16 March 2006 HIPAA-compliant automatic monitoring system for RIS-integrated PACS operation
Author Affiliations +
Abstract
As a governmental regulation, Health Insurance Portability and Accountability Act (HIPAA) was issued to protect the privacy of health information that identifies individuals who are living or deceased. HIPAA requires security services supporting implementation features: Access control; Audit controls; Authorization control; Data authentication; and Entity authentication. These controls, which proposed in HIPAA Security Standards, are Audit trails here. Audit trails can be used for surveillance purposes, to detect when interesting events might be happening that warrant further investigation. Or they can be used forensically, after the detection of a security breach, to determine what went wrong and who or what was at fault. In order to provide security control services and to achieve the high and continuous availability, we design the HIPAA-Compliant Automatic Monitoring System for RIS-Integrated PACS operation. The system consists of two parts: monitoring agents running in each PACS component computer and a Monitor Server running in a remote computer. Monitoring agents are deployed on all computer nodes in RIS-Integrated PACS system to collect the Audit trail messages defined by the Supplement 95 of the DICOM standard: Audit Trail Messages. Then the Monitor Server gathers all audit messages and processes them to provide security information in three levels: system resources, PACS/RIS applications, and users/patients data accessing. Now the RIS-Integrated PACS managers can monitor and control the entire RIS-Integrated PACS operation through web service provided by the Monitor Server. This paper presents the design of a HIPAA-compliant automatic monitoring system for RIS-Integrated PACS Operation, and gives the preliminary results performed by this monitoring system on a clinical RIS-integrated PACS.
© (2006) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Jin Jin, Jin Jin, Jianguo Zhang, Jianguo Zhang, Xiaomeng Chen, Xiaomeng Chen, Jianyong Sun, Jianyong Sun, Yuanyuan Yang, Yuanyuan Yang, Chenwen Liang, Chenwen Liang, Jie Feng, Jie Feng, Liwei Sheng, Liwei Sheng, H. K. Huang, H. K. Huang, } "HIPAA-compliant automatic monitoring system for RIS-integrated PACS operation", Proc. SPIE 6145, Medical Imaging 2006: PACS and Imaging Informatics, 61451B (16 March 2006); doi: 10.1117/12.652916; https://doi.org/10.1117/12.652916
PROCEEDINGS
9 PAGES


SHARE
Back to Top