ABSTRACT
We present the construction of Babel, a distributed storage system that meets stringent requirements on dependability, availability, and scalability. Together with Babel, we developed an application that uses our system to store medical images. Accordingly, we show the feasibility of our proposal to provide an alternative solution for massive scientific storage and describe the software architecture style that manages the DICOM images life cycle, utilizing Babel like a virtual local storage component for a picture archiving and communication system (PACS-Babel Interface). Furthermore, we describe the communication interface in the Unified Modeling Language (UML) and show how it can be extended to manage the hard work associated with data migration processes on PACS in case of updates or disaster recovery.
Subject(s)
Diagnostic Imaging , Information Storage and Retrieval/methods , Radiology Information Systems , Computer Communication Networks , HumansABSTRACT
Data security is a critical issue in an organization; a proper information security management (ISM) is an ongoing process that seeks to build and maintain programs, policies, and controls for protecting information. A hospital is one of the most complex organizations, where patient information has not only legal and economic implications but, more importantly, an impact on the patient's health. Imaging studies include medical images, patient identification data, and proprietary information of the study; these data are contained in the storage device of a PACS. This system must preserve the confidentiality, integrity, and availability of patient information. There are techniques such as firewalls, encryption, and data encapsulation that contribute to the protection of information. In addition, the Digital Imaging and Communications in Medicine (DICOM) standard and the requirements of the Health Insurance Portability and Accountability Act (HIPAA) regulations are also used to protect the patient clinical data. However, these techniques are not systematically applied to the picture and archiving and communication system (PACS) in most cases and are not sufficient to ensure the integrity of the images and associated data during transmission. The ISO/IEC 27001:2013 standard has been developed to improve the ISM. Currently, health institutions lack effective ISM processes that enable reliable interorganizational activities. In this paper, we present a business model that accomplishes the controls of ISO/IEC 27002:2013 standard and criteria of security and privacy from DICOM and HIPAA to improve the ISM of a large-scale PACS. The methodology associated with the model can monitor the flow of data in a PACS, facilitating the detection of unauthorized access to images and other abnormal activities.
Subject(s)
Computer Security/legislation & jurisprudence , Computer Security/standards , Confidentiality/legislation & jurisprudence , Confidentiality/standards , Radiology Information Systems/legislation & jurisprudence , Radiology Information Systems/standards , Commerce , Humans , United StatesABSTRACT
Increasing radiology studies has led to the emergence of new requirements for management medical information, mainly affecting the storage of digital images. Today, it is a necessary interaction between workflow management and legal rules that govern it, to allow an efficient control of medical technology and associated costs. Another important topic that is growing in importance within the healthcare sector is compliance, which includes the retention of studies, information security, and patient privacy. Previously, we conducted a series of extensive analysis and measurements of pre-existing operating conditions. These studies and projects have been described in other papers. The first phase: hardware and software installation and initial tests were completed in March 2006. The storage phase was built step by step until the PACS-INR was totally completed. Two important aspects were considered in the integration of components: (1) the reliability and performance of the system to transfer and display DICOM images, and (2) the availability of data backups for disaster recovery and downtime scenarios. This paper describes the high-availability model for a large-scale PACS to support the storage and retrieve of data using CAS and DAS technologies to provide an open storage platform. This solution offers a simple framework that integrates and automates the information at low cost and minimum risk. Likewise, the model allows an optimized use of the information infrastructure in the clinical environment. The tests of the model include massive data migration, openness, scalability, and standard compatibility to avoid locking data into a proprietary technology.
