RadSwift DXA · For IT Departments

Security & Compliance

RadSwift DXA runs entirely on your local machine. No patient data is ever transmitted to an external server — by design. Here's everything your IT or compliance team needs to know.

Email Our Team Back to RadSwift DXA

100% Local Processing No PHI Transmitted No Firewall Rules Required No BAA Required

0 bytes of patient data ever transmitted

0 outbound firewall rules required

local all OCR and extraction runs on your machine

How data flows

RadSwift DXA reads the DXA scan report displayed on your screen, extracts measurement values using on-device AI, and copies them to your clipboard. Every step happens entirely within your machine. Nothing is transmitted over any network.

DXA Scan Viewer

on-screen report

screen capture

RadSwift DXA App

local OCR & extraction

clipboard

Reporting System

PowerScribe, Epic, etc.

All steps run locally on your computer — no network involved

Network requirements

RadSwift DXA makes no outbound network connections as part of its measurement extraction workflow. There is nothing to allowlist.

No firewall rules required RadSwift DXA does not connect to any server to perform extraction. It reads the DXA scan report from your screen and copies results to your clipboard — entirely offline. Your IT team does not need to open or allowlist any ports or domains for this product.

Note: The installer itself is downloaded from radswift.com over HTTPS — a one-time download. No ongoing network access is required after installation.

HIPAA & privacy posture

Because RadSwift DXA is a local-only application that never receives or transmits patient data, its HIPAA footprint is minimal by design.

No BAA required RadSwift does not receive, access, or process any patient data on its own infrastructure. Because we are not a Business Associate under HIPAA for this product, a BAA between you and RadSwift is not required for the DXA software. (If your institution requires one as a matter of policy, contact us.)

No PHI ever leaves the machine DXA scan images, patient identifiers, and extracted measurement values are processed entirely in memory on your local device. No data is uploaded to a server, stored externally, or transmitted over any network by this software.

No telemetry or crash reporting RadSwift DXA does not send usage statistics, crash reports, or diagnostic data. There is no analytics endpoint and no background service that phones home.

Governed by your institution's existing policies Because the software runs locally, it falls under the same data governance and access controls already in place for your workstations. No special data handling agreements with RadSwift are needed.

Standard Windows application RadSwift DXA installs no drivers, browser extensions, or system-level services. It runs as a standard user-space application and can be uninstalled at any time via Windows Settings → Apps, leaving no residual data.

IT FAQ

Common questions from IT and compliance teams about RadSwift DXA.

Does RadSwift DXA make any network connections?

No — not as part of its core function. The extraction and clipboard workflow is entirely offline. The software does not send data to any server during normal operation. The only network activity associated with the product is the one-time HTTPS download of the installer from radswift.com.

Does it install any background services or drivers?

No. RadSwift DXA is a standard Windows desktop application. It installs no kernel drivers, no background services (Windows services), no browser extensions, and no system-level components. It runs only when the user launches it and terminates cleanly when closed.

What permissions does the application require?

RadSwift DXA requires standard user-level permissions to: read the screen (for DXA report capture), write to the system clipboard, and access its own installation directory. It does not require administrator privileges to run after installation, and it does not request elevated permissions at runtime.

Is a Business Associate Agreement (BAA) required?

Not by default. Because RadSwift DXA processes data entirely on your machine and we never receive or access patient information, RadSwift is not acting as a Business Associate under HIPAA for this product. A BAA is therefore not required. If your institution mandates BAAs for all third-party software regardless of data handling, contact us at [email protected] to discuss.

What data does RadSwift DXA write to disk?

RadSwift DXA writes only application preferences and configuration settings to its installation directory. It does not write patient data, scan images, or extracted measurement values to disk. All PHI is handled transiently in memory during extraction and never persisted to storage.

How do we remove it if we need to?

RadSwift DXA can be uninstalled at any time via Windows Settings → Apps. The uninstaller removes all application files and registry entries. No residual data, services, or patient information are left behind after uninstallation.

Is this the same as the RadSwift ultrasound product?

No — they are separate products with fundamentally different architectures. RadSwift DXA is a free local Windows application: no network, no cloud, no IT setup required. The main RadSwift ultrasound product is a cloud service that connects to your PACS and routes imaging data through a secure GCP pipeline — it has separate IT requirements, firewall rules, and a BAA. See the RadSwift Security & Compliance page for the cloud product's documentation.

Questions for your IT or compliance team?

We're happy to provide additional documentation or answer a security questionnaire.

[email protected] Back to RadSwift DXA