DICOM Security in Healthcare IT

by Ryan Daley
Oct. 2, 2017 0 comments Infosecwriters Pen Testing & Audits

Digital Imaging and Communications in Medicine (DICOM) dictates protocols for the transfer and storage of medical images. The purpose of digitizing of medical images is to increase productivity, patient turnaround, access to prior studies, and efficiency. For the past 30 years DICOM data has replaced film in areas such as: Magnetic resonance imaging, mammography, computed tomography, and x-rays. Digitized medical images are no exception to the security paradigm of accessibility vs. security. With convince, the risk of a data breech is ever increasing. The security concerns rest in three zones of the DICOM workflow: storage, query / retrieval, and transportation. Due to the fact that DICOM packets contain patient information in the header, they fall under Health Insurance Portability and Accountability Act (HIPPA) regulations. HIPPA legally binds the responsibility of securing patient information in all areas of the information’s lifecycle to the healthcare service provider.