Clinical-grade AI: imaging triage in <5s, FDA-track CDS, ambient documentation that cuts charting 40%
We build inference systems for hospitals, IDNs, payers, and life-sciences sponsors - DICOM-native imaging triage, guideline-grounded clinical decision support, ambient SOAP-note dictation, and population-health risk stratification. Shipped with the regulatory artefact pack that hospital security review, IRB, and FDA pre-submission actually ask for.
What our clinical AI is built to
Six AI systems we build for hospitals, payers & sponsors
Each one ships as an inference service plus the regulatory artefact pack - model card, clinical evaluation, ISO 14971 risk file, bias and subgroup-performance report, monitoring playbook - so hospital IT security, IRB, and FDA pre-sub reviews pass on the first cycle.
Medical imaging triage & worklist prioritisation
DICOM-native, <5s per study, AUC 0.94+ at clinical operating points
- DICOM ingestion direct from modalities (CT, MR, CR, DX, MG, US) and the PACS - DIMSE C-STORE and DICOMweb (QIDO-RS / WADO-RS) with full SOP-class fidelity; structured reports (DICOM SR) emitted on every finding
- Model ensemble: CNN backbone (EfficientNet-V2, ConvNeXt) plus a Vision Transformer head - trained on rad-confirmed labels, calibrated at the sensitivity hospitals demand (≥0.95 for ICH, PE, large-vessel occlusion, pneumothorax)
- Workflow integration with Sectra PACS, Philips IntelliSpace, GE Centricity Universal Viewer, Visage 7, Change Healthcare Stratus - bidirectional via HL7 ORM/ORU and FHIR ImagingStudy / DiagnosticReport resources
- Drift dashboards per modality, per device, per site - scanner upgrades and protocol changes are the #1 cause of silent degradation; we alert on KL-divergence over input feature distributions before AUC ever drops
Guideline-grounded clinical decision support
FDA 510(k)-track CDS, CDS Hooks-fired, citation-traceable
- Retrieval over the clinical canon: UpToDate, DynaMed, NCCN, AHA/ACC, USPSTF, CHEST, IDSA - every recommendation links to the exact source paragraph and version date the model cited, no hallucinated guidance
- Drug interaction and dose checks against DrugBank, RxNorm, NDF-RT and First Databank - surfaces QT-prolongation risk, renal-dose adjustments, and pregnancy categories at the point of prescribing
- Fired through HL7 CDS Hooks (patient-view, order-sign, order-select) from Epic, Cerner, Meditech and athenaOne - sub-second latency on the order-entry hot path, no page-load tax for the clinician
- 510(k) regulatory pathway support: predicate device analysis, clinical evaluation, software lifecycle per IEC 62304, risk management per ISO 14971, and Predetermined Change Control Plan (PCCP) drafting per the FDA's 2024 guidance
Ambient clinical documentation
Cuts charting ~40%, write-back via SMART on FHIR
- Multi-speaker diarisation (clinician / patient / family member) with on-device wake-word and HIPAA-aware redaction - audio is processed inside the BAA boundary, not shipped to a public consumer ASR endpoint
- SOAP-note generation with explicit headers (Subjective, Objective, Assessment, Plan) and structured Plan items linked to orders - clinician edits become RLHF signal that personalises the model to their dictation style
- ICD-10-CM and CPT/HCPCS code suggestion with HCC recapture for Medicare Advantage - surfaces conditions that warrant documentation under Risk Adjustment without prompting upcoding
- EHR write-back via Epic App Orchard, Cerner Code, Meditech Greenfield, or SMART on FHIR launch - DocumentReference, Encounter and Condition resources posted on sign-off, never auto-filed
Population health & risk stratification
Readmission, deterioration, SDOH-aware, fair-care validated
- 30-day readmission prediction extending LACE+ with claims, SDOH (food insecurity, housing instability, transportation) from area-deprivation indices and Z-codes, and longitudinal lab trajectories - AUC typically 0.78–0.84 on validation cohorts
- Deterioration prediction (sepsis, AKI, clinical decompensation) on the inpatient floor - streaming features off the Epic Bridges or Cerner Millennium event feed, scored every 15 minutes, results posted into the Rover and PowerChart inboxes
- Fair-care validation: subgroup AUC, calibration parity, and equal-opportunity-difference metrics across race / ethnicity / payer / language preference - a fairness report ships with every model, mitigations applied where disparities exceed thresholds
