CoActiv Medical Regulatory Information/Statements

IHE Integration
IHE Integration StatementDate: June 10 2011
Vendor: CoActiv, LLCProduct Name: EXAM-PACSVersion: V2.01
This product implements all transactions required in the IHE Technical Framework to support the IHE Integration Profiles, Actors and Options listed below:
Integration Profiles ImplementedActors ImplementedOptions Implemented
Basic Image Review (BIR)Image Manager/Image ArchiveNone
Image DisplayN/A
Scheduled Workflow (SWF)Image Manager/Image ArchiveNone
Image DisplayN/A
Evidence CreatorNone
Consistent Presentation of Images (CPI)Image Manager/Image ArchiveN/A
Image DisplayN/A
Evidence CreatorN/A
Print ComposerN/A
Access to Radiology Information (ARI)Image Manager/Image ArchiveN/A
Image DisplayNone
Key Image Note (KIN)Image Manager/Image ArchiveN/A
Image DisplayNone
Nuclear Medicine Image (NMI)Image Manager/Image ArchiveNone
Image DisplayN/A
Mammography Image (MAMMO)Image Manager/Image ArchiveNone
Image DisplayN/A
Portable Data for Imaging (PDI)Portable Media CreatorNone
Portable Media ImporterN/A
Image DisplayN/A
Print ComposerN/A
Patient Information Reconciliation (PIR)Image Manager/Image ArchiveNone
Radiation Exposure Monitoring (REM)Image Manager/Image ArchiveNone
Displayable Reports (DRPT)Report ReaderN/A
Internet address for vendor’s IHE information
Links to Standards Conformance Statements for the Implementation:
Links to general information on IHE:
In North America:
In Europe:
In Japan:
HIPAA Compliance

CoActiv Medical considers the Health Insurance Portability and Accountability Act of 1996 (HIPAA) as a significant enhancement to both the privacy and security aspects of the healthcare industry. CoActiv EXAM-PACS and all related products closely conform to both the letter and the intent of the 1996 HIPAA regulations. CoActiv maintains HIPAA business associate agreements with all clients that are HIPAA covered entities.

Furthermore, CoActiv EXAM-PACS is FDA 510(k) listed and meets complete conformance with DICOM 3.0 Standards for the creation, movement, storage and retrieval of diagnostic radiological images and exams.

An example of some of the tools and procedures that CoActiv provides to its HIPAA covered client include the following:

  • Access and usage logs of all image creation, use, distribution and storage.
  • Separate User Login IDs, Passwords and User Rights and Privileges.
  • Total client control over user accounts and access. CoActiv strongly encourages clients to safeguard this information and prohibit the use of shared passwords.
  • Hierarchical User Access Rights & Privileges based on a strict need-to-know and right-to-know classification. Only patient medical treatment concerns can over-ride User Privilege classifications.
  • Ability to limit access to specific patient images and information to Users based on both User Class as well as Individual Rights & Privileges within the system.
  • Ability to limit access to patient’s images and information to only those physicians, practice medical staff and administrative staff with a legal and/or medical right to such images and information.
  • All access to PACS images and information across the Internet is via Department of Defense 256-bit encryption and is limited to authorized Users only with appropriate User IDs and Passwords and all users are exposed to appropriate HIPAA warnings and are required to acknowledge such warnings before being allowed access to patient images or other patient information.
  • Ability for the imaging entity to require varying levels of access information to different classes of remote users.
  • Ability to organize and structure image and information archives into specific entity, practice or departmental groupings.
  • Automated redundant backup of all patient image and related information on secure HIPAA audited on-line multiple remote archive sites as well as on the imaging center site. If requested, images and information may also be copied to archival removable electronic media for storage in offsite secure vaults.
  • Archive redundancy includes: redundant hard drives; redundant RAID arrays; redundant servers with redundant power supplies, redundant cooling fans and redundant network interface cards; redundant archive centers with redundant Internet connections and redundant power sources, residing on divergent power grids and Internet peering points.
  • All exams, images and information reside on: 1. Local Redundant On-Line RAID equipped Exam Server; 2. Remote Archive Site #1 with On-Line Redundant RAID devices; 3. Remote Archive Site #2 with On-Line Redundant RAID devices.
  • Biometric Access Control to primary archive center.
  • Ability to produce “anonymized” exam copies for teaching or clinical review purposes.
  • Automatic Log-off of any and all unattended workstations and servers with PACS access.
  • Ability for authorized Users of the PACS to manually enter PACS orders and patient demographic information in the event of HIS/RIS failure.
  • CoActiv also can automatically populate all connected modalities with patient exam orders and demographic via a self contained DICOM Modality Worklist in the event of a HIS/RIS failure.
  • Department of Defense 256-bit encryption of all transmitted images and exams to and from Secure Socket Level Internet based access devices.
  • Use of secure client server technology to eliminate less secure “browser based” remote access protocols.
  • CoActiv supplied user training in proper HIPAA compliant practices and procedures when accessing and handling all patient related images and information in the PACS.
  • Classes in HIPAA practices and procedures are also made available on an as requested basis for any and all members of the entity PACS community, including physicians, medical staff, administrative staff, support staff and off-site PACS users such as referring and consulting physicians and their practice staff.
  • CoActiv employees are required to execute appropriate confidentiality agreements and adhere to all HIPAA privacy guidelines.

To receive more detailed or specific information regarding CoActiv Medical HIPAA practices, procedures or policies please contact us at or in writing to: CoActiv, LLC, Department of Regulatory Control, 2 Old New Milford Road, Suite 2F, Brookfield, CT 06804, or by phone at: 877-COACTIV (262-2848).

Information regarding CoActiv FDA and DICOM regulatory compliance is also available elsewhere on this website.

Additional Information regarding HIPAA may be found at the following Internet locations:

US Dept of Health and Human Services –
US Office of Civil Rights (OCR) –
American College of Radiology –

FDA Listing
Device Listing Database
Proprietary Device Name:EXAM-PACS
Device Class:2
Product Code:LLZ
Regulation Number:892.205
Owner/Operator Number:9066996
Date of Listing:09/11/04
Listing Status:Active
Establishment Operations:Manufacturer