Stability was the turning point. With Kestra, our most critical flows finally run the way they should.
Healthcare & Life Sciences
The orchestration layer behind
modern healthcare and life sciences.
Run medical AI pipelines, pharmacy supply chains, genomics workflows, and HIPAA-compliant data operations on one open-source engine. PHI stays inside your perimeter. Replayable end to end.
medical-image-pipeline 2.8s
✓ receive_study core.http.Webhook DICOM accepted
✓ load_secrets hashicorp.vault.kv.Read 4 keys
✓ segment_volume scripts.python (GPU) 14 regions
✓ score_anomaly scripts.python.Commands flagged
✓ analyst_review core.flow.Pause Confirmed
✓ post_to_pacs core.http.Request posted
Trusted by healthcare, pharmacy, and life-sciences teams 
One control plane for the workflows healthcare and life sciences run on.
Medical AI pipelines. Pharmacy supply chains. Genomics workflows. HIPAA-compliant data operations. Whether you're segmenting cardiac volumes, normalizing supplier files for 400 pharmacies, or parallelizing genomic pipelines, the engine is the same. Self-hosted, multi-tenant, audit-ready.
TRIGGER
Medical image / DICOM arrival
Supplier file drop / SFTP
Schedule / batch window
Kafka / event stream
Webhook / portal call
Ticket / incident update
INGEST
PACS, DICOM & imaging archives
Pharmacy & supplier file feeds
Genomics / lab / sequencing data
Lakehouse / dbt / warehouse
Vault / CyberArk / PHI secrets
Identity (LDAP, Keycloak, AD)
PROCESS
Image segmentation & ML scoring
Supplier file normalization
Bioinformatics & genomics jobs
dbt / SQL / Python / R / Spark
Clinical & analyst approval gates
PHI policy & retention controls
ACT
Update PACS / EHR / CRM
Sync inventory / dispatch supplier
Publish lakehouse / data product
Notify clinician / analyst / on-call
Archive signed audit bundle
Update downstream systems
Each step is a declarative YAML task. Wrap an existing legacy pipeline today. Modernize it in place tomorrow. No rewrite of the whole estate.
What healthcare and life-sciences teams actually run on Kestra.
Real workloads from real institutions. Medical AI imaging across cardiac, oncology, and pathology. Pharmacy and supply-chain operations at scale. Secure genomics and life-sciences pipelines. HIPAA-compliant data and IT operations across multi-team estates.
Medical AI, Imaging & Decision Support
Medical Image & AI Pipelines
Process half-gigabyte DICOM volumes, run segmentation and scoring models, and route case outputs for analyst review. The orchestration layer behind cardiac, radiology, and pathology AI workflows. 80 to 90 percent less orchestration overhead than hand-rolled pipelines.
Human-in-the-Loop Clinical Review
Pause any workflow for case-analyst, clinician, or compliance sign-off. Dynamic reprioritization based on AI corner cases, study importance, or operational SLAs. Every decision captured in the immutable audit trail.
Computer Vision & Diagnostic Support
Orchestrate inference across cardiac imaging, neurosurgery planning, oncology workflows, and pathology slides. Native Docker and Kubernetes execution with GPU worker groups for ML workloads.
Pharmacy, Supply Chain & Operations
Pharmacy Supply Chain Orchestration
Receive supplier orders from SFTP, email, or API. Normalize formats with Python or shell scripts, validate against rules, and load to your back-office system. The pattern running major pharmacy retail networks.
Mission-Critical Integration Modernization
Replace 30-year-old integration platforms one workflow at a time. Wrap legacy Python scripts and Cron jobs as Kestra flows, then modernize incrementally. Stability and observability without freezing operations.
Inventory, Distribution & Logistics
Coordinate inventory, distribution, and partner logistics. Kafka triggers for high-volume events, MySQL or Postgres back-office writes, and exception routing to the right ops team.
Genomics, Research & Data Science
Genomics & Bioinformatics Pipelines
Parallelize sequencing pipelines on Kubernetes, AWS Batch, or GPU workers. Long-running jobs with retries, timeouts, and lineage. Hypersensitive genomic data stays inside your perimeter.
Multi-Team Data Science Workflows
Different data science teams have different workflow needs. Namespace-scoped flows, secrets, and runtime per team. Each lab or research group owns its environment on a shared, governed platform.
Long-Running Compute & GPU Orchestration
Manage long-running training and inference jobs across Kubernetes, AWS Batch, and GPU clusters. Pause for researcher review, retry with exponential backoff, and capture lineage for reproducibility.
HIPAA Data, Platform & IT Operations
HIPAA-Compliant Data Pipelines
PHI stays inside your perimeter. Self-hosted workers run next to PHI; the control plane can live in a segmented zone. Multifax and high-volume ingestion patterns with SLA-bound execution and burst capacity.
