Back to Case Studies
healthcareweb

PACS Platform Modernization

Complete modernization of legacy PACS system handling 21TB of medical imaging data. Custom Next.js platform with Orthanc backend, PostgreSQL indexing, and Redis caching. Improved performance from 3-4 studies/second to 100 studies in under 2 seconds. Multi-site deployment with role-based access control and OHIF viewer integration.

20255 min read
PACS platform study list interface showing advanced filtering, batch operations, and real-time study management with pagination and search

The Challenge

Medical imaging center with 21TB of DICOM data struggling with legacy PACS performance. Study listing loaded at 3-4 studies/second with incomplete results. Date range selector too narrow to use. System couldn't scale to multiple imaging centers. Users needed secure internet access, role-based permissions integrated with RIS, and batch operations for anonymization and transfers.

Client transitioning from legacy PACS to Orthanc-based system. 700 studies in trial phase revealed critical performance, usability, and scalability issues. Storage growing at 5TB/year with 7-year retention requirement. Multiple imaging centers need unified view. Radiologists, technicians, and referring doctors require different access levels based on RIS assignments.

Key Constraints

  • 21TB existing data + 5TB/year growth = 56TB in 7 years
  • Performance target: 100 studies in under 2 seconds (30% faster than legacy)
  • Multi-site deployment with centralized metadata index
  • RIS integration via MySQL view table (patient-user assignments)
  • Role-based access: 5 clinical roles + 2 admin roles
  • HIPAA/GDPR compliance with audit logging (7-year retention)
  • Batch operations without UI blocking (anonymize, ZIP, send, delete)
  • Existing hardware: HP ProLiant DL380 Gen9, 128GB RAM, 2TB SSD x4 RAID 5

Our Approach

Built custom platform with Next.js frontend, NestJS backend, Orthanc DICOM layer, and PostgreSQL metadata indexing. Redis queue handles batch operations asynchronously with WebSocket progress updates. OHIF viewer integration for web-based DICOM viewing. Multi-site architecture with centralized PostgreSQL index and distributed Orthanc nodes. Role-based access control synced hourly from RIS MySQL view table.

Key Technical Decisions

  • Custom UI over Orthanc Explorer 2 - needed advanced filtering, batch operations, RBAC, not possible with built-in UI
  • PostgreSQL metadata index - full-text search on Patient Name/Study Description, complex filtering by modality/date/physician
  • Redis caching + lazy loading - reduces Orthanc load, enables instant search, prefetches next page while user scrolls
  • Redis queue (BullMQ) for batch ops - anonymization/ZIP/send run in background workers, WebSocket shows real-time progress
  • OHIF for viewing - don't reinvent DICOM viewer, integrate proven open-source solution via DICOMweb
  • Supabase Auth + custom RBAC - JWT tokens, hourly RIS sync, database-level access filtering
  • MinIO for ZIP storage - S3-compatible object storage, expandable to 56TB+, cheaper than commercial solutions
  • Patroni + HAProxy for PostgreSQL HA - hot backups, real-time replication, zero-downtime failover

Timeline: 20-26 weeks across 3 phases. Phase 1 (6-8 weeks): Core MVP with UI, Orthanc integration, OHIF viewer, performance optimization. Phase 2 (6-8 weeks): RBAC, admin panel, batch processing, RIS integration, audit logging. Phase 3 (8-10 weeks, optional): Multi-site clustering, PostgreSQL HA, storage expansion, advanced OHIF customization.

Implementation

Phase 1: Core MVP (6-8 weeks)

Custom Next.js UI with Ant Design, Orthanc integration via DICOMweb (QIDO-RS), study listing with pagination (30/50/100/300/500/All), advanced filtering (patient, modality, date range with expanded DatePicker), OHIF viewer integration (same server, launched via StudyInstanceUID), Supabase authentication, performance optimization with PostgreSQL indexing and Redis caching. Achieved 100 studies in 1.8 seconds (target: under 2s).

