Skip to main content
Back to home
PHI-free by design

MedFleetIQ is PHI-free by design.

We manage equipment risk — not patient data. No DICOM, no PHI, no EMR/PACS integrations.

Version 1.0 · Effective 2026-01-01

What we exclude
  • No DICOM files or clinical images
  • No patient records or identifiers (MRN, name, DOB)
  • No EMR / PACS / HL7 / FHIR connections
  • No PHI in notes, uploads, or incident descriptions
What we do track
  • Equipment identity (asset tag, serial, model, manufacturer)
  • Equipment condition, service events, and downtime
  • Incidents and root cause (non-clinical)
  • Warranty, contracts, purchase and replacement cost
  • Risk score, health index, and replacement planning

MedFleetIQ is PHI-free by design. We manage equipment risk — not patient data. No DICOM, no PHI, no EMR/PACS integrations.

MedFleetIQ helps healthcare and training organizations manage equipment risk without touching patient data. The platform is intentionally scoped to non-clinical operational data: equipment identity, condition, service history, incidents, warranty, downtime, and replacement planning.

We do not ingest, store, or transmit Protected Health Information (PHI). We do not connect to EMR, PACS, HL7, or FHIR systems. We do not accept DICOM uploads or clinical images. Document uploads are limited to invoices, service reports, warranty certificates, and equipment photos.

This is a deliberate product boundary — it shortens procurement and security review, removes HIPAA-blocked workflows, and keeps the product focused on the operational risk decisions our customers actually need to make.

Enforcement

Document uploads are validated server-side. Files with DICOM extensions (.dcm / .dicom) or filenames containing patient identifiers (MRN, patient, PHI, DOB, SSN) are rejected before storage. Reported violations trigger removal and an audit log entry.