Medical image/data security is mandated by HIPAA (Health Insurance Portability and Accountability Act) to ensure that patients’ records have protection of privacy. Although the DICOM standard provides a standard for the medical image industry to follow, this standard has not been enforced. This chapter discusses the concept of image/data security, some basic terminology, and methods used to secure data Figure 17.1 (excerpted from Fig. 1.3) shows how this chapter corresponds to other chapters of Part III. Figure 17.2 shows the components (pink) involved image/data security in the PACS and teleradiology data flow.
17.1 INTRODUCTION AND BACKGROUND
Data security becomes a critical issue not only when digital images and pertinent patient information are stored in an ASP off-site backup archive system but also during the transmission of these data through public networks in telemedicine and teleradiology applications. Generally, trust in digital data is characterized in terms of privacy, authenticity, and integrity of the data. Privacy refers to denial of access to information by unauthorized individuals. Authenticity means validating the source of a message, that is, that it was transmitted by a properly identified sender. Integrity refers to the assurance that the data had not been modified accidentally or deliberately in transit, by replacement, insertion, or deletion. Conventional Internet security methods are not sufficient to ...