Alternative teleradiology architecture tackles security problem

Article

DSL or cable communication protocols may promise faster teleradiology solutions, but they require security measures to protect sensitive data traveling over the Internet. A virtual private network (VPN) link between a hospital intranet and a PC used

DSL or cable communication protocols may promise faster teleradiology solutions, but they require security measures to protect sensitive data traveling over the Internet.

A virtual private network (VPN) link between a hospital intranet and a PC used for teleradiology in a physician's home can be used to protect the data. But VPNs create a backdoor vulnerability for the hospital intranet, according to Francisco Corella, a computer scientist and president of Pomcor, a startup firm in Danville, PA.

"A program running on the home PC has access to the hospital intranet as if the PC were part of that intranet," he said.

Hackers can easily run programs on other people's PCs. A hacker could therefore use a home PC to access the hospital's intranet, circumventing the hospital firewall, Corella said. This exposure is sometimes addressed by installing firewalls on the home PC.

"This is better than nothing, but an IT manager who deploys this solution may not fully realize that they now have an intranet with multiple entry points. One is protected by a $50K firewall maintained by specially trained security personnel, while the others are protected by free software controlled by ordinary users and their teenage children," he said.

A secure alternative architecture has evolved at Geisinger Medical Center, also in Danville.

"We upload images from the hospital to Web server hosted on the Internet and download them to a PC at the physician's home," said Dr. Karen P. Lewison, section chief of nuclear medicine. "Both transfers are protected by SSL Web security."

SSL (Secure Socket Layer, from Netscape) is the standard Web security protocol. Corella calls it the most mature, widely used, and highly regarded communications protocol.

The ability to upload files using a Web browser has been available for a few years. The Web server runs a simple Web "file repository" application, according to Corella. Users can upload files, list the files stored in the repository, and download files. Each user logs in with their own user ID and password. Once a study has been uploaded to the repository, on-call physicians can log in, download it, and view it on their home PC.

Multiple-file studies can be zipped together for transmission as a unit, with lossless compression as an added benefit.

"This approach allows physicians to take advantage of the transmission speed provided by broadband cable or DSL connections, while protecting data sent over the Internet," Corella said. "It avoids the vulnerability introduced by a VPN link to the physician's home."

Geisinger has measured download times of a few seconds for nuclear medicine studies and a few minutes for a CT study, Lewison said.

Recent Videos
Improving Access to Nuclear Imaging: An Interview with SNMMI President Jean-Luc C. Urbain, MD, PhD
SNMMI: 18F-Piflufolastat PSMA PET/CT Offers High PPV for Local PCa Recurrence Regardless of PSA Level
SNMMI: NIH Researcher Discusses Potential of 18F-Fluciclovine for Multiple Myeloma Detection
SNMMI: What Tau PET Findings May Reveal About Modifiable Factors for Alzheimer’s Disease
Emerging Insights on the Use of FES PET for Women with Lobular Breast Cancer
Can Generative AI Reinvent Radiology Reporting?: An Interview with Samir Abboud, MD
Mammography Study Reveals Over Sixfold Higher Risk of Advanced Cancer Presentation with Symptom-Detected Cancers
Combining Advances in Computed Tomography Angiography with AI to Enhance Preventive Care
Study: MRI-Based AI Enhances Detection of Seminal Vesicle Invasion in Prostate Cancer
What New Research Reveals About the Impact of AI and DBT Screening: An Interview with Manisha Bahl, MD
Related Content
© 2025 MJH Life Sciences

All rights reserved.