Diagnostic Detectives — Secure Upload

This app provides a HIPAA/GDPR-aware patient file intake widget that can be embedded on any page of the Diagnostic Detectives storefront.

Quick setup

  1. Open Online Store → Themes → Customize on the theme you want to add the widget to.
  2. Navigate to the page template where the upload widget should appear (e.g. a /pages/secure-upload page or the contact page).
  3. Click Add section (or Add block) and search for Secure Upload Widget.
  4. Add it and configure the settings panel:
    • Upload API base URL: https://upload-staging.diagnosticdetectives.com
    • Cloudflare Turnstile site key: 0x4AAAAAAC9jKSJa6OizY1rU
    • Privacy notice URL: point at your privacy policy page (required for GDPR)
    • Enable DICOM intake: leave OFF for Wave 0/1 (PDF / JPEG / PNG only)
  5. Save the theme. The widget is now live on that page.

Operator dashboard

The operator admin dashboard lives at /admin/sessions — protected by WebAuthn (Touch ID or hardware key) + IP allowlist. Phase 5 of the spec covers it in detail.

Documentation