You are previewing Governance of Picture Archiving and Communications Systems.
O'Reilly logo
Governance of Picture Archiving and Communications Systems

Book Description

Governance of Picture Archiving and Communications Systems: Data Security and Quality Management of Filmless Radiology examines information security management systems for the facilitation of picture archiving and communication systems (PACS). This valuable contribution provides a comprehensive guide for the implementation of PACS for the enhancement of modern practices in radiology.

Table of Contents

  1. Copyright
  2. Preface
  3. I. Introduction of PACS and Information Security Management
    1. I. Introduction
      1. INTRODUCTION OF PACS
      2. HISTORY OF PACS
        1. Baltimore Veterans Administration Medical Center
        2. Hammersmith Hospital
        3. Samsung Medical Center
        4. Hong Kong Hospital Authority (HA)
        5. National Health Service (NHS) in UK
      3. INTRODUCTION OF ISO 27000
        1. Tseung Kwan O Hospital
      4. ELEMENTS OF PACS
        1. DICOM Standard
      5. PACS DESIGN
        1. PACS Design Concept
        2. PACS Infrastructure Design
      6. IMAGING MODALITIES
        1. Introduction
        2. Computed Radiography (CR)
        3. Digital Fluorography
        4. Computed Tomography (CT)
        5. Magnetic Resonance Imaging (MRI)
        6. Nuclear Medicine (NM)
        7. Positron Emission Tomography (PET)
        8. Ultrasound (US)
      7. HOSPITAL INFORMATION SYSTEM (HIS) AND RADIOLOGY INFORMATION SYSTEM (RIS)
        1. Hospital Information System (HIS)
        2. Radiology Information System (RIS)
        3. Structured Query Language (SQL)
        4. Stored Procedure
        5. Health Level 7 (HL7)
      8. PACS BROKER
      9. DISPLAY WORKSTATIONS
        1. Diagnostic workstation
        2. Review workstation
        3. Analysis workstations
        4. Web Server
      10. ADVANCED WORKSTATION
        1. Surgical Navigation workstation
        2. Radiosurgery
      11. TELERADIOLOGY
        1. Teleradiology and PACS
      12. REFERENCES
    2. II. ISO 27000 Information Security Management System
      1. INTRODUCTION
      2. INTERNATIONAL STANDARDS ON INFORMATION SECURITY MANAGEMENT SYSTEM
        1. The Develop of International Information Security Management Standards
        2. Certification Schemes
        3. BS 7799 Part 2
        4. The Creation of ISO/IEC 17799
        5. The Revision of Part 2
        6. 2005 Versions of the Standards and ISO/IEC 27001:2005
      3. THE ESSENCE OF INFORMATION SECURITY
        1. Confidentiality
        2. Integrity
        3. Availability
        4. Sensitive or Critical Information
        5. Ten Major Sections
          1. 1. Business Continuity Planning
          2. 2. System Access Control
          3. 3. System Development and Maintenance
          4. 4. Physical and Environmental Security
          5. 5. Compliance
          6. 6. Personnel Security
          7. 7. Security Organization
          8. 8. Computer and Operations Management
          9. 9. Asset Classification and Control
          10. 10. Security Policy
        6. Plan-Do-Check-Act Model
      4. REFERENCES
    3. III. High Availability Technologies for PACS
      1. INTRODUCTION
      2. HIGH AVAILABLE TECHNOLOGIES
        1. Network
        2. Server Clustering
        3. Database Cluster
          1. Storage
        4. Redundant Array of Inexpensive Disks (RAID)
        5. Web Technology
        6. Fault Tolerance
      3. QUALITY MANAGEMENT OF PACS
        1. Quality Control
        2. Backup and Disaster Recovery
        3. Data Recovery
        4. Physical Damage
        5. Logical Damage
        6. One Time Two Factor Password (OTTFP)
      4. CONCLUSION
      5. REFERENCES
    4. IV. Implementation of Information Security Management System (ISMS)
      1. INTRODUCTION
      2. IMPLEMENTATION OF ISO 27000 IN PACS
        1. Plan Phase
        2. Do Phase
        3. Check Phase
        4. Act Phase
      3. SYSTEM OF DOCUMENTATION
        1. Requirements
        2. Control of Documentation and Records
        3. Management Responsibility
        4. Management Review of the ISMS
