This is the third issue in a series of newletters that provides input from experts on the opportunities they have created by overcoming adversity in establishing successful PACS entities.
EDITOR'S NOTE
This is the third issue in a series of newletters that
provides input from experts on the opportunities they have
created by overcoming adversity in establishing successful PACS
entities. It has been a pleasure to provide this timely and
meaningful material to you. If you have additional questions
about PACS please do not hesitate to contact us for additional
information.Ronald B. Schilling, PhD
Implementing Privacy and Security for PACS and Teleradiology: A
Pragmatic Approach
Herman Oosterwijk, MS, MBA and Ana D. Cleveland, MS, PhD,
AHIP
Providing privacy and security for picture archiving and
communication systems (PACS) and teleradiology are complex issues
that have been amplified by the Health Insurance Portability and
Accountability Act of1996 (HIPAA). This article presents a
pragmatic way to address these issues.
The HIPAA requirements, which are designed to protect the
privacy and security of protected health information (PHI), are
often misinterpreted. This sometimes causes delays in the
implementation of new digital imaging projects. The distribution of
medical images outside hospital boundaries, using PACS or
teleradiology systems, is often affected. These misinterpretations
are not caused by a lack of information, education, and/or
resources; virtually every week a seminar or conference is
available on this topic. However, most people address this issue
from a purely information technology (IT) perspective and do not
take into account the specific requirements of imaging. This misses
the point of HIPAA, which is to protect patient privacy and
information security without impeding patient care. The objective
of the new regulations is definitely not to make it more difficult
and harm patients. In emergency cases, immediate access to relevant
patient information can be critical. The availability of patient
medical history for a physician is equally important. The intention
is not to lock up all information or overprotect it, even from a
purely risk-management perspective. If an injured patient brings a
suit against a facility, a jury would look more favorably on an
institution that made an effort to make appropriate information
available, rather than making it almost impossible to access
relevant information.
On March 21, 2002, Tommy G. Thompson, Secretary of Health and
Human Services (HHS), announced that the Bush Administration was
proposing to "loosen" some requirements and simplify paperwork
requirements. The changes include: removing mandatory privacy
consent requirements for treatment, payment, and (healthcare)
operations (TPO), while maintaining previous notice requirements;
removing incidental disclosures from the minimum necessary
requirement; eliminating the need for multiple research consent
forms; giving an additional year for covered entities to negotiate
new contracts with business associates; and simplifying the process
for patient authorization for disclosure. As of August 14, 2002,
the HHS has released final changes to the privacy regulations,
adopting virtually all of these changes with only minor
modifications. The compliance date for the Privacy part of the
regulations goes into effect April 2003.
A key part of these changes addresses removing the need for a
written patient consent to allow providers to use PHI for TPO. This
would mean that sending an image electronically from a hospital to
a doctor's home would NOT require patient consent. Not only would
this requirement be in conflict with the TPO rule if an emergency
patient needed an immediate consult, the lack of expedient advice
from a physician would definitely impact patient care.
Deciding which technical means can be used to exchange images
and related patient information confuses many people and stalls the
initiation of new technology. We know of several cases in which a
CIO, sometimes advised by a new security officer, has virtually
banned any teleradiology connection by not allowing any external
communications, for fear of security breaches. Direct phone lines
and Internet connections have been particular targets of attention.
One institution required that each connection have a $20,000
firewall and a secure network connection (at a monthly cost of
several thousand dollars), which made a teleradiology connection
impractical. Clearly, many direct phone or Internet connections are
security threats. However, medical imaging vendors offer practical,
cost-effective solutions using encryption and authentication that
guarantee PHI privacy. Instead of blocking all external connections
and/or forcing vendors into a cost-prohibitive scenario, IT
departments should look at each solution on a case-by-case basis to
develop affordable solutions to meet HIPAA requirements.
Trade-off between procedures, physical protections, and
technical solutions are also misunderstood. For example, a viewing
station might use sophisticated authentication and protection in
the form of an access card, auto log-off when idle, audit trails of
who accessed which information, etc. However, when this same device
is used in a secured radiologist reading room that is only
accessible by code by the radiology staff, these sophisticated
technical means can be replaced by physical means. To determine
when and where this trade-off makes sense, we developed a simple
model dividing an institution in zones based on the impact on
privacy and security (Figure 1).
Zone 1.
The Radiology Restricted Access Zone
includes all of the data, processing, and information storage
within the radiology department, including portable modalities, CT,
MRI, analog, digital, X-ray, etc. Information from digital
modalities are sent to the PACS using the DICOM standard.
Information can then be distributed to other areas of zone one from
the PACS. People involved in the information flow in zone one are
technologists, radiologists, and the file room and administrative
support personnel.
Zone 2.
The Radiology Extension Zone
includes departments that need to access radiology information.
Information is transferred between zone one and zone two via
physical and electronic transfer methods.
Zone 3.
The Hospital and Clinic Zone
includes offices within the center where doