Product
Overview Why it exists Cohort Browser Insight Studio Federation Layer Zero-Movement Model Data Flow Security Model
Solutions
Clinicians Researchers Executives Clinical Research Population Health Claims & Insurance Epidemiology
Developers
FHIR API Access SDKs EMR Integration Documentation API Reference
Resources
Whitepapers Case Studies Pilot Results Platform Demos Blog
Company
About LumkoMDX Our Mission The Team Our Vision Our Values Careers
Request demo

Sovereign infrastructure for trusted healthcare collaboration.

LumkoMDX helps healthcare groups, public health authorities, insurers and research institutions collaborate around medical data while preserving consent, compliance and control.

Request demo Explore the platform
CONSENT-GOVERNED AUDITABLE DATA-RESIDENT FEDERATED
Clinic · Lagos Query out
Hospital · Johannesburg Query out
Ministry · Pretoria Query out
Lab · Nairobi Insight in
Research · Cape Town Insight in
Insurer · Accra Insight in
Query out Insight in Identity stays at source
Working with
Pilot proposals in progress
IME Inc.Health systems
SAHIAHealth information assoc.
Telemedicine AfricaTelehealth network
Pan African TelehealthContinental network
TurboMedicsClinical platform
HealthBookAppPatient platform
RING 01 The shift

From tradeoffs to structure.

Privacy and utility were opposed for forty years. We rebuilt the foundation so they're the same thing.

The old reality

  • Fragmented systems.Data siloed across institutions and technologies.
  • Risk in sharing.Identity exposure, compliance burden, breach risk.
  • Delayed insight.Slow access to the data needed to improve outcomes.

The new reality

  • Data is used where it exists.No movement, no copies, no central honeypot.
  • Identity never enters the system.Pseudonymised at source. Sovereign by design.
  • Insight in minutes, not months.Federated queries return real-time evidence.
RING 02 Choreography

Three movements. One sovereign system.

The architecture is simple to describe. It's the discipline of never breaking it that took the years.

  1. STEP 01

    Data stays where it lives

    Patient identity remains inside the originating system. Nothing is copied. Nothing moves.

  2. A. Mokoena lmx_4f2a1b…
    STEP 02

    Pseudonymised at source

    Identifiers become cryptographic tokens before any clinical data enters the federation.

  3. STEP 03

    Insight flows back

    Aggregated, compliant intelligence returns to authorised users. Identity stays put.

RING 03 The platform

Four modules. One coherent system.

Each works alone. Together they form a complete sovereign-data environment.

Cohort Browser LumkoMDX
diabetic patients · age 40–65 · last HbA1c > 7.5 1.8s
Type 2 diabetes × Age 40–65 × HbA1c > 7.5 × + filter
Cohort scope 12,850 patients across 14 sites
JHB · ACPTLagosPretoriaKigali
12,850
Patients
14
Sites
0
Records moved
Illustrative · synthetic data
You

What's the 30-day readmission rate for COPD patients across our network, broken down by region?

Insight Studio trace · ax_91e3c5

Across 14 federated sites, 30-day COPD readmission averages 10.4%. Eastern Cape sits highest; Western Cape lowest.

Western Cape 8.2%
Gauteng 11.6%
KwaZulu-Natal 9.4%
Eastern Cape 13.1%
Federated query · 14 sites · 0 records moved · signed at execution
Illustrative · synthetic data
8 sites 24 queries 0 records moved Live
Query out Insight in Identity stays at source
Illustrative · synthetic data
1,284
Events today
100%
Consent matched
0
Records moved
14:02:11 Clinician · Site A ran cohort query cohort_q4 success
14:02:09 System verified consent on all matching records consent ✓
14:01:58 Federation dispatched query to 14 sites 200 OK
13:58:42 Researcher · Site B exported aggregate report_a91 signed
Illustrative · synthetic data
RING 04 By design

Privacy is not a feature.
It's a property of the system.

  • 01

    Identity never enters the platform.

    There is no central record of who anyone is. Pseudonymisation is the boundary, not a setting.

  • 02

    Certain breaches are structurally impossible.

    You can't leak what was never collected. The architecture closes the category, not the incident.

  • 03

    Compliance is the architecture.

    POPIA, HIPAA, GDPR aren't enforced layers on top — they describe what the system is.

Read the architecture
POPIA HIPAA GDPR ISO 27001
"We didn't set out to build another data platform. We set out to remove a trade-off healthcare has accepted for forty years — that to learn from data, you have to expose it. LumkoMDX is what it looks like when sovereignty is the architecture, not the policy."
Phemi Kgomongwe Managing Director · LumkoMDX
PERIMETER Take a look

Bring your data together —
without giving it away.

A demo takes twenty minutes. The conversation usually goes longer. You'll see a working federation with real (synthetic) data and zero records moved.

Request demo Sample cohort
Federated cohort · diabetes_q2
Live
Q1Q2Q3Q4
14 sites · 0 records moved 583 events