 |
| Patient data can be extracted from Images imported from a PACS into an online PowerPoint |
PARCA eNews – Aug. 28, 2020 – The Radiological Society of North America (RSNA), the American College of Radiology (ACR), and the Society for Imaging Informatics in Medicine (SIIM), are warning that online medical presentations are at risk of accidental exposure of protected health information (PHI).
In a paper on the ACR website, the group shows how advances in web-crawling and content processing technology is increasingly able to allow large-scale information extraction from previously stored files. The technology allows extraction of medical images contained in PowerPoint presentations and PDF files and recognized alphanumeric character information embedded in those images, including patient information.
The groups suggest that presenters take steps to use screenshots of "regions of interest" instead of importing images from a PACS into their presentation.
"Every time an image is saved directly from PACS as a file (as opposed to creating a limited screenshot), there is a risk that PHI gets into that file via patient data embedded as pixels within the image itself or in the form of metadata if a DICOM file is saved," the authors wrote.
One method use to safeguard patient information is to redact the information on the DICOM data, or cropping the image to hide patient info, however the authors caution that redacting or cropping the image does not remove the data, and such redactions can be "undone" by another user of the file. Presenters must be careful to explicitly delete the portion cropped.
The warning notes that European Union members and those of at least one US state could face fines under the GDPR and state law.
For radiologists who may have online presentations that may be vulnerability, the authors suggest contacting search engine companies to review and consider removing a link to sensitive information if they agree that this is the appropriate action.
Source: American College of Radiology
No comments:
Post a Comment