论文信息 - How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

OBJECTIVE Despite the long history of digital radiology, one of its most critical aspects--information security--still remains extremely underdeveloped and poorly standardized. To study the current state of radiology security, we explored the worldwide security of medical image archives. MATERIALS AND METHODS Using the DICOM data-transmitting standard, we implemented a highly parallel application to scan the entire World Wide Web of networked computers and devices, locating open and unprotected radiology servers. We used only legal and radiology-compliant tools. Our security-probing application initiated a standard DICOM handshake to remote computer or device addresses, and then assessed their security posture on the basis of handshake replies. RESULTS The scan discovered a total of 2774 unprotected radiology or DICOM servers worldwide. Of those, 719 were fully open to patient data communications. Geolocation was used to analyze and rank our findings according to country utilization. As a result, we built maps and world ranking of clinical security, suggesting that even the most radiology-advanced countries have hospitals with serious security gaps. CONCLUSION Despite more than two decades of active development and implementation, our radiology data still remains insecure. The results provided should be applied to raise awareness and begin an earnest dialogue toward elimination of the problem. The application we designed and the novel scanning approach we developed can be used to identify security breaches and to eliminate them before they are compromised.

Oleg S. Pianykh | Oleg S Pianykh | O. Pianykh | Mark Stites | Mark Stites

[1] Ipeson Korah,et al. Lack of security of networked medical equipment in radiology. , 2015, AJR. American journal of roentgenology.

[2] Janine S. Hiller,et al. Privacy and Security in the Implementation of Health Information Technology (Electronic Health Records): U.S. and EU Compared , 2011 .

[3] Marcos A. Simplício,et al. SecourHealth: A Delay-Tolerant Security Framework for Mobile Health Data Collection , 2015, IEEE Journal of Biomedical and Health Informatics.

[4] Chun Kiat Tan,et al. Security Protection of DICOM Medical Images Using Dual-Layer Reversible Watermarking with Tamper Detection Capability , 2011, Journal of Digital Imaging.

[5] Oleg S. Pianykh,et al. Digital Imaging and Communications in Medicine : A Practical Introduction and Survival Guide , 2008 .

[6] D. Peck. Digital Imaging and Communications in Medicine (DICOM): A Practical Introduction and Survival Guide , 2009, Journal of Nuclear Medicine.

[7] P. Venkata Krishna,et al. A Joint FED Watermarking System Using Spatial Fusion for Verifying the Security Issues of Teleradiology , 2014, IEEE Journal of Biomedical and Health Informatics.

[8] Henning Müller,et al. Safe Storage and Multi-Modal Search for Medical Images , 2011, MIE.

[9] Oleg S. Pianykh,et al. Digital Imaging and Communications in Medicine (DICOM) , 2017, Radiopaedia.org.

[10] J. Brink. The Business We Are In. , 2016, Journal of the American College of Radiology : JACR.