Inventory of Health Care Information Standards. ACR NEMA / DICOM

01/01/1997

The DICOM Committee (formerly known as the ACR/NEMA committee) has created a Working Group on Security that is considering additions to the DICOM standard to support the secure exchange of medical images and related information between two entities communicating over a public network (e.g. the Internet). The Working Group was asked to provide short term solutions using existing technology while developing long term strategies for utilizing DICOM within a secure environment based on anticipated clinical and regulatory needs. The Working Group has been coordinating its work with work being done by a similar Ad Hoc committee set up by CEN TC 251 WG 4 in Europe, as well as with work being done by groups affiliated with JIRA and MEDIS-DC in Japan who are developing demonstrations of secure image data transmissions to meet the needs of the Japanese health care institutions. The DICOM, European, and Japanese groups held a series of meetings and teleconferences in the later half of 1996 where a joint work plan was formulated and common goals set.

The CEN TC 251 WG 4 Ad Hoc on Security, in cooperation with the DICOM Working Group on Security and the Japanese groups, is developing usage scenarios which will direct long term planning towards comprehensive security within the health care field, and in particular within medical imaging. Realizing that a comprehensive secure environment may be many years away, the DICOM Working Group decided to pursue a short term goal of providing limited security using existing technology. It is hoped to incorporate such solutions in technology demonstrations being planned by the Japanese through MEDIS-DC and JIRA. The short term goal of the DICOM Working Group on Security is to draft extensions to DICOM which embed digital signatures in DICOM data objects for data source authentication and as data integrity checks. In addition, the extensions would provide an option to layer DICOM message exchange services on top of a secure transport protocol such as SSL 3.0 in order to provide confidentiality during data transfers, to authenticate the parties involved in the information exchange, and to further insure integrity during transmission. When practical, these extensions to DICOM would use existing technology in order to expedite implementation. The Ad Hoc Committee hopes to finalize a draft of these extensions in 1997.

ACR NEMA / DICOM contact:

Lawrence Tarbox, Ph.D.

Imaging Department

Siemens Corporate Research

755 College Rd. East

Princeton, NJ 08540

ltarbox@scr.siemens.com

(609) 734-3396 [voice]

(609) 734-6565 [fax]