Physical security issues for CD media used to transfer imaging data from one institution to another have been well documented. Discs tend to stack up in back offices and are frequently lost. A study from Denmark reveals that data on the disc are not well-protected either and are vulnerable to easy alteration (J Digit Imaging 2007 Aug 21; [Epub ahead of print]).
Physical security issues for CD media used to transfer imaging data from one institution to another have been well documented. Discs tend to stack up in back offices and are frequently lost. A study from Denmark reveals that data on the disc are not well-protected either and are vulnerable to easy alteration (J Digit Imaging 2007 Aug 21; [Epub ahead of print]).
"Identification information such as patient name, age, institute name, and date of imaging can be readily altered on DICOM files exported by CD media," said Fintan McEvoy, a computer engineer at the University of Copenhagen.
No alterations to the DICOM readers were required, McEvoy said. Changes were applied only to the data files, and the alterations were not detectable without detailed analysis of the file structure.
"When the altered CD is inserted into a standard computer CD drive, a stand-alone viewer is opened and images are displayed with altered data. The user cannot tell from the performance or behavior of the disc that the data have been altered," he said.
CD media should be considered unsafe in any situation with potential for financial or other gain from altering the data and when the copy cannot be cross-checked with the original data, according to McEvoy. These situations include insurance claims, medical litigation, and certification procedures.
"While equipment makers attach disclaimers to the discs and specify intended use of such media, CDs are often the only practical means of transmitting imaging data," McEvoy said.
Manufacturers may state in an opening window, for example, that the discs are for reference only and are not to be used for diagnostic purposes.
McEvoy recommends that radiologists confine their use of CD media to conform to restrictive limits stated by the manufacturers. The imaging community needs to impress upon machine and media manufacturers that some method for secure transmission of data using portable media is required.
"For instance, while encryption of patient data is possible, it has not been implemented in many current releases of software packages," he said.
Encryption raises DICOM issues. A common approach to encryption is to replace certain characters according to a key, but the resulting special characters may then be unusable since they fall outside the DICOM standard.
One remedy to this issue is described in the literature (Int J Med Inform 2001:64(2-3):429-438). The authors copied data from the DICOM files to a relational database, encrypted them, then replaced patient data with permissible but meaningless information in the DICOM file.
MRI-Based AI Radiomics Model Offers 'Robust' Prediction of Perineural Invasion in Prostate Cancer
July 26th 2024A model that combines MRI-based deep learning radiomics and clinical factors demonstrated an 84.8 percent ROC AUC and a 92.6 percent precision-recall AUC for predicting perineural invasion in prostate cancer cases.
Breast MRI Study Examines Common Factors with False Negatives and False Positives
July 24th 2024The absence of ipsilateral breast hypervascularity is three times more likely to be associated with false-negative findings on breast MRI and non-mass enhancement lesions have a 4.5-fold likelihood of being linked to false-positive results, according to new research.
Can Polyenergetic Reconstruction Help Resolve Streak Artifacts in Photon Counting CT?
July 22nd 2024New research looking at photon-counting computed tomography (PCCT) demonstrated significantly reduced variation and tracheal air density attenuation with polyenergetic reconstruction in contrast to monoenergetic reconstruction on chest CT.