6-8 weeks

Phase 2: Workflow & Infrastructure (6-8 weeks)

Role-based access control (Clinic Manager, Chief Radiologist, Radiologist, Radiographer, Referring Doctor), admin panel (user management, DICOM node config, health monitoring), batch processing via Redis queue + BullMQ (anonymize with 16-digit unique ID, encrypted ZIP with DOB password, send to nodes, delete), RIS integration (MySQL view sync hourly via cron), audit logging to PostgreSQL (7-year retention), WebSocket progress notifications for batch tasks.

6-8 weeks

Phase 3: Scalability & Expansion (8-10 weeks, optional)

Multi-site deployment with centralized PostgreSQL metadata index and local Orthanc nodes per imaging center, Orthanc clustering with Orthanc Peers for inter-site transfers, PostgreSQL high availability using Patroni + HAProxy (primary/secondary with automatic failover), hot-swap storage expansion (8TB SSDs annually to reach 56TB), advanced OHIF customization (measurement tools, annotations, AI plugins), FDA-grade compliance documentation, load testing with 1000+ concurrent users and 100,000+ studies.

8-10 weeks

System Architecture

PACS platform architecture diagram showing multi-layer structure: Frontend (Next.js + OHIF), Backend (NestJS), Data Layer (PostgreSQL + Redis + MinIO), Workers (Python FastStream), and DICOM Layer (Orthanc + HAProxy + NGINX)

Next.js 14 with Ant Design for responsive UI optimized for 1366x768 to 4K displays. NestJS backend proxies Orthanc REST API and DICOMweb endpoints (QIDO-RS for queries, WADO-RS for image retrieval). PostgreSQL stores users, roles, access rules, and synchronized Orthanc metadata with full-text indexes (GIN) on Patient Name and Study Description. Redis Cluster handles session caching (JWT), task queues (BullMQ), and health pings. Python FastStream workers process batch operations (anonymization uses cryptographically secure random for 16-digit Patient IDs, ZIP encryption with AES-256 and DOB password, DICOM sending via Orthanc REST /modalities endpoint). MinIO S3-compatible storage for ZIP archives, scalable from 21TB to 56+ TB. Orthanc 1.12+ deployed as Docker containers (one per imaging center), configured via mounted orthanc.json or FastAPI sidecar for dynamic updates. OHIF Viewer 3.x hosted on same server, launched via StudyInstanceUID parameter, connected to Orthanc DICOMweb plugin. HAProxy load balances DICOM C-STORE operations across Orthanc nodes. NGINX handles SSL termination (TLS 1.3), reverse proxy, and Lua-based auth hooks. PostgreSQL HA uses Patroni for automatic leader election + HAProxy for connection routing. Cloudflare WAF protects against XSS/SQL injection/DDoS. OWASP ZAP automated security scans. Supabase Auth for user management with JWT-based RBAC. Hourly cron job syncs RIS MySQL view (patient-user assignments) to local PostgreSQL. WebSocket (Socket.io) for real-time batch operation progress. Backup strategy: PostgreSQL hot backups via Patroni replication to secondary node + daily cold backups to MinIO (retained 30 days). Hardware: HP ProLiant DL380 Gen9, Dual Xeon E5-2690 v4 (32 cores), 128GB RAM, 4x 2TB SSD RAID 5, VMware 7 ESXi with Ubuntu 22.04 VMs. Resource allocation: Orthanc (8 cores, 24GB), PostgreSQL (4-6 cores, 12-18GB with HA), MinIO (4 cores, 12GB), NestJS + Workers (4 cores, 8GB), NGINX + Redis (2 cores, 4GB).

Technology Stack

Next.jsAnt DesignTypeScriptNestJSPython FastStreamOrthanc REST APIPostgreSQLRedisDockerHAProxyNGINXMinIOPatroniCloudflare WAFOWASP ZAP

Results & Impact

1.8 seconds100 Studies

Study listing performance (target: under 2s, 50x faster than legacy 3-4 studies/second)

Under 500msSearch Response

Full-text search across Patient Name and Study Description with PostgreSQL indexing

100+ usersConcurrent Users

Load tested with Locust, supports simultaneous access without degradation

50 studies/minBatch Anonymization

Python workers with BullMQ queue, randomized names + 16-digit unique IDs

$22,5005-Year Cost

vs $90,000 commercial PACS (saves $67,500 with superior performance)

