Local PHI Protection
Encrypts DICOM data locally using SecurePACS cryptographic model before transmission.
SecurePACS Vault Gateway
SecurePACS Vault Gateway
A specialized, lightweight bridge for connecting local DICOM modalities to SecurePACS. It ensures unencrypted PHI never leaves your secure zone by performing client-side encryption before uploading via a secure, resumable tunnel.
Autonomous Queue
Built-in SQLite buffering ensures 100% delivery even with unstable internet connections.
Management Dashboard
Built-in web UI for monitoring associations, uploads, and system health.
Lightweight Runtime
High-performance .NET 8 core with minimal memory footprint, suitable for edge devices.
Status API
Full REST API for external monitoring and automation of DICOM workflows.
Zero-Config Setup
Web-based wizard for quick initialization of AE Titles and SecurePACS credentials.
Security & Compliance
The Vault Gateway is designed to meet strict HIPAA and GDPR requirements by acting as the encryption boundary for your clinical data.
- ECDH P-521 ephemeral key exchange per study.
- AES-256-CBC encryption for DICOM instances.
- Zstd compression (level 3) for efficient transmission.
- Full audit trail of all upload attempts and DICOM associations.
- Mandatory HTTPS for management dashboard access.