How we secure patient data, anonymize medical imagery, and ensure compliance with medical data standards.
Before any retinal image is processed by our AI models, it undergoes a strict anonymization process. All Personal Identifiable Information (PII) such as patient names, IDs, and dates of birth are stripped from the metadata (DICOM tags).
Data in transit is encrypted using TLS 1.3 protocols. Data at rest (stored on servers) is encrypted using AES-256 standards. This ensures that even in the unlikely event of a server breach, the medical data remains unreadable and secure.
For the public demo and testing phase, our system operates on a "Zero-Retention" policy. Images uploaded for analysis are processed in volatile memory (RAM) and are permanently deleted immediately after the analysis result is generated and sent back to the client.