- Clinician explainability via SHAP per case with plain-English reason codes - not a black-box risk score; the bedside RN sees which features (lactate trend, RR variability, MEWS, social factors) drove the alert
Revenue cycle & prior-authorisation automation
Denial prediction, PA NER, claims-edit before submission
- Denial prediction pre-submission: gradient-boosted models over CARC/RARC denial-reason codes from historical X12 835 remittances - surfaces likely denials before the 837 ever leaves the clearinghouse
- Prior-authorisation document parsing: NER on insurance forms, payer-policy PDFs, and clinical attachments - auto-fills the payer portal or the X12 278 transaction set, evidence-cited against the payer's medical-necessity policy
- Underpayment recovery: contract-modelled expected vs paid analysis against fee schedules - flags shortfalls so the revenue integrity team works the high-value claims first
- Coding QA: flags downcoding risk on E/M documentation and under-captured comorbidities - HCC RAF score uplift without prompting fraud, with full audit trail for OIG-defensible posture
Genomics & multi-modal trial matching
Eligibility-criterion parsing, biomarker-aware cohort scan
- Eligibility-criterion extraction from clinicaltrials.gov: turns free-text inclusion/exclusion into structured FHIR ResearchStudy + EligibilityCriteria resources matchable against EHR data
- Biomarker-aware matching for oncology: BRCA1/2, EGFR, ALK, KRAS G12C, PD-L1 TPS, MSI-H/dMMR, HER2 IHC and FISH - pulled from molecular pathology reports via structured DICOM SR and NLP over PDF
- Cohort embedding search across the patient population: longitudinal vectors over diagnoses, medications, labs and procedures - identifies similar-patient cohorts for retrospective study design and external-control arms
- Federated learning options for multi-site sponsors - patient-level data never leaves each site's enclave, only encrypted gradients; supports BAA-bounded research consortia and post-market surveillance
Healthcare-grade data infrastructure
Clinical data is not generic event data. It moves through HL7 v2, FHIR R4, DICOM and X12 - not JSON. A misread lab is a clinical incident. A breach is a CMP and a public OCR posting. Here is what we actually build.
Clinical interop protocol fluency
HL7 v2, FHIR R4, DICOM, X12 - the wire formats clinical data actually moves on.
- HL7 v2.x message handling: ADT^A01/A03/A08 (admit / discharge / update), ORM^O01 + ORU^R01 (orders and results), MDM^T02 (documents), SIU (scheduling) - Mirth Connect or Rhapsody as the bus, signed ACKs, replay from store-and-forward on outage recovery
- HL7 FHIR R4 over RESTful APIs and bulk export ($export NDJSON) - Patient, Encounter, Observation, Condition, MedicationRequest, DocumentReference, ImagingStudy, AllergyIntolerance, Coverage resources; conformance against USCDI v3 data classes
- DICOM modality worklist (MWL) + storage commitment + structured reports (SR) - DIMSE on the LAN, DICOMweb (STOW-RS, QIDO-RS, WADO-RS) on the cloud edge, with whole-slide imaging (DICOM WSI) support for digital pathology
- Payer flows over X12: 837 (claims), 835 (remittance), 270/271 (eligibility), 276/277 (status), 278 (prior auth) - and C-CDA documents for cross-organisational exchange (CCD, Consult Note, Discharge Summary)
PHI handling, de-identification & tokenisation
HIPAA Safe Harbor or Expert Determination - your choice, both audited.
- Safe Harbor de-identification per 45 CFR §164.514(b)(2): all 18 identifiers stripped (names, geographic subdivisions smaller than state, dates more granular than year for anyone over 89, etc.) - automated pipeline with manual QA on edge cases
- Expert Determination path when Safe Harbor is too lossy for research utility - statistical disclosure risk assessment, k-anonymity / l-diversity / t-closeness on quasi-identifiers, certified by a qualified statistician
- Tokenisation for cross-source linkage without re-identification: HMAC-SHA256 with per-tenant pepper held in HSM, deterministic on (first_name_phonetic, dob, sex) so the same patient links across sites without ever exposing PHI
- Audit-trail immutability for HIPAA breach investigations: every PHI access logged with user, purpose-of-use, resource, and timestamp - WORM storage on S3 Object Lock or Azure Immutable Blob, retained per state law (some require 25 years for minor records)
EHR integration - without breaking nightly batch
Epic, Cerner, Allscripts, athenaOne, Meditech, AdvancedMD.
