Imagine the following scenario: The quarterback of your favorite football team injures his knee and is rushed to the hospital for an MRI to inspect the damage. The local physician likes to have a second opinion, however, so she sends the
Imagine the following scenario: The quarterback of your favorite football team injures his knee and is rushed to the hospital for an MRI to inspect the damage. The local physician likes to have a second opinion, however, so she sends the image to a colleague using regular Internet transfer. A hacker paid by a tabloid sports magazine is monitoring all Internet traffic out of the hospital and intercepts the image. The magazine publishes the photo on the front cover, under the heading "Forget about the Super Bowl."
In another scenario, someone intercepts an electronic diagnostic report, captures it, changes a single word ("malignant" to "benign"), and sends it on, pretending to be the original sender.
Such situations may seem farfetched, but security breaches have already been reported involving quite dramatic consequences. The pending HIPAA security regulations are designed to ensure that institutions implement procedures, guidelines, and measures that will prevent such catastrophes from happening in the medical environment.
While these guidelines will have obvious ramifications for health data transfers of all kinds, it is important to note that the communication component of any information exchange is an essential, but not exclusive, part of the security chain.
Even if an institution implements all the necessary measures to make sure the communication is secure, in many instances someone could access a workstation without authorization. It is well known in computer security circles that passwords can often be found on or around workstations. In addition, in the first scenario above, the MRI could be viewed by any layman who happens to look over the shoulder of a physician at the workstation in a public area.
Of course, a number of other measures can be implemented to make each data exchange secure. One of the most common is encryption, which is already commercially available. Every time you buy a book from Amazon.com or any other item over the Web and you provide your credit card number, this transaction is encrypted using a secure socket layer (SSL) protocol. The same can be done for the exchange of images or diagnostic reports.
In addition, the DICOM committee is working on a digital signature proposal whereby certain or all aspects of an image or diagnostic report can be authenticated. DICOM deals only with the communication of data and is therefore not sufficient to achieve full compliance with the upcoming HIPAA guidelines. Thus, digital signatures are expected to become very important in radiology, especially for electronic reports.
Several of these concepts will be demonstrated at upcoming trade shows, notably the RSNA meeting in Chicago and the ECR in Vienna. A number of vendors have sponsored the implementation of these principles, and the resulting software will be available in the public domain.
Comments/questions: Herman Oosterwijk at herman@otechimg.com
© 2000 Miller Freeman Inc.
11/29/00, Issue # 117, page 8.
MRI-Based AI Radiomics Model Offers 'Robust' Prediction of Perineural Invasion in Prostate Cancer
July 26th 2024A model that combines MRI-based deep learning radiomics and clinical factors demonstrated an 84.8 percent ROC AUC and a 92.6 percent precision-recall AUC for predicting perineural invasion in prostate cancer cases.
Breast MRI Study Examines Common Factors with False Negatives and False Positives
July 24th 2024The absence of ipsilateral breast hypervascularity is three times more likely to be associated with false-negative findings on breast MRI and non-mass enhancement lesions have a 4.5-fold likelihood of being linked to false-positive results, according to new research.
Can Polyenergetic Reconstruction Help Resolve Streak Artifacts in Photon Counting CT?
July 22nd 2024New research looking at photon-counting computed tomography (PCCT) demonstrated significantly reduced variation and tracheal air density attenuation with polyenergetic reconstruction in contrast to monoenergetic reconstruction on chest CT.