Cybersecurity in PACS and Medical Imaging: an Overview
- PDF / 868,372 Bytes
- 16 Pages / 595.276 x 790.866 pts Page_size
- 51 Downloads / 201 Views
REVIEW
Cybersecurity in PACS and Medical Imaging: an Overview Marco Eichelberg1 · Klaus Kleber2 · Marc Kämmerer2 Received: 2 March 2020 / Revised: 22 June 2020 / Accepted: 30 September 2020 © The Author(s) 2020
Abstract This article provides an overview on the literature published on the topic of cybersecurity for PACS (Picture Archiving and Communications Systems) and medical imaging. From a practical perspective, PACS specific security measures must be implemented together with the measures applicable to the IT infrastructure as a whole, in order to prevent incidents such as PACS systems exposed to access from the Internet. Therefore, the article first offers an overview of the physical, technical and organizational mitigation measures that are proposed in literature on cybersecurity in healthcare information technology in general, followed by an overview on publications discussing specific cybersecurity topics that apply to PACS and medical imaging and present the “building blocks” for a secure PACS environment available in the literature. These include image de-identification, transport security, the selective encryption of the DICOM (Digital Imaging and Communications in Medicine) header, encrypted DICOM files, digital signatures and watermarking techniques. The article concludes with a discussion of gaps in the body of published literature and a summary. Keywords Cybersecurity · PACS · DICOM · Medical imaging
Introduction The use of information technology (IT) permeates modern medicine. Starting with the introduction of hospital information systems (HIS) around 1970, digital imaging modalities such as computed tomography (CT) and magnetic resonance imaging (MRI) in the 1970s and 1980s, Picture Archiving and Communication Systems (PACS) and softcopy reading in the 1980s and 1990s, to the electronic sharing of clinical information across regions, nations, or even internationally today. The Internet has become an indispensable source of information and a means of communicating quickly, efficiently, and inexpensively. However, the widespread use of IT and the Internet has also created new challenges, and one topic that has become increasingly important for hospitals is cybersecurity, a term that the Oxford English Dictionary defines as “the state of being protected against the criminal
* Marco Eichelberg [email protected] 1
R&D Department Health, OFFIS-Institute for Information Technology, Escherweg 2, 26121 Oldenburg, Germany
VISUS Health IT GmbH, Gesundheitscampus‑Süd 15‑17, 44801 Bochum, Germany
2
or unauthorized use of electronic data, or the measures taken to achieve this.” The concepts of “malware” (malicious software) and “hacking” (unauthorized intrusion into a computer or a network) predate the widespread adoption of the Internet and go back at least to the early 1970s. However, the fact that today most IT systems worldwide are connected to the Internet to some degree has caused a dramatic increase in such incidents, which are no longer primarily attributed to hobbyists driven by curio
Data Loading...