- Epic: App Orchard apps, Bridges interfaces, Cosmos research data, FHIR APIs, Chronicles / Clarity reporting - we have shipped SMART on FHIR launches that pass the Epic security review and Open .Epic certification
- Cerner Millennium / Oracle Health: PowerChart integration via Cerner Code, Discern Explorer reports, CCL extraction, FHIR APIs and Ignite open developer experience
- Allscripts Sunrise / TouchWorks, athenaOne via athenahealth Marketplace, Meditech Expanse via Greenfield APIs, AdvancedMD - adapter library maintained per vendor, version-pinned
- Customer-path reads only against EHR read replicas or CDC; we never write back synchronously on patient-care critical paths. End-of-day census and billing batch windows are respected - pipelines checkpoint and resume
Streaming clinical pipelines & feature stores
From HL7v2 events to model-ready features in seconds.
- Apache Kafka as the clinical event bus - HL7 v2 messages translated to FHIR R4 inline (e.g. ORU^R01 → Observation resources), partitioned by patient MRN for ordering guarantees, idempotent producers so a Mirth retry never double-posts a lab
- PostgreSQL + TimescaleDB for time-series clinical data (vitals streams, telemetry, continuous glucose, cardiac), with hypertables compressed and downsampled - continuous aggregates for the 5-min / 1-hour / 24-hour rolling windows that ML features need
- Pinecone or Qdrant for clinical embedding stores (note embeddings, problem-list embeddings, similar-patient retrieval) - Qdrant self-hosted inside the BAA boundary when leaving the enclave isn't allowed
- dbt for quality-measure transformations - CMS eCQMs (eMeasures), HEDIS, MIPS - every metric a tested model with documented value sets from VSAC, not a hand-tuned SQL script no one trusts
FDA-trackable model registry & monitoring
Locked artefacts, PCCP-ready, drift detection that matters clinically.
- MLflow as the model registry with locked, signed artefacts - every cleared model identified by hash, training data manifest, and validation report; no silent retraining on a 510(k)-cleared algorithm without a documented change
- Predetermined Change Control Plan (PCCP) instrumentation per FDA's 2024 final guidance - pre-specified modifications, modification protocol, and impact assessment, with monitoring evidence captured live in production
- Drift detection that actually matters clinically: subgroup calibration shifts, performance on rare-but-serious findings (LVO, perforation, sepsis), and demographic disparity over time - not just feature-distribution KL divergence
- Audit-defensible MLOps: every prediction logged with model version, input features (de-identified where possible), output, and downstream clinician decision - feeds outcome-based monitoring and post-market surveillance reports
BAA-scoped cloud topology & multi-jurisdiction
HIPAA-eligible services only. EU and UK boundaries respected.
- Reference deploys on AWS HIPAA-eligible services (S3 + KMS, EC2, EKS, Comprehend Medical, HealthLake, Textract), Azure for Health (Azure Health Data Services, FHIR service, DICOM service, Confidential Compute), GCP Cloud Healthcare API
- Customer-managed KMS / Key Vault HSM / Cloud HSM keys for at-rest encryption - your keys, your rotation policy, BAA executed with the cloud provider before a single byte of PHI lands
- Multi-jurisdiction deployments: EU patient data under GDPR Art. 9 stays in the EU region with no cross-border egress, UK under Data Protection Act 2018, with separate FHIR namespaces and consent records per jurisdiction
- Air-gap option for the most restrictive environments (VA, DoD, classified research) - full MLOps stack self-hosted, signed offline update bundles, no internet egress; the pattern we use in regulated finance ports cleanly
What hospitals & sponsors actually ask us
Technical answers to the HIPAA, FDA, EHR-integration and clinical-validation questions that come up in the first scoping call.