With radiology images being frequently shared today for educational or clinical purposes, it's important to make sure that patient privacy is protected. DICOM image files have the potential to contain PHI, which needs to be removed in files that are shared directly or published online, said presenter Dr. Paras Lakhani, a radiology resident at the Hospital of the University of Pennsylvania in Philadelphia.
A number of freely available DICOM software applications are available today for this task, and the study team tested seven of these programs by creating a fictitious DICOM file with 11 attributes directly containing PHI as defined by HIPAA. The file also contained 38 tags with patient or study-specific information that could lead to the detection of the patient's identity.
The file was then anonymized by each software application. Only two of the programs anonymized 100% of the tags directly containing PHI, while all of the programs failed to anonymize some degree of patient- or study-specific information.
"Thus, when sharing DICOM files, one must be careful to inspect the PHI in the file before and after anonymization to ensure all fields containing PHI have been removed," Lakhani told AuntMinnie.com.
On the bright side, some of the tested software can be customized, offering the potential to remove any DICOM field, he said.
"While this takes extra effort from the clinician and more understanding on how to use that software, this will help ensure that the file is stripped of PHI," he said.