7 rolesAccess Control

5 clinical + 2 admin roles with RIS integration and database-level filtering

  • Performance: 50x improvement from 3-4 studies/second to 100 studies in 1.8 seconds
  • Cost: $67,500 saved over 5 years vs commercial PACS ($22.5K vs $90K total)
  • User Experience: Study listing instant (under 2s), search under 500ms, date picker usable (expanded field)
  • Batch Operations: Users continue working while anonymization/ZIP/send run in background with real-time progress
  • Multi-site: Unified view across imaging centers with centralized search and distributed storage
  • Security: HIPAA/GDPR compliant with Cloudflare WAF, rate limiting, audit logging, encrypted downloads
  • Scalability: Tested 10,000 studies with no degradation, expandable to 56TB+ storage with MinIO

What We Learned

  • PostgreSQL indexing is critical - Orthanc REST API slow for complex queries, metadata index with full-text search made 50x difference.
  • Redis queue essential for UX - batch operations on hundreds of studies take minutes, async workers + WebSocket progress = happy users.
  • Multi-site planning matters early - adding source_node_id to schema later is painful, ask about expansion plans upfront.
  • OHIF beats custom viewer - DICOM rendering is complex (multi-frame, compression, windowing), use proven solution and integrate.
  • Security audits before production - OWASP ZAP found missing rate limiting, exposed credentials, weak JWT secret before HIPAA violations.
  • Hardware constraints are real - hospitals have tight budgets, optimize aggressively (ZFS compression, Redis caching, lazy loading).
  • RIS integration via MySQL view - keeps access control logic in RIS (where it belongs), platform enforces at database level.
  • Test with real data - synthetic DICOM files don't expose edge cases (legacy formats, vendor-specific implementations, compressed pixel data).

Have a similar project in mind?

Let's discuss how we can help you build it

More Case Studies

Speech Coach AI platform dashboard showing real-time speech analysis with pace tracking, filler word detection, and emotional tone visualization

Speech Coach

AI-powered speech coaching platform that democratizes public speaking improvement. Built with Next.js and LLM APIs, the platform analyzes speech in real-time, providing instant feedback on pace, clarity, filler words, and emotional tone. Serving 10K+ users who need affordable, 24/7 access to personalized coaching—replacing expensive $100-300/hour human coaches with AI that scales.

DICOM Routing Platform dashboard displaying medical imaging data flow, real-time monitoring of 100GB+ daily DICOM transfers, and microservices health status

DICOM Routing Platform

Enterprise medical imaging platform built for US telemedicine providers to route DICOM data from distributed clinics. Processes 100GB+ daily with zero downtime using microservices architecture (FastAPI, Redis Streams, HAProxy). Ensures HIPAA compliance, provides audit trails for healthcare regulations, and scales seamlessly from single-clinic to multi-site deployments. Features real-time monitoring dashboard and handles concurrent connections from dozens of imaging devices.

AI Education Platform interface showing Jupyter notebook environment with GPU resource monitoring, medical dataset access, and student workspace management for 40 concurrent users

AI Education Platform

Government-funded platform for healthcare AI training in Korea, replacing expensive cloud services with on-premise GPU infrastructure. Built with NestJS and FastAPI to manage 40 concurrent students across 4 Tesla V100 GPUs partitioned via NVIDIA MIG. Features isolated Jupyter environments, unlimited GPU access for medical dataset training, custom Prometheus monitoring for GPU utilization, and role-based access to shared/private datasets. Solved the challenge of providing secure, cost-effective AI education at scale.

Orthanc PACS dashboard showing DICOM studies list, patient metadata, and system monitoring with CloudWatch metrics

Orthanc PACS Deployment

Production DICOM PACS system deployed on AWS for healthcare startup. Orthanc + S3 + PostgreSQL architecture handling 1500+ DXA bone density scans with VPN-only access, automated backups, and CloudWatch monitoring. Deployed in 3 weeks with defense-in-depth security.