Image De-Identification Methods for Clinical Research in the XDS Environment

To investigate possible de-identification methodologies within the Cross-Enterprise Document Sharing for imaging (XDS-I) environment in order to provide strengthened support for image data exchange as part of clinical research projects. De-identification, using anonymization or pseudonymization, is the most common method to perform information removal within DICOM data. However, it is not a standard part of the XDS-I profiles. Different methodologies were observed to define how and where de-identification should take place within an XDS environment used for scientific research. De-identification service can be placed in three locations within the XDS-I framework: 1) within the Document Source, 2) between the Document Source and Document Consumer, and 3) within the Document Consumer. First method has a potential advantage with respect to the exposure of the images to outside systems but has drawbacks with respect to additional hardware and configuration requirements. Second and third method have big concern in exposing original documents with all identifiable data being intact after leaving the Document Source. De-identification within the Document Source has more advantages compared to the other methods. On the contrary, it is less recommended to perform de-identification within the Document Consumer since it has the highest risk of the exposure of patients identity due to the fact that images are exposed without de-identification during the transfers.

[1]  Oleg S. Pianykh,et al.  Digital Imaging and Communications in Medicine : A Practical Introduction and Survival Guide , 2008 .

[2]  Rita Noumeir IHE cross-enterprise document sharing for imaging: design challenges , 2006, SPIE Medical Imaging.

[3]  M. Kessentini,et al.  A Systematic Literature Review , 2016 .

[4]  Majnu John,et al.  Facial Recognition Software Success Rates for the Identification of 3D Surface Reconstructed Facial Images: Implications for Patient Privacy and Security , 2012, Journal of Digital Imaging.

[5]  P. Mildenberger,et al.  Introduction to the DICOM standard , 2002, European Radiology.

[6]  K. Win A Review of Security of Electronic Health Records , 2005, Health information management : journal of the Health Information Management Association of Australia.

[7]  R. Graham,et al.  DICOM demystified: a review of digital file formats and their use in radiological practice. , 2005, Clinical radiology.

[8]  Matthijs Oudkerk,et al.  Implementation of an anonymisation tool for clinical trials using a clinical trial processor integrated with an existing trial patient data information system , 2011, European Radiology.

[9]  Francesco Tiezzi,et al.  Security Analysis of Standards-Driven Communication Protocols for Healthcare Scenarios , 2012, Journal of Medical Systems.

[10]  Der-Ming Liou,et al.  Design of a Personal Health Record and Health Knowledge Sharing System Using IHE-XDS and OWL , 2013, Journal of Medical Systems.

[11]  Rita Noumeir,et al.  Cross-enterprise document sharing for imaging , 2005 .

[12]  John A Carrino,et al.  Understanding DICOM and IHE. , 2003, Seminars in roentgenology.

[13]  Josep Fernandez-Bayó IHE profiles applied to regional PACS. , 2011, European journal of radiology.

[14]  Charles Hildebolt,et al.  Facial Recognition From Volume-Rendered Magnetic Resonance Imaging Data , 2009, IEEE Transactions on Information Technology in Biomedicine.

[15]  Reinhold Haux,et al.  Overview of Recent Trans-Institutional Health Network Projects in Japan and Germany , 2015, Journal of Medical Systems.

[16]  Oleg S. Pianykh What Is DICOM , 2012 .

[17]  Oleg S. Pianykh,et al.  Digital Imaging and Communications in Medicine (DICOM) , 2017, Radiopaedia.org.

[18]  José Luis Fernández Alemán,et al.  Security and privacy in electronic health records: A systematic literature review , 2013, J. Biomed. Informatics.