      4. RISK ASSESSMENT
        1. Introduction to Risk Analysis
        2. Quantitative Risk Analysis
        3. Qualitative Risk Analysis
          1. Procedures
            1. Identification of processes
            2. Identification of Assets
          2. Information Assets
          3. Paper Documents
          4. Software Assets
          5. Physical Assets
          6. People
          7. Services
          8. Company Image and Reputation
            1. Valuation of Assets (and Potential Impacts)
            2. Risk Measures Matrix
        4. Acceptable Risk Index
        5. Effectiveness of Control
          1. Continuous Assessment
          2. Identification of Control Objectives, Controls and Countermeasures
          3. Report to Security Forum
          4. Monitoring and Review
      5. REFERENCES
  4. II. Implementation of Filmless Hospital
    1. V. Planning for a Filmless Hospital
      1. INTRODUCTION
      2. PLANNINGS
        1. Capacity Planning
        2. Cost Control
          1. Hard Costs
            1. PACS System
            2. Primary System
            3. Resilience System
          2. Soft Costs
          3. Decreased Operational Costs
          4. Revenue Enhancement
        3. Backup Plan
          1. Information Backup Planning
        4. Emergency Response Plan
          1. Potential Failure Scenarios
            1. Network
            2. Electricity Supply
            3. PACS Server Cluster
            4. RIS / Connection to RIS
            5. PACS / RIS Interface
            6. Workstations
            7. Modalities
            8. Cluster Data Store
          2. Emergency Response Plan
          3. Sample Policy for Emergency Response
            1. 1.0 Objective
            2. 2.0 Scope
            3. 3.0 Procedure
            4. 3.1 Get Contact
            5. 3.2 Emergency Treatment
            6. 3.3 Recovery
            7. 3.4 Confirmation
            8. 3.5 Call PACS Contractor or IT Department
            9. 3.6 Emergency Treatment
            10. 3.7 Confirmation
            11. 4.0 Related Record
        5. Workflow Plan
      3. ORDER/ENTRY
      4. HOSPITAL RECEPTION (HIS/RIS)
      5. RADIOLOGY RECEPTION (RIS/PACS/HIS)
      6. ENTERPRISE WIDE (RIS/PACS/HIS)
      7. REFERENCES
    2. VI. Design of a Filmless Hospital
      1. INTRODUCTION
      2. DESIGN OF A FILMLESS HOSPITAL
        1. Computer Network within A Hospital (local Area Network)
        2. Computer Network Outside Hospital (wide Area Network)
          1. ISDN—Integrated Services Digital Network
          2. T1—T3
          3. Asynchronous Transfer Mode (ATM)
          4. Others
        3. RIS
          1. PACS Broker
        4. Image Distribution
        5. Picture Archiving and Communication System (PACS)
        6. High Available PACS Design
        7. Archive
        8. Archive Size
        9. Types of Media Used In Archive
          1. Configuration and Design
        10. Displays
          1. Liquid Crystals Displays
        11. Diagnostic workstation
        12. Clinical Workstation
      3. CONCLUSION
        1. Archive Design
      4. REFERENCES
    3. VII. Implementation of Filmless Hospital
      1. INTRODUCTION
      2. THE BUSINESS PLAN
        1. Cost Justification
        2. Risk Assessment
        3. Capacity Planning
        4. Implementation Plan
          1. Communications Plan
          2. Implement PACS in Phases
          3. Organizational Structure
          4. Training Prior to Implementation
          5. Vendor(s) Communications
          6. Contingency Plan
          7. Handle All Modality Integration Issues Prior to Implementation
          8. Quality Control (QC) Program
          9. Develop Film-Printing Protocols
          10. Workflow Analysis
          11. Implementation on Summary
          12. Trainings
          13. Obstacles to Being Filmless
          14. Deploy the Filmless Hospital Service
          15. Customer Service
          16. No Film Policies
      3. CONCLUSION
      4. REFERENCES
    4. VIII. Quality Control, Quality Assurance, and Business Continuity Plan in PACS
      1. INTRODUCTION
      2. PACS BUSINESS
      3. QUALITY CONTROL IN PACS
        1. Quality Control in Operational Procedures