Identity, Ticketing & Service Operations
Replace manual orchestration that takes hours and waits days for resolution. Centralize multi-server scripts behind one declarative engine, with tickets routed automatically and resolution captured in audit.
Sovereign Platform & Cloud Operations
Self-hosted on private cloud or air-gapped infrastructure. Kubernetes, OpenShift, AWS, GCP, or Azure deployment with worker-group isolation. Modernize legacy infra automation without compromising on PHI controls.
400+pharmacies rely on Kestra
50+critical workflows modernized
30+ yrsof legacy platform, replaced
Built to the bar healthcare IT actually needs.
PHI-Safe & Air-Gapped Deployment
Self-hosted, VPC, or fully air-gapped. Segment control plane and workers across restricted zones so PHI never leaves your perimeter. EU or US data residency for Kestra Cloud.Kubernetes, OpenShift & GPU Workers
Docker, Helm, or OpenShift. Worker groups isolate Linux, Windows, GPU, and PHI-touching runtimes on one shared control plane. PostgreSQL backend handles millions of executions.Immutable, Replayable Execution
Every flow is YAML in Git. Every execution frozen in time. Replay any historical case, study, or supplier batch with the exact code, secrets, and inputs. Years later, the audit holds.Multi-Tenant by Namespace, RBAC by Default
Each lab, business unit, or research team owns its flows, secrets, and runtime on a shared platform. Namespace-scoped RBAC with SSO, SAML, OIDC, and SCIM. Zero blast radius between teams.Clinical & Compliance Approval Gates
Pause any workflow pending human sign-off. Enforce dual control on clinical decisions, model promotions, PHI-touching releases, and any production change. A first-class flow primitive.Audit Logs, Lineage & SIEM Integration
Every execution, user action, and resource change recorded. Stream logs directly to Splunk, Elastic, or your preferred SIEM for HIPAA, HITRUST, and SOC 2 evidence.Patterns from real healthcare and life-sciences deployments.
Real workflows running today inside healthcare, pharmacy, medtech, and life-sciences teams. Copy the YAML, adapt to your stack, deploy through your existing CI and approvals.
Medical image AI pipeline
Pharmacy supply chain ingestion
Genomics pipeline per team
HIPAA-compliant intake
From DICOM arrival to clinician review, with the AI pipeline orchestrated end to end.
A medical study lands on the webhook. Kestra loads credentials from Vault, segments the volume with a Python container, scores anomalies, pauses for case-analyst confirmation on flagged studies, and writes results back to PACS. A common pattern for cardiac, radiology, and pathology AI at scale.
Normalize supplier files from any format and load them to the back office.
Suppliers drop order files in any format. Kestra polls the SFTP, normalizes each file with a Python script, validates against business rules, loads to the back-office database, and routes exceptions to the right ops queue. The pattern running pharmacy retail networks at scale.
Per-team genomics pipeline with namespace isolation and signed lineage.
Each research team owns its namespace, secrets, and runtime. The same flow shape runs per team: pull raw sequencing data, run a containerized bioinformatics step on Kubernetes, validate, publish to the secure lakehouse, archive the lineage. Hypersensitive data never leaves your perimeter.
High-volume PHI intake with policy enforcement, retention controls, and signed audit.
A document or fax lands on the webhook. Kestra enforces PHI policy at the edge, runs OCR and extraction, transforms with dbt, archives the bundle with retention metadata for HIPAA, and notifies the team. Bursty, replayable, audit-ready.
Ready for Production?
Managed or self-hosted, your choice.
Kestra Cloud
Fully managed. Zero maintenance.
Deploy instantly, scale automatically, pay only for what you use.
- Everything in Open Source
- Fully Managed Platform, zero ops
- Automatic Scaling
- SOC 2 Type II Certified
- Built-in Security & Governance
- Fast Onboarding, Pay-as-you-scale
Enterprise Edition
Self-host with enterprise governance.
Critical environments, compliance requirements, air-gapped or hybrid.
- Everything in Open Source
- SSO / SAML & Fine-Grained RBAC
- Audit Logs & Multi-Tenancy
- Air-Gapped & On-Prem Deployment
- Dedicated Customer Success Program
- SLA-Backed Enterprise Support
Integrates with the systems healthcare and life-sciences teams already run.
Connect EHRs, HL7 and FHIR engines, payer APIs, clearinghouses, lab and imaging systems, data platforms, and security controls through 1300+ plugins. Or build the exact integration your environment requires.
Modernize healthcare workflows on a platform you fully own.
Self-hosted, air-gapped, and procurement-friendly. Modernize legacy pipelines incrementally, run medical AI inside your perimeter, and orchestrate sensitive data operations end to end. One open-source engine.
Frequently asked questions
Find answers to your questions right here, and don't hesitate to Contact Us if you couldn't find what you're looking for.