Proc. SPIE. 6145, Medical Imaging 2006: PACS and Imaging Informatics
KEYWORDS: Medicine, Surgery, Databases, Magnetic resonance imaging, Computing systems, Control systems, Information security, Computer security, Network security, Picture Archiving and Communication System
As a governmental regulation, Health Insurance Portability and Accountability Act (HIPAA) was issued to protect the
privacy of health information that identifies individuals who are living or deceased. HIPAA requires security services
supporting implementation features: Access control; Audit controls; Authorization control; Data authentication; and
Entity authentication. These controls, which proposed in HIPAA Security Standards, are Audit trails here. Audit trails
can be used for surveillance purposes, to detect when interesting events might be happening that warrant further
investigation. Or they can be used forensically, after the detection of a security breach, to determine what went wrong
and who or what was at fault. In order to provide security control services and to achieve the high and continuous
availability, we design the HIPAA-Compliant Automatic Monitoring System for RIS-Integrated PACS operation. The
system consists of two parts: monitoring agents running in each PACS component computer and a Monitor Server
running in a remote computer. Monitoring agents are deployed on all computer nodes in RIS-Integrated PACS system to
collect the Audit trail messages defined by the Supplement 95 of the DICOM standard: Audit Trail Messages. Then the
Monitor Server gathers all audit messages and processes them to provide security information in three levels: system
resources, PACS/RIS applications, and users/patients data accessing. Now the RIS-Integrated PACS managers can
monitor and control the entire RIS-Integrated PACS operation through web service provided by the Monitor Server.
This paper presents the design of a HIPAA-compliant automatic monitoring system for RIS-Integrated PACS Operation,
and gives the preliminary results performed by this monitoring system on a clinical RIS-integrated PACS.
Proc. SPIE. 5748, Medical Imaging 2005: PACS and Imaging Informatics
KEYWORDS: Image encryption, Medicine, Surgery, Image processing, Medical imaging, Algorithm development, Information security, Computer security, Standards development, Picture Archiving and Communication System
In this paper, we developed security approach to provide security measures and features in PACS image acquisition and Tele-radiology image transmission. The security processing on medical images was based on public key infrastructure (PKI) and including digital signature and data encryption to achieve the security features of confidentiality, privacy, authenticity, integrity, and non-repudiation. There are many algorithms which can be used in PKI for data encryption and digital signature. In this research, we select several algorithms to perform security processing on different DICOM images in PACS environment, evaluate the security processing performance of these algorithms, and find the relationship between performance with image types, sizes and the implementation methods.
Next Generation Internet (NGI) technology with new communication protocol IPv6 emerges as a potential solution for low-cost and high-speed networks for image data transmission. IPv6 is designed to solve many of the problems of the current version of IP (known as IPv4) with regard to address depletion, security, autoconfiguration, extensibility, and more. We choose CTN (Central Test Node) DICOM software developed by The Mallinckrodt Institute of Radiology to implement IPv6/IPv4 enabled DICOM communication software on different operating systems (Windows/Linux), and used this DICOM software to evaluate the performance of the IPv6/IPv4 enabled DICOM image communication with different security setting and environments. We compared the security communications of IPsec with SSL/TLS on different TCP/IP protocols (IPv6/IPv4), and find that there are some trade-offs to choose security solution between IPsec and SSL/TLS in the security implementation of IPv6/IPv4 communication networks.
Proc. SPIE. 5371, Medical Imaging 2004: PACS and Imaging Informatics
KEYWORDS: Surgery, Synthetic aperture radar, Image processing, Networks, Control systems, Medical imaging, Image transmission, Computer architecture, Teleradiology, Picture Archiving and Communication System
Severe acute respiratory syndrome (SARS) is a respiratory illness that had been reported in Asia, North America, and Europe in last spring. Most of the China cases of SARS have occurred by infection in hospitals or among travelers. To protect the physicians, experts and nurses from the SARS during the diagnosis and treatment procedures, the infection control mechanisms were built in SARS hospitals. We built a Web-based interactive teleradiology system to assist the radiologists and physicians both in side and out side control area to make image diagnosis. The system consists of three major components: DICOM gateway (GW), Web-based image repository server (Server), and Web-based DICOM viewer (Viewer). This system was installed and integrated with CR, CT and the hospital information system (HIS) in Shanghai Xinhua hospital to provide image-based ePR functions for SARS consultation between the radiologists, physicians and experts inside and out side control area. The both users inside and out side the control area can use the system to process and manipulate the DICOM images interactively, and the system provide the remote control mechanism to synchronize their operations on images and display.
Proc. SPIE. 5371, Medical Imaging 2004: PACS and Imaging Informatics
KEYWORDS: Internet, Data modeling, Surgery, Synthetic aperture radar, Image processing, Control systems, Data archive systems, Telecommunications, Data communications, Picture Archiving and Communication System
We developed a Web-based system to interactively display image-based electronic patient records (EPR) for intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). We have successfully used this system two times for the teleconsultation on Severe acute respiratory syndrome (SARS) in Shanghai Xinhua Hospital and Shanghai Infection Hospital. During the consultation, both the physicians in infection control area and the experts outside the control area could interactively study, manipulate and navigate the EPR of the SARS patients to make more precise diagnosis on images with this system assisting. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.
Proc. SPIE. 5033, Medical Imaging 2003: PACS and Integrated Medical Information Systems: Design and Evaluation
KEYWORDS: Medicine, Surgery, Solid state lighting, Telecommunications, Integration, System integration, Information security, Computer security, Network security, Picture Archiving and Communication System
In this paper, we presented a new security approach to provide security measures and features in both healthcare information systems (PACS, RIS/HIS), and electronic patient record (EPR). We introduced two security components, certificate authoring (CA) system and patient record digital signature management (DSPR) system, as well as electronic envelope technology, into the current hospital healthcare information infrastructure to provide security measures and functions such as confidential or privacy, authenticity, integrity, reliability, non-repudiation, and authentication for in-house healthcare information systems daily operating, and EPR exchanging among the hospitals or healthcare administration levels, and the DSPR component manages the all the digital signatures of patient medical records signed through using an-symmetry key encryption technologies. The electronic envelopes used for EPR exchanging are created based on the information of signers, digital signatures, and identifications of patient records stored in CAS and DSMS, as well as the destinations and the remote users. The CAS and DSMS were developed and integrated into a RIS-integrated PACS, and the integration of these new security components is seamless and painless. The electronic envelopes designed for EPR were used successfully in multimedia data transmission.