Digirad’s digital transformation is well underway – and we’ve officially hit the next phase.
In support of our HITRUST certification journey and broader modernization goals, we’re rolling out three major technical initiatives that will fundamentally reshape how we deliver services, secure data, and scale as an organization.
1. A New PACS with Modern Security: Enter ScImage
At the heart of our clinical workflow is our PACS (Picture Archiving and Communication System) – the system that stores and routes imaging to physicians. We’ve made the decision to move to ScImage, a next-generation PACS platform that aligns far more closely with modern compliance standards.
ScImage supports TLS 1.3 encryption, ensuring all data in transit is secured to the highest available standards. This is a significant leap forward from our legacy platform and gives us a solid foundation to build toward HITRUST alignment across the board.
2. Fortifying the Core: Segmentation & Workstation Refresh
To support the new PACS rollout – and to shore up legacy gaps – we’re expanding our Fortigate segmentation model (originally introduced in our imaging workflow redesign: Outrunning OS) to all company systems.
This means:
-
Physical segmentation of sensitive equipment
-
Defined, policy-driven firewall rules between device zones
-
Elimination of flat-network exposure company-wide
We’re also doing a long-overdue workstation refresh across the organization. Many devices are still running Windows 7, years past support. These systems were long capitalized, but it’s time to move forward.
To keep this massive lift organized, we’ve adopted Airtable as our unified tracking tool – not only for hardware upgrades, but also to manage documentation, policies, and action items across our HITRUST initiative.
This project is being led by our newly hired Information Security Specialist, Emin Aghayev, who’s working under Patrick Struthers (our ISO). Emin has hit the ground running, and we’re excited to see this project take shape under his leadership.
3. “Network in a Box” – 28 Sites, One Standard
One of the biggest operational changes we’re making is how we handle our hub sites – the 28 secure storage locations across the country where our nuclear cameras return each night.
Historically, these sites ran SMB-grade internet with no firewall, no cloud connectivity, and no standardization. That ends now.
We’re deploying a “network in a box” solution to each site – fully pre-configured in our Poway, CA headquarters and shipped ready to plug in. Each setup includes:
-
Fortigate 60F with WiFi and built-in dial-up VPN
-
FortiSwitch for structured cabling and management
-
Small rackmounted Windows 10 workstation, running VMs as needed
-
Lockable mini rack for physical security
Once on-site, staff simply plug their existing modem into the WAN port. That’s it. The Fortigate dials home via VPN and auto-joins our Azure cloud environment.
WiFi is fully secured using 802.1x authentication via our FortiAuth server, and GPOs handle all workstation wireless configs – making this a fully plug-and-play deployment model.
Tying It All Together
These projects aren’t just infrastructure lifts. They’re the framework for a new standard at Digirad – one where security is baked in, compliance is normalized, and IT becomes an enabler of growth, not a cost center.
It’s not easy – but it’s exciting.
HITRUST is on the horizon. These changes are how we’ll get there.
– Vince