About the client

Andersen's customer in this business case specializes in providing expert radiology interpretations, including MRI, CT, PET, and ultrasound. The customer needed to ensure a seamless experience through connectivity, 24/7 support, and secure report access via a proprietary, HIPAA-compliant, and user-friendly online portal. This portal was required to enable easy access to patient images and reports, displaying case statuses.

Location:USA
[object Object] on the map

Project overview

A few years ago, the customer developed their own platform to support their radiology services. Over time, ownership and support were delegated to a third party, which ultimately discontinued support. The customer's entire operational flow relied on its online portal, which was becoming obsolete due to a lack of flexibility and scalability. It became clear that a new solution was necessary to ensure business continuity and support future growth.

Andersen was selected to address these challenges, due to our proven track record with medical imaging solutions. Our objectives for this project were as follows:

  • Developing a fast, modern SaaS platform for imaging operations to streamline radiology service delivery;
  • Fully replacing the outdated legacy system with a robust solution;
  • Migrating historical data from the previous platform to ensure service continuity;
  • Increasing the daily order processing capacity from 3,000 to 10,000 transactions;
  • Engineering a headless Transfer Agent module for efficient DICOM image transfer;
  • Integrating seamlessly with external systems, including PACS and fax services;
  • Introducing a rule engine to manage orders effectively within the RAD workflow.

This new platform not only replaced the legacy system but also delivers improved performance, scalability, and integration, setting the stage for sustained growth.

Duration:30 months
Technologies:
.NET Core
C#
Java
TypeScript
JavaScript
AWS
Camunda 8.4

Process and orchestration technologies:

Camunda, Zeebe

Data exchange protocols and standards:

REST, HL7, HTTP, HTTPS, gRPC, SMTP, TTC, TCP, IPv4

Networking and load balancing technologies:

ALB (Application Load Balancer), NLB (Network Load Balancer)

Data and file formats:

blob, jpeg, jpg, png, doc, tiff, pdf, json, dcm, rtf

Programming languages and frameworks:

.NET Core, C#, Java, TypeScript, JavaScript, Spring, React

Databases and caching:

Amazon ElastiCache, Redis, AWS MSK (Managed Streaming for Apache Kafka), Apache Kafka, Amazon Aurora, PostgreSQL, MongoDB

DevOps and monitoring tools:

GitHub Actions, Terraform, Prometheus, Grafana

Security and authentication:

Keycloak, OAuth2.0, PKCE (Proof Key for Code Exchange)

Cloud platforms and services:

Ensono’s Hyper Cloud Platform, AWS, Google Cloud Platform, FCM (Firebase Cloud Messaging), Amazon EC2, Amazon S3, Amazon CloudFront, Amazon EKS (Elastic Kubernetes Service), AWS Secrets Manager

Configurations and deployment:

Configs, GitHub Configs, Kubernetes, Rolling deployment

Screen featuring RIS-orders and downloadable examination files
Screen featuring RIS-orders and downloadable examination files

Customer Challenge

During this RIS development project, we successfully navigated several technical challenges and tasks:

  • Lack of API compatibility. Some third parties frequently changed their APIs without providing release notes, requiring extra validation and adaptive solutions;
  • HL7 communication. Andersen's team set up this system following a normalized HL7 message template. During testing and production emulation, HL7 messages occasionally contained different data types in certain segments. This variability was addressed proactively by our team from the very beginning of the project;
  • GUI-less Transfer Agent. One of the major challenges was to integrate with all clinics via a GUI-less Transfer Agent (a Windows service running in the background). This module was developed from scratch to securely transfer DICOM images;
  • Integration orchestration. Ensuring that all integrations work together is crucial for completing end-to-end user scenarios. If third-party services are unavailable, orders cannot be completed, and patient reports cannot be delivered;
  • Historical data migration and synchronization. All historical data was successfully migrated from the legacy platform, ensuring synchronization between both systems during the client transition phase. This allowed clients to seamlessly complete their RAD flow on the original platform while simultaneously beginning operations on the new platform, with their latest orders continuously updated via a heartbeat mechanism.

