DICOM is ready for HIPAA

Article

Imagine the following scenario: The quarterback of your favorite football team injures his knee and is rushed to the hospital for an MRI to inspect the damage. The local physician likes to have a second opinion, however, so she sends the

Imagine the following scenario: The quarterback of your favorite football team injures his knee and is rushed to the hospital for an MRI to inspect the damage. The local physician likes to have a second opinion, however, so she sends the image to a colleague using regular Internet transfer. A hacker paid by a tabloid sports magazine is monitoring all Internet traffic out of the hospital and intercepts the image. The magazine publishes the photo on the front cover, under the heading "Forget about the Super Bowl."

In another scenario, someone intercepts an electronic diagnostic report, captures it, changes a single word ("malignant" to "benign"), and sends it on, pretending to be the original sender.

Such situations may seem farfetched, but security breaches have already been reported involving quite dramatic consequences. The pending HIPAA security regulations are designed to ensure that institutions implement procedures, guidelines, and measures that will prevent such catastrophes from happening in the medical environment.

While these guidelines will have obvious ramifications for health data transfers of all kinds, it is important to note that the communication component of any information exchange is an essential, but not exclusive, part of the security chain.

Even if an institution implements all the necessary measures to make sure the communication is secure, in many instances someone could access a workstation without authorization. It is well known in computer security circles that passwords can often be found on or around workstations. In addition, in the first scenario above, the MRI could be viewed by any layman who happens to look over the shoulder of a physician at the workstation in a public area.

Of course, a number of other measures can be implemented to make each data exchange secure. One of the most common is encryption, which is already commercially available. Every time you buy a book from Amazon.com or any other item over the Web and you provide your credit card number, this transaction is encrypted using a secure socket layer (SSL) protocol. The same can be done for the exchange of images or diagnostic reports.

In addition, the DICOM committee is working on a digital signature proposal whereby certain or all aspects of an image or diagnostic report can be authenticated. DICOM deals only with the communication of data and is therefore not sufficient to achieve full compliance with the upcoming HIPAA guidelines. Thus, digital signatures are expected to become very important in radiology, especially for electronic reports.

Several of these concepts will be demonstrated at upcoming trade shows, notably the RSNA meeting in Chicago and the ECR in Vienna. A number of vendors have sponsored the implementation of these principles, and the resulting software will be available in the public domain.

Comments/questions: Herman Oosterwijk at herman@otechimg.com


© 2000 Miller Freeman Inc.
11/29/00, Issue # 117, page 8.

Recent Videos
Improving Access to Nuclear Imaging: An Interview with SNMMI President Jean-Luc C. Urbain, MD, PhD
SNMMI: 18F-Piflufolastat PSMA PET/CT Offers High PPV for Local PCa Recurrence Regardless of PSA Level
SNMMI: NIH Researcher Discusses Potential of 18F-Fluciclovine for Multiple Myeloma Detection
SNMMI: What Tau PET Findings May Reveal About Modifiable Factors for Alzheimer’s Disease
Emerging Insights on the Use of FES PET for Women with Lobular Breast Cancer
Can Generative AI Reinvent Radiology Reporting?: An Interview with Samir Abboud, MD
Mammography Study Reveals Over Sixfold Higher Risk of Advanced Cancer Presentation with Symptom-Detected Cancers
Combining Advances in Computed Tomography Angiography with AI to Enhance Preventive Care
Study: MRI-Based AI Enhances Detection of Seminal Vesicle Invasion in Prostate Cancer
What New Research Reveals About the Impact of AI and DBT Screening: An Interview with Manisha Bahl, MD
Related Content
© 2025 MJH Life Sciences

All rights reserved.