medigraphic.com
ISSN 2992-779X (Electronic)
ISSN 2007-6452 (Print)

2014, Number 4

<< Back Next >>

Investigación en Discapacidad 2014; 3 (4)

Security implementation for management of medical imaging

Gutiérrez-Martínez J, Núñez-Gaona MA, Aguirre-Meneses H, Delgado-Esquerra RE

Language: Spanish
References: 21
Page: 177-184
PDF size: 239.32 Kb.


ABSTRACT

Security inside institutional information systems in hospitals must guarantee confidentiality, integrity and availability of medical imaging as well as of patients’ identity in PACS (patient administration and communication systems). Data in systems are not safe at all, since policies in security of internet or intranet are not enough to ensure absolute privacy, authenticity or integrity of imaging through the DICOM format. Firewall, encryption and encapsulation are procedures designed to provide additional protection of data. However, such procedures are not applied as an absolute rule. Part 15 of DICOM standard PS3.15 specifies profiles and security measures to the appropriate handling of information. In this paper, controls (indicators), standards (DICOM) and policies (HIPPA) are discussed about the design of our PACS-INR in order to ensure the storage, recovering and handling imaging information under a true security and privacy scheme.


REFERENCES

  1. Cushman R. Information and medical ethics: Protecting patient privacy. IEEE Technology and Society Magazine. 1996; 15 (3): 32-39.

  2. Hodge JG, Gostin LO, Jacobson PD. Legal issues concerning electronic health information: privacy, quality, and liability. JAMA. 1999; 282: 1466-1471.

  3. Lim E. Data security and protection for medical images. In: Biomedical information technology by dagan feng. Ed. Elsevier, 2008, pp. 249-257.

  4. International Standard ISO/IEC 27001:2005 Information technology - Security techniques - Information security management systems - Requirements. Disponible en: http://www.iso27000.es/iso27000.html

  5. International Standard ISO/IEC 7498-2. Information technology, Open Systems Interconnection, Basic Reference Model-Part 2: Security Architecture, International Organization for standardization: 1989. Disponible en: http://www.iso.org

  6. Zio E. Reliability engineering: old problems and new challenges. Reliability Engineering & System Safety, 2009; 94 (2): 125-141.

  7. Anderson R. Security engineering: a guide to building dependable distributed systems, 2nd Edition. Wiley Computer Publishing, 2008.

  8. Metcalf L, Spring J. Passive detection of servers; software engineering institute technical report. CERT division. 2003; pp. 29.

  9. Sommerville I. Software engineering. Addison-Wesley, 9th Edition 2011.

  10. Alotaibi Y, Fei L. A novel framework to model a secure information systems. International Conference on Information and Computer Applications. 2012; 24: 84-89.

  11. Jadidoleslamy H. Weakness, vulnerabilities and elusion strategies against intrusion detection systems. International Journal of Computer Science & Engineering Survey. 2012; 3 (4): 15-25.

  12. ISO/TR 20514:2005. Health informatics-electronic health record-definition, scope and context 2005. Disponible en: http://www.iso.org/iso/home/store/catalogue tc/catalogue detail.htm?csnumber=39525

  13. Mouratidis H, Giorgini P, Gordon M. When security metes software engineering: a case or modelling secure information systems. Information Systems. 2005; 30: 609-629.

  14. Hammond E, James C. Standards in Medical Informatics En: Biomedical. Informatics: Computer Applications in Health Care and Biomedicine, 3rd Edition 2006; pp. 265-311.

  15. HIPAA Security Standard. Health Insurance Portability and Accountability 2003. Disponible en: http://www.cms.hhs.gov/hipaa/ hipaa2/regulations/security/03-3877.pdf

  16. HL7 Health Level Seven Standards Version 3.0. An application protocol for electronic data exchange in health care environments. 2003. Disponible en: http://www.hl7.org/implement/standards/index.cfm?ref=nav

  17. DICOM. Digital Imaging and Communications in Medicine Standard, Part 1: Introduction and Overview. National Electrical Manufacturers Association PS. 3.1-3.18, 2009.

  18. Gutiérrez J, Martínez A, Núñez MA, Baltazar R, Delgado R, Muñoz JE et al. Sistema PACS-CNR: Una propuesta tecnológica. Revista Mexicana de Ingeniería Biomédica. 2003; 24 (1): 77-85.

  19. Pianykh O. Digital Imaging and Communications in Medicine (DICOM) Cap 11. DICOM Media and Security Springer 2nd Edition. 2012, pp. 243-262.

  20. Krens R, Spruit M, Urbanus N. Evaluating Information Security Effectiveness with Health Professionals. In: Fred AA, Filipe JJ, Gamboa H (Eds.) Communications in Computer and Information Science 274, BIOSTEC 2011; pp. 324-334.

  21. Gutiérrez-Martínez J, Núñez-Gaona MA, Aguirre-Meneses H, Delgado-Esquerra RE. A software and hardware architecture for a high-availability PACS. J Digit Imaging. 2012; 25 (4): 471-479.




2020     |     www.medigraphic.com