          1. Data Transfer Verification
          2. HIS/RIS Interface Oversight and Worklist Management Supervision
          3. Continuous System Monitoring
          4. Repair and Maintenance
        2. Quality Control in Emergency Procedures
          1. Reading Cases During PACS Failures
          2. Reading Cases During PACS Failures Lasting up to 30 Minutes
          3. Reading Cases During PACS Failures Lasting 31 Minutes to 6 Hours
          4. Reading Cases During PACS Failures Lasting more than 6 Hours
          5. Failure of the WAN
      4. QUALITY ASSURANCE IN PACS
        1. PACS Team
        2. PACS Team QA Meetings
        3. PACS QA Scope
        4. LCD Monitor Quality
        5. Display Gamma (Gamma)
        6. Perceptual Linearization
        7. Medical vs. General Purpose Monitors
        8. Guidelines for Diagnostic Display Device
        9. QA of Image Display Devices (Monitors)
      5. BUSINESS CONTINUITY PLAN
        1. Implementation of BCP
        2. Methodology
        3. Business Analysis
        4. Impact Analysis
      6. CONCLUSION
      7. REFERENCES
  5. III. PACS Total Quality Management
    1. IX. PACS Quality Dimensions
      1. BACKGROUND
      2. PACS OPERATING PROBLEMS
        1. Hardware Problems
        2. Software Problems
        3. System Integration Problems
        4. Human Factors
      3. SHORTCOMINGS OF EXISTING PACS QA
        1. Approaches to Hardware Problems
        2. Approaches to Software Problems
        3. Approaches to System Integration Problems
        4. Approaches to Human Factors
      4. CONCLUDING REMARK
      5. REFERENCES
    2. X. Customer Oriented PACS
      1. BACKGROUND
      2. THE QFD PROCESS
        1. House of Quality
        2. PACS Request for Proposal
      3. CASE EXAMPLE: SaxTeleMed PROJECT
        1. Problem Description
        2. Call for Tenders and Implementation
        3. RFP Through QFD
        4. Project Evaluation
        5. Observations
        6. A Modified QFD for PACS
          1. Analytic Hierarchy Process (AHP)
          2. Theory of Inventive Problem Solving (TRIZ)
      4. CONCLUDING REMARK
      5. REFERENCES
    3. XI. Design for PACS Reliability
      1. INTRODUCTION
      2. BASIC CONCEPTS
      3. OVERVIEW OF FAILURE DISTRIBUTIONS
        1. Methods of Estimating Weibull Parameters
        2. Verification of weibull Assumption
        3. Proposed weibull Estimation
        4. Spreadsheet Procedure
      4. CASE ILLUSTRATION: PACS IMAGE REJECTS
        1. The Problem
        2. Weibull Estimation
      5. IMPROVING PACS HARDWARE RELIABILITY
        1. Series Components
        2. Parallel Components
        3. Cross-Linked Components
      6. SOFTWARE RELIABILITY MODELS
      7. A PACS SOFTWARE CASE STUDY
        1. Software Development and Testing
      8. IMPROVING PACS SOFTWARE RELIABILITY
      9. CONCLUDING REMARK
      10. REFERENCES
    4. XII. PACS Failure Mode and Effects
      1. BACKGROUND
      2. BASIC CONCEPT
      3. FMEA PROCEDURE
      4. CASE ILLLUSTRATION: PACS FMEA
        1. Problem Description
      5. CONCLUDING REMARK
      6. REFERENCES
    5. XIII. PACS Network Traffic Control
      1. NETWORK STANDARDS
      2. TCP CONGESTION CONTROL
      3. QUEUE MANAGEMENT
        1. Queue Management
          1. Drop Tail (DT)
          2. Random Early Detection (RED)
      4. TCP/AQM NETWORK MODEL
        1. Proportional AQM Scheme
      5. A TCP FLUID-FLOW MODEL
      6. MULTI-ROUTER AND MULTIPLE TCP FLOW SIMULATION
        1. Data Flow Diagrams (DFD)
        2. Simulation Results
        3. Core Function Descriptions
      7. CONCLUDING REMARK
      8. REFERENCES
    6. XIV. Human Factors and Culture
      1. BACKGROUND
      2. COMMUNICATION AND INFORMATION EXCHANGE
      3. PACS TRAINING
      4. EFFECTS OF ORGANIZATION CULTURE
      5. CASE ILLUSTRATION: CULTURAL COMPARISON
        1. Background
        2. Power Distance Index (PDI)
          1. Effects of High PDI on Corporate Communication
        3. Individualism-Collectivism
          1. Effect of Low IDV on Teamwork
        4. Uncertainty Avoidance Index (UAI)
          1. Effect of Low UAI on TQM Implementation
        5. Long-Term Orientation
