Ease of alterations puts data on CD media at risk

June 16, 2008

A study from Denmark reveals that CD media used to transfer imaging data are vulnerable to easy alteration. Information such as patient name, age, institute name, and date of imaging can be readily altered on DICOM files exported by CD.

A study from Denmark reveals that CD media used to transfer imaging data are vulnerable to easy alteration. Information such as patient name, age, institute name, and date of imaging can be readily altered on DICOM files exported by CD.

No alterations to the DICOM readers were required, said Fintan McEvoy, a computer engineer at the University of Copenhagen. Changes were applied only to the data files, and the alterations were not detectable without detailed analysis of the file structure.

McEvoy said CD media should be considered unsafe in any situation with potential for financial or other gain from altering the data and when the copy cannot be cross-checked with the original data. These situations include insurance claims, medical litigation, and certification procedures.