JMIX: A Better Way to Share Medical Imaging
A secure, portable, and verifiable envelope for modern healthcare powered by Aurabox
A patient’s scan is ready but their care is stalled.
Imaging has been captured in DICOM format, the industry standard. It sits on a workstation in a regional clinic. A city-based specialist is ready to review it — urgently. But the clinic’s PACS isn’t connected to the hospital’s.
In that moment, the problem isn’t technology. It’s trust, portability, and governance.
This is the reality JMIX was built for.
What is JMIX?
JMIX (JSON Medical Imaging Exchange) is an open envelope format that packages medical imaging typically DICOM studies for secure, portable, and verifiable transfer across systems and institutions.
It enhances DICOM by wrapping it in a structured, JSON-based metadata layer that supports encryption, sender verification, audit trails, and consent tagging. The result is a self-contained envelope that can move securely over email, APIs, USB, or event systems with or without live infrastructure.
JMIX is designed to meet real-world interoperability needs across hospitals, clinics, research networks, and hybrid care environments.
What JMIX Includes ?
Each envelope contains:
- DICOM imaging files in a dedicated
/dicomdirectory - Structured metadata (
metadata.json) including patient, study, consent, and de-identification details - A manifest (
manifest.json) for describing the envelope contents, sender, recipient(s), and access purpose without exposing PHI - Audit trail (
audit.json) for an append-only log of transfer and access events - Optional encryption block, with AES-256-GCM encryption and sender-generated ephemeral keys (Curve25519 + HKDF)
- Optional sender assertion, supporting self-signed and directory-attested identity claims via Ed25519 signatures
- Preview images and additional files (
files/,preview/) for reports, teaching assets, or auxiliary formats
Why It’s Different
JMIX does not replace DICOM but complements it, enabling standards-compliant, context-aware exchange beyond PACS walls.
Key Features from the Specification
- Encryption: AES-256-GCM using ephemeral sender keys (ECDH over Curve25519 + HKDF)
- Verification: Ed25519 digital signatures; optional third-party attestation via Aurabox
- Auditability: Envelope includes an append-only audit log, preserving every transfer step
- Consent & Policy Tags: Metadata supports optional consent scopes (e.g. treatment, research) and tags (e.g. "teaching", "priority-review")
- Compliance: Designed to support HIPAA, GDPR, and the Australian Privacy Principles
Intended Use Cases
- Cross-hospital and inter-clinic referrals
- Remote and rural outreach where online systems are unavailable
- Teaching file creation with human-readable preview and tagging
- Federated clinical research and multi-site imaging trials
- Upload and handover workflows using S3-compatible or event-based transport
The Future We Envision
With JMIX, a radiologist can send imaging directly to a colleague across the country — securely, with proof of origin, encrypted content, and a complete audit trail. No vendor lock-in. No manual workarounds. No guessing.
The receiving team opens the envelope with confidence — knowing who sent it, what it contains, and that it hasn’t been tampered with.
This is imaging exchange designed for how healthcare actually works.
Want to see how JMIX works in practice?
Explore the specification and try it yourself on GitHub: github.com/aurabx/jmix
