De-identification and Re-identification for Security of the Patient Data
DICOMGuard’s proprietary patent-pending technology allows healthcare enterprise to have full control over security of their patient data. DICOM Guard de-identifies patient’s data by removing personal identifiers such as name, date of birth and social security number so that only the owners of the original data can re-identify the patient. These additional security measures are especially important if organizations are storing their patient data off-site. DCMSYS Enterprise Imaging Workflow Engine and Vendor Neutral Archive handle de-identification and re-identification on the fly, using a unique secure key to encrypt and decrypt the data.
Best in class healthcare enterprises focus on productivity and workflow to help ensure the profitability and viability of the organization. However, addressing additional DICOM-related protocols helps support a total program.
DICOM security involves protecting the data from:
- Unauthorized access – Lax user authentication can result in catastrophic medical and legal problems that reverberate through the organization. Insufficient security can result in data corruption or loss, fraud, and patient harm or death.
- Unauthorized changes or manipulations – Appropriate authentication and authorization through DICOM security measures include steps to verify the user as well as the user location to ensure the integrity of the data.
- Denial of service incidents – Gaps in security can produce denial of service attacks which can immobilize servers and result in costly repairs and even costlier losses of production.
Similarly, DICOM anonymization is required to remove confidential information from DICOM files. This usually irreversible process provides an added measure of protection against the unauthorized use of patient information, while leaving intact the image and nonconfidential data required for image display and interpretation. A sufficient DICOM anonymization solution will consistently target the 18 major confidential attributes created by the Health Insurance Portability and Accountability Act (HIPAA).
When choosing a DICOM anonymization resource, care must be taken to select one that will modify the complex structure of DICOM data without harming its integrity for the purposes of interpretation.
For more information on Dicom Systems DICOM security and DICOM anonymization solutions, call (415) 684-8790.