Image De-Identification Methods for Clinical Research in the XDS Environment.

To investigate possible de-identification methodologies within the Cross-Enterprise Document Sharing for imaging (XDS-I) environment in order to provide strengthened support for image data exchange as part of clinical research projects. De-identification, using anonymization or pseudonymization, is the most common method to perform information removal within DICOM data. However, it is not a standard part of the XDS-I profiles. Different methodologies were observed to define how and where de-identification should take place within an XDS environment used for scientific research. De-identification service can be placed in three locations within the XDS-I framework: 1) within the Document Source, 2) between the Document Source and Document Consumer, and 3) within the Document Consumer. First method has a potential advantage with respect to the exposure of the images to outside systems but has drawbacks with respect to additional hardware and configuration requirements. Second and third method have big concern in exposing original documents with all identifiable data being intact after leaving the Document Source. De-identification within the Document Source has more advantages compared to the other methods. On the contrary, it is less recommended to perform de-identification within the Document Consumer since it has the highest risk of the exposure of patients identity due to the fact that images are exposed without de-identification during the transfers.

Free DICOM de-identification tools in clinical research: functioning and safety of patient privacy.

PURPOSE: To compare non-commercial DICOM toolkits for their de-identification ability in removing a patient's personal health information (PHI) from a DICOM header. MATERIALS AND METHODS: Ten DICOM toolkits were selected for de-identification tests. Tests were performed by using the system's default de-identification profile and, subsequently, the tools' best adjusted settings. We aimed to eliminate fifty elements considered to contain identifying patient information. The tools were also examined for their respective methods of customization. RESULTS: Only one tool was able to de-identify all required elements with the default setting. Not all of the toolkits provide a customizable de-identification profile. Six tools allowed changes by selecting the provided profiles, giving input through a graphical user interface (GUI) or configuration text file, or providing the appropriate command-line arguments. Using adjusted settings, four of those six toolkits were able to perform full de-identification. CONCLUSION: Only five tools could properly de-identify the defined DICOM elements, and in four cases, only after careful customization. Therefore, free DICOM toolkits should be used with extreme care to prevent the risk of disclosing PHI, especially when using the default configuration. In case optimal security is required, one of the five toolkits is proposed. KEY POINTS: • Free DICOM toolkits should be carefully used to prevent patient identity disclosure. • Each DICOM tool produces its own specific outcomes from the de-identification process. • In case optimal security is required, using one DICOM toolkit is proposed.

A web-based institutional DICOM distribution system with the integration of the Clinical Trial Processor (CTP).

To develop and test a fast and easy rule-based web-environment with optional de-identification of imaging data to facilitate data distribution within a hospital environment. A web interface was built using Hypertext Preprocessor (PHP), an open source scripting language for web development, and Java with SQL Server to handle the database. The system allows for the selection of patient data and for de-identifying these when necessary. Using the services provided by the RSNA Clinical Trial Processor (CTP), the selected images were pushed to the appropriate services using a protocol based on the module created for the associated task. Five pipelines, each performing a different task, were set up in the server. In a 75 month period, more than 2,000,000 images are transferred and de-identified in a proper manner while 20,000,000 images are moved from one node to another without de-identification. While maintaining a high level of security and stability, the proposed system is easy to setup, it integrate well with our clinical and research practice and it provides a fast and accurate vendor-neutral process of transferring, de-identifying, and storing DICOM images. Its ability to run different de-identification processes in parallel pipelines is a major advantage in both clinical and research setting.

Impact of cross-enterprise data sharing on portable media with decentralised upload of DICOM data into PACS.

OBJECTIVES: To evaluate portable media utilisation for image data sharing between enterprises. To predict the costs required to keep up with the trend. To identify related problems. METHODS: A software package was developed to include patient image data from CD into our normal workflow. The trend in the workload of CDs that were uploaded into a Picture Archiving and Communication System (PACS) over 89 months was analysed. The average number of images per month (and per investigation) was calculated to provide the estimation of storage and cost required in the whole process. RESULTS: All Digital Imaging and Communications in Medicine (DICOM) files can be read from compact disc (CD) on any workstation in the hospital, processed quickly to the central server and checked after storage using the software tool. A total of 33,982,404 images from 88,952 CDs have been stored into the PACS system. In recent years, the stored images have reached an average of 4.2 terabytes (TB) uncompressed annually. CONCLUSION: Integrated information about patients is clearly needed to provide easy and timely access to these data. The steadily growing storage can be solved by a more automated approach to portable media handling or the installation and acceptance of network-based transfer using cross-enterprise document sharing (XDS). KEY POINTS: • Rapid assimilation of external imaging into a PACS system is essential. • But data distribution using portable media also carries some disadvantages. • A DICOM data uploader incorporates studies from portable media to hospital workflow. • Automated media handling or XDS should solve the steadily growing storage problem. • Software improvements will facilitate the steady increase in the amount of CDs processed.