Solution

While engineering the new RIS platform, our team completed all planned third-party integrations, finalized data mapping, and successfully migrated historical records. The new cloud-based RIS platform (POL3) created by our specialists consists of two distinct components:

  1. Transfer Agent. A GUI-less Windows service that ingests DICOM studies and transfers both DICOM and HL7 data to Blob storage (Amazon S3) and PACS;
  2. Web-based application. A responsive user interface that supports clinical workflows.

Such an architecture provides strong privacy protection through robust data encryption and effortless scalability thanks to a microservices-based design.

Technically, the creation of the platform was made possible via:

  • Amazon API Gateway;
  • AWS Config Delivery;
  • AWS Lambda Delivery;
  • AWS WAF Delivery;
  • Amazon CloudFront Delivery;
  • Amazon DynamoDB Delivery;
  • AWS Systems Manager Delivery;
  • Amazon ECS Delivery;
  • Amazon EKS Delivery;
  • Amazon MSK Delivery;
  • Amazon RDS Delivery (Amazon RDS for PostgreSQL);
  • Amazon Route 53;
  • Amazon CloudTrail, among others.

During deployment, transfer agents were installed on-site at each clinic, enabling secure, compressed DICOM study transfers via a protected data channel between the clinics and POL3. All project goals and challenges were met on schedule. Following the launch, we provided four months of 24/7 on-call support—backed by an SLA guaranteeing five-minute response times—to maintain 99.99% availability. This comprehensive support model was coordinated by Andersen’s project management team.

Today, over 400 clinics across the United States, including 24/7 emergency sites, actively use the platform, benefiting from rapid and secure clinical workflows for radiology services.

Screen showing user information
Screen showing user information

App functionality

The resulting compliant clinical SaaS for radiology encompassess the following functionalities:

  • Data ingestion. Receives DICOM studies (MRI, CT, PET, X-ray, ultrasound, etc.) via a locally installed Transfer Agent, which compresses the DICOM objects and generates JPEG thumbnail images for each study;
  • Workflow automation. Implements a complex status model managed by a configured Camunda BPMN engine, ensuring consistent progression of orders from creation to completion;
  • Comprehensive handling of patient records. This includes merging duplicate records based on Master Data Management (MDM) rules and submitting to the Assigning Authority (AA);
  • Reporting and document handling. Facilitates the creation of radiology reports and secure document management, meeting compliance requirements;
  • Dashboards and analytics. Presents key information on configurable dashboards, enabling users to quickly visualize and analyze operational and clinical data.

Results and Benefits

While working on the medical imaging platform, Andersen has attained the following results:

  • Complex platform delivery. Implemented a sophisticated system designed to handle 21,000 users and over 10,000 orders per day;
  • Data migration. Successfully migrated all historical data (orders, users, files, etc.) from a non-relational document database to a relational database, ensuring data integrity and continuity;
  • Extensive monitoring. Deployed over 40 microservices and over 400 transfer agents with robust monitoring in place (Amazon CloudWatch, AWS Systems Manager Incident Manager, Prometheus, Grafana, Loki) for health checks and performance insights;
  • Meeting project requirements end-to-end. Ensured that functional, non-functional, and performance specifications were fully met;
  • Regulatory compliance. Built the solution to meet ISO/IEC 27001 and HIPAA standards, guaranteeing secure handling of sensitive medical data;
  • Turn-key approach. Used Andersen’s project delivery services model enabling full control of budget and scope.

About Andersen

Andersen is a custom software development company known for its ability to implement complex cloud projects in versatile domains, including the complex peculiarities of the healthcare domain, particularly in various specialized branches, e.g. radiology.

Let's talk about your IT needs

What happens next?

An expert contacts you after having analyzed your requirements;

If needed, we sign an NDA to ensure the highest privacy level;

We submit a comprehensive project proposal with estimates, timelines, CVs, etc.

Customers who trust us

SamsungVerivoxTUI

Let's talk about your IT needs