• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Journal of Digital Imaging >A HIPAA-Compliant Architecture for Securing Clinical Images
【24h】

A HIPAA-Compliant Architecture for Securing Clinical Images

机译:符合HIPAA的体系结构可确保临床图像的安全

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The Health Insurance Portability and Accountability Act (HIPAA, instituted April 2003) Security Standards mandate health institutions to protect health information against unauthorized use or disclosure. One approach to addressing this mandate is by utilizing user access control and generating audit trails of the various authorized as well as unauthorized user access of health data. Although most current clinical image systems [e.g., picture archiving and communication system (PACS)] have components that generate log files for application debugging purposes, there is a lack of methodology to obtain and synthesize the pertinent data from the large volumes of log data generated by these multiple components within a PACS. We have designed a HIPAA-compliant architecture specifically for tracking and auditing the image workflow of clinical imaging systems such as PACS. As an initial first step, we developed HIPAA-compliant auditing system (H-CAS) based on parts of this HIPAA-compliant architecture. H-CAS was implemented within a test-bed PACS simulator located in the Image Processing and Informatics lab at the University of Southern California. Evaluation scenarios were developed where different user types performed legal and illegal access of PACS image data within each of the different components in the PACS simulator. Results were based on whether the scenarios of unauthorized access were correctly identified and documented as well as on normal operational activity. Integration and implementation pitfalls were also noted and included.
机译:《健康保险可移植性和责任法案》(HIPAA,2003年4月制定)的安全标准要求卫生机构保护健康信息,防止未经授权的使用或泄露。解决此任务的一种方法是利用用户访问控制并生成各种对健康数据的授权和未授权用户访问的审核跟踪。尽管大多数当前的临床图像系统[例如图片存档和通信系统(PACS)]都具有为应用程序调试目的而生成日志文件的组件,但是仍然缺乏从大量日志数据中获取和合成相关数据的方法由PACS中的这些多个组件组成。我们设计了符合HIPAA标准的体系结构,专门用于跟踪和审核临床成像系统(如PACS)的图像工作流程。作为第一步,我们基于此符合HIPAA的体系结构的一部分开发了符合HIPAA的审核系统(H-CAS)。 H-CAS是在位于南加州大学图像处理和信息学实验室的测试台PACS模拟器中实现的。开发了评估方案,其中不同的用户类型在PACS模拟器中的每个不同组件中执行对PACS图像数据的合法和非法访问。结果是基于是否正确识别和记录了未经授权的访问场景以及正常的操作活动。还指出并包括了整合和实施方面的陷阱。

著录项

  • 来源
    《Journal of Digital Imaging》 |2006年第2期|172-180|共9页
  • 作者

    Brent J. Liu; Zheng Zhou; H. K. Huang;

  • 作者单位

    Image Processing ampamp Informatics Laboratory Department of Radiology Keck School of Medicine University of Southern California Los Angeles CA USA;

    Image Processing ampamp Informatics Laboratory Department of Radiology Keck School of Medicine University of Southern California Los Angeles CA USA;

    Image Processing ampamp Informatics Laboratory Department of Radiology Keck School of Medicine University of Southern California Los Angeles CA USA;

  • 收录信息
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    HIPAA; security; auditing; monitoring;

    机译:HIPAA;安全性;审核;监视;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号