• AI
  • Molecular Imaging
  • CT
  • X-Ray
  • Ultrasound
  • MRI
  • Facility Management
  • Mammography

Data stored on CD media show vulnerability to alteration

Article

Physical security issues for CD media used to transfer imaging data from one institution to another have been well documented. Discs tend to stack up in back offices and are frequently lost. A study from Denmark reveals that data on the disc are not well-protected either and are vulnerable to easy alteration (J Digit Imaging 2007 Aug 21; [Epub ahead of print]).

Physical security issues for CD media used to transfer imaging data from one institution to another have been well documented. Discs tend to stack up in back offices and are frequently lost. A study from Denmark reveals that data on the disc are not well-protected either and are vulnerable to easy alteration (J Digit Imaging 2007 Aug 21; [Epub ahead of print]).

"Identification information such as patient name, age, institute name, and date of imaging can be readily altered on DICOM files exported by CD media," said Fintan McEvoy, a computer engineer at the University of Copenhagen.

No alterations to the DICOM readers were required, McEvoy said. Changes were applied only to the data files, and the alterations were not detectable without detailed analysis of the file structure.

"When the altered CD is inserted into a standard computer CD drive, a stand-alone viewer is opened and images are displayed with altered data. The user cannot tell from the performance or behavior of the disc that the data have been altered," he said.

CD media should be considered unsafe in any situation with potential for financial or other gain from altering the data and when the copy cannot be cross-checked with the original data, according to McEvoy. These situations include insurance claims, medical litigation, and certification procedures.

"While equipment makers attach disclaimers to the discs and specify intended use of such media, CDs are often the only practical means of transmitting imaging data," McEvoy said.

Manufacturers may state in an opening window, for example, that the discs are for reference only and are not to be used for diagnostic purposes.

McEvoy recommends that radiologists confine their use of CD media to conform to restrictive limits stated by the manufacturers. The imaging community needs to impress upon machine and media manufacturers that some method for secure transmission of data using portable media is required.

"For instance, while encryption of patient data is possible, it has not been implemented in many current releases of software packages," he said.

Encryption raises DICOM issues. A common approach to encryption is to replace certain characters according to a key, but the resulting special characters may then be unusable since they fall outside the DICOM standard.

One remedy to this issue is described in the literature (Int J Med Inform 2001:64(2-3):429-438). The authors copied data from the DICOM files to a relational database, encrypted them, then replaced patient data with permissible but meaningless information in the DICOM file.

Related Videos
Where the USPSTF Breast Cancer Screening Recommendations Fall Short: An Interview with Stacy Smith-Foley, MD
A Closer Look at MRI-Guided Transurethral Ultrasound Ablation for Intermediate Risk Prostate Cancer
Improving the Quality of Breast MRI Acquisition and Processing
Can Fiber Optic RealShape (FORS) Technology Provide a Viable Alternative to X-Rays for Aortic Procedures?
Does Initial CCTA Provide the Best Assessment of Stable Chest Pain?
Making the Case for Intravascular Ultrasound Use in Peripheral Vascular Interventions
Can Diffusion Microstructural Imaging Provide Insights into Long Covid Beyond Conventional MRI?
Assessing the Impact of Radiology Workforce Shortages in Rural Communities
Emerging MRI and PET Research Reveals Link Between Visceral Abdominal Fat and Early Signs of Alzheimer’s Disease
Reimbursement Challenges in Radiology: An Interview with Richard Heller, MD
Related Content
© 2024 MJH Life Sciences

All rights reserved.