Governance infrastructure · Australian healthcare

Patient identity
never leaves.

The centralised data privacy & governance platform for Australian healthcare. Anonymise, govern and audit every modality before it reaches an AI service.

DICOM PS3.15HL7 / FHIROAIC AlignedAU Data ResidencyTGA SaMD READY

Secuva · live de-identification pipeline

PixelIQ · DICOM CT study

(0010,0010)████████████stripped

(0010,0020)MRN-████████stripped

(0008,0060)CTretained

(0008,103E)CHEST W CONTRASTretained

ClinicalIQ · HL7 ORU message

PID|1||CLINIQ-E7A2||PATIENT^A||196200|F

PV1|1|I|WARD^^^^||||PHYSICIAN REDACTED

OBX|1|NM|WBC||7.2|10*3/uL|4.5-11.0|N

GenomeIQ · VCF file · de-identified2.1s

##SAMPLE=<ID=PSEUDO-2E9F4A>

##INDIVIDUAL=<Name=REDACTED>

#CHROM POS REF ALT PSEUDO-2E9F4A

1 925952 G A 0/1:18,9:27:...

3 modalities processed · 0 raw PHI in transit · audit log written

100%

Australian data residency

Sydney + Melbourne

113+

DICOM PS3.15 attributes

Anonymised by default

Zero

Raw PHI in transit

Removed on-prem

<50ms

Per-study overhead

Inline pipeline

The problem

Healthcare AI is moving fast.
PHI is moving with it.

Every hospital, lab and clinic is being asked to share data with AI vendors, researchers and overseas platforms. DICOM headers, burnt-in pixel text, clinical notes, VCF metadata - all of it carries patient identity. Most de-identification pipelines miss most of it.

PHI leaks at the edges - header tags, pixel overlays, note free-text

Manual de-id doesn't scale across multi-modal AI workflows

Boards and regulators want proof. Most teams can't produce it.

Typical PHI coverage gap by modality

DICOM / Radiology

✓ Header tags

✗ Pixel overlays

✗ Structured reports

Digital Pathology

✓ TIFF metadata

✗ Label image

✗ LIMS barcode

Genomic (VCF / BAM)

✓ Header fields

✗ Sample IDs

✗ Variant re-id risk

Cardiology (ECG / Echo)

✓ Report header

✗ SCP-ECG fields

✗ HL7 wrapper

Clinical (HL7 / FHIR)

✓ Struct. segments

✗ Free-text NLP

✗ FHIR resources

Physiological signals

✗ Device metadata

✗ Session header

✗ Alarm logs

■ Covered by typical tools■ Missed by typical tools

Your hospital network · on-prem

PACS / DICOM

EMR / FHIR

Research DB

↓ raw clinical data ↓

SECUVA Layer

anonymise · validate · route · govern

PixelIQSlideIQGenomeIQCardioIQClinicalIQSignalIQ

governed output only · raw PHI never leaves your firewall

SECUVA control plane · AU sovereign cloud

Policy engine

Audit trail

Routing rules

↓ approved recipients only ↓

AI vendor

de-id data only

Researcher

HREC approved

Internal model

within perimeter

The platform

One privacy layer between
your data and every AI service.

SECUVA runs entirely within your environment, under your control, paired with an Australian cloud-hosted control plane. PHI is removed where it lives. Only governed, auditable outputs ever cross your firewall.

Raw PHI never crosses your firewall

Australian data residency, sovereign control plane

Connects to PACS, EMR, FHIR, research systems and AI vendors

Every action cryptographically signed and exportable for audit

How it works

Four steps. Zero raw PHI in transit.

Connect

SECUVA agent registers as a DICOM node, HL7 listener, and FHIR proxy inside your network - minimal network configuration required.

Anonymise

PHI removed from headers, pixel overlays, free-text fields and structured reports using modality-specific PS3.15-aligned profiles.

Govern

Policy engine determines what leaves your perimeter, where it goes, and which AI service is permitted to receive it.

Audit

Every transformation cryptographically signed and logged. Exportable for OAIC, TGA, HREC, and internal governance review.

The product suite

One platform. Six privacy engines.

Start with the modality you need. Add the rest as your AI footprint grows - same agent, same audit trail.

Live

PixelIQ

DICOM anonymisation that runs inside your network. Removes PHI from headers, burnt-in pixel overlays, and structured reports before any image leaves your PACS. PS3.15 aligned. Sub-50ms overhead.

Explore PixelIQ

Coming Soon