Frequently Asked Questions
1. How long does a typical PAC integration project take?
A mid-size hospital integration usually spans 8–16 weeks, but the timeline is influenced by multiple factors: the number of imaging modalities, interface complexity, volume of historical data to be migrated, and the availability of stakeholder resources for testing and validation. During our Discovery & Assessment phase, we build a detailed Gantt chart that includes task dependencies, risk buffers, and clearly defined milestones. Weekly status meetings keep everyone aligned, and if scope or regulatory requirements shift, we re-baseline the schedule with your approval to avoid unexpected delays.
2. Can you integrate with our existing EHR and RIS vendors?
Yes. Cabot is vendor-agnostic and has successfully integrated Epic, Cerner, Meditech, Allscripts, eClinicalWorks, and a variety of niche RIS platforms. We leverage open standards such as HL7 v2.x, HL7 FHIR, and DICOMweb to exchange orders, results, reports, and images in real time. Where vendor-provided APIs are limited, we build middleware or utilize interface engines like Mirth Connect or Rhapsody to bridge gaps. Our interoperability team conducts interface validation testing to confirm message integrity, triggering workflows (e.g., modality worklist population, results finalization) exactly as intended.
3. How do you ensure HIPAA compliance?
HIPAA compliance is embedded throughout our project lifecycle. We start with a comprehensive risk assessment to identify PHI touchpoints and potential vulnerabilities. Technical safeguards include AES-256 encryption at rest, TLS 1.2+ encryption in transit, and strict firewall segmentation. We implement role-based access controls tied to your identity management system (Okta, Azure AD, etc.) and enable detailed audit logs to track every image and data touch. Administrative safeguards cover workforce training, signed Business Associate Agreements (BAAs), incident response plans, and annual penetration testing. Our delivery is capped with documentation packages that support OCR or Joint Commission audits.
4. Do you offer after-hours support?
Absolutely. Radiology never sleeps, and neither does our Ohio-based Network Operations Center (NOC). We provide three support tiers—Silver (8×5), Gold (16×5), and Platinum (24×7)—so you can choose the level that fits your operational needs and budget. All tiers include proactive monitoring via our centralized dashboard, automated alerting on DICOM queue backlogs, interface failures, and storage thresholds. Our escalation matrix guarantees a response from a Level 2 engineer within 15 minutes for Sev-1 incidents, with direct access to senior architects for complex issues.
5. What is the cost structure?
We offer flexible commercial models: (1) Fixed-price for projects with a stable scope, (2) Time-and-Materials when requirements are evolving, and (3) Managed Service subscriptions for ongoing support. A typical fixed-price integration ranges from $75K to $250K, depending on modality count, custom development, and data migration requirements. For managed services, pricing starts at $3K per month and scales based on storage volume, support hours, and SLA metrics. Before engagement, we deliver a detailed Statement of Work (SOW) and transparent pricing breakdown so you can plan budgets with confidence.
6. Can we migrate images to the cloud without downtime?
Yes. Our zero-downtime migration approach combines phased data replication, read-only image proxies, and dynamic routing. Active imaging studies remain accessible via your existing PACS while historical data is mirrored to the cloud (AWS, Azure, or GCP). During final cutover, we switch DICOM query/retrieve endpoints to the new repository, validate checksums to confirm data integrity, and decommission legacy storage only after clinician sign-off. This strategy maintains continuous clinical access and safeguards against data loss.
