and UK boundaries respected.

  • Reference deploys on AWS HIPAA-eligible services (S3 + KMS, EC2, EKS, Comprehend Medical, HealthLake, Textract), Azure for Health (Azure Health Data Services, FHIR service, DICOM service, Confidential Compute), GCP Cloud Healthcare API
  • Customer-managed KMS / Key Vault HSM / Cloud HSM keys for at-rest encryption - your keys, your rotation policy, BAA executed with the cloud provider before a single byte of PHI lands
  • Multi-jurisdiction deployments: EU patient data under GDPR Art. 9 stays in the EU region with no cross-border egress, UK under Data Protection Act 2018, with separate FHIR namespaces and consent records per jurisdiction
  • Air-gap option for the most restrictive environments (VA, DoD, classified research) - full MLOps stack self-hosted, signed offline update bundles, no internet egress; the pattern we use in regulated finance ports cleanly
Reference stack we have shipped to production
Mirth Connect / Rhapsody (HL7 v2 bus)Kafka (clinical event stream)FHIR R4 (Patient, Observation, Encounter)DICOMweb (STOW / QIDO / WADO)PostgreSQL + TimescaleDB (vitals streams)Qdrant / Pinecone (clinical embeddings)dbt (eCQM / HEDIS transforms)MLflow (FDA-trackable registry)AWS HIPAA-eligible / Azure Health / GCP Healthcare APIEpic App Orchard / Cerner Code / SMART on FHIRS3 Object Lock (WORM audit retention)HashiCorp Vault (PHI tokenisation pepper, HSM)

What hospitals & sponsors actually ask us

Technical answers to the HIPAA, FDA, EHR-integration and clinical-validation questions that come up in the first scoping call.

Ready to Transform Healthcare with AI?

Partner with us to build AI systems for clinical care coordination, drug discovery, EHR integration, and healthcare data engineering.

Clinical AI Agents
Predictive Diagnostics
Drug Discovery
EHR Integration