          1. Effect of High LTO on TQM Initiatives
      6. IMPLICATIONS FOR LOCAL PACS COMMUNITY
      7. PROPOSED HUMAN FACTOR APPROACH
        1. A Sociotechnical System Approach
        2. A Structured Communication Process
        3. A PACS Organizational Structure
        4. A Common Business Understanding
        5. Mutual Forbearance Amongst PACS Partners
        6. Ability of PACS Partners
      8. CONCLUDING REMARK
      9. REFERENCES
    7. XV. PACS Monitoring
      1. BACKGROUND
      2. RELEVANT WORK
      3. CONTROL CHARTS
        1. Control Chart Limits
        2. PACS Application
        3. Types of Control Charts
        4. X-Bar and R Control Chart for Variables Data
        5. Interpretation of PACS Control Charts
        6. Rules for Interpreting X-Bar and R Charts
        7. Timing For Individual X and Moving Range (XmR) Control Charts
      4. PACS CAPABILITY INDICES
        1. Potential Capability (Cp)
          1. Capability Ratio (Cr)
          2. Lower/Upper Potential Capability: Cpl, Cpu
          3. Non-Centering Correction (K)
          4. Demonstrated Excellence (Cpk)
          5. Potential Capability II: Cpm
        2. Experiments to Improve Process Capability
        3. Testing the Normality Assumption
        4. Tolerance Limits
      5. CONCLUDING REMARK
      6. REFERENCES
  6. IV. Future PACS Directions and Planning of Future Hospitals
    1. XVI. Quality Management Benefits
      1. BACKGROUND
      2. CASE ILLUSTRATION
        1. Team work
        2. Filmless Radiology
        3. Problem Identification
        4. Data Collection
        5. Data Analysis
      3. IMPLEMENTATION OF IMPROVEMENT INITIATIVES
        1. Digital Imaging Modalities
        2. Web Technology
        3. Clustering of DICOM web Servers
        4. RAID Technology
        5. Storage Area Network (SAN)
        6. Redundant Network for Image Distribution
        7. Barcode System
        8. Smart Card System
        9. No-Film Policy
        10. Embedded Liquid Crystal Display (LCD) Monitor
      4. RESULTS
        1. Film-Cost Saving
        2. Infection Control
        3. Space Saving
        4. Increase Efficiency
        5. Environmental Friendliness
        6. Promotion of Hospital Image
      5. PROJECT REVIEW AND FUTURE PLAN
        1. Conclusion
      6. JUDGING PANEL Q & A
      7. CONCLUDING REMARK
      8. REFERENCES
    2. XVII. Epilogue
      1. FUTURE TREND
        1. Introduction of ISO 27799
        2. Contents of ISO 27799
          1. Practical Action Plan for Implementing ISO/IEC 27799
          2. Healthcare Implications of ISO/IEC 27799
          3. Annexes of ISO 27799
  7. V. Appendices
    1. A. Appendix
      1. EXAMPLE POLICY STATEMENT
        1. Objective
        2. Policy
      2. BUSINESS CONTINUITY PLAN
        1. 1.0 Objective
        2. 2.0 Responsibilities
        3. 3.0 Scope
          1. Assumption
        4. 4.0 Content
          1. 4.1 Business Proces
            1. 4.1.1 Risk Identification
            2. 4.1.2 Level Determination
            3. 4.1.3 Responsibility Determination
            4. 4.1.4 Impact Analysis
            5. 4.1.5 Plan Development
            6. 4.1.6 Plan Implementation
            7. 4.1.7. Annual BCP Plan Revision
          2. 4.2 Responsibility Table
      3. HEALTH CHECK REPORT OF PACS IN TSEUNG KWAN O HOSPITAL DATE: DD/MM/YYYY
        1. PACS Model: IMPAX System
        2. Action List of PACS System
          1. Disk Usage at TK0AS01
          2. Disk Usage at TKODB01
          3. Disk Usage at TKONWG01
          4. Disk Usage at TKOAS02
        3. PACS System Information
          1. Health Check Summary of Root Disks under Volume Manager, Archive Server
          2. Health Check Summary of Root Disks under Volume Manager, Database Server
          3. Health Check Summary of A1000 Storage Arrays that are Connected to Archive Server, TKOAS01
          4. Health Check Summary of A1000 Storage Arrays that are Connected to Database Server, TKODB01
      4. MONTHLY MOD TAPE TEST
    2. B. Appendix
      1. PACS QUALITY FUNCTIONAL BLOCK DIAGRAMS
    3. C. Appendix
      1. Appendix C1 Values of {Γ[1+(1/B)]}2 / Γ[1+(2/B)]
      2. APPENDIX C2 VALUES OF r[1+(1/β)]
    4. Glossary
  8. About the Author