Provision a web-based DICOM viewer (e.g., OHIF Viewer or a commercial zero-footprint viewer) with HTTPS and configure it to authenticate patients using an OAuth 2.0 identity provider linked to the institution's patient portal
Implement authorization logic that restricts each patient's QIDO-RS queries to their own StudyInstanceUIDs by pre-filtering on PatientID derived from the authenticated identity before proxying to the backend DICOMweb server
Serve DICOM pixel data through a server-side proxy that injects credentials and enforces patient-scoped authorization, rather than exposing the raw DICOMweb server URL or credentials to the browser
Apply DICOM de-identification of metadata fields containing referring physician names and facility details in the viewer's display layer if the portal policy restricts that information from patient view
Implement audit logging of every study access with the patient identity, timestamp, study UID, and IP address to satisfy HIPAA audit requirements for PHI disclosure
Known gotchas
Patients accessing their own records constitute a permitted disclosure under HIPAA but the portal must still enforce break-glass controls to prevent access to another patient's images in the event of identity token misconfiguration
Zero-footprint viewers load pixel data into browser memory; ensure the DICOMweb server sets appropriate Cache-Control: no-store headers so sensitive pixel data is not persisted in the browser disk cache
Some institutions have legal or policy constraints on releasing raw DICOM files (as opposed to rendered images) to patients due to metadata embedded in the files; validate the disclosure policy before enabling DICOM download through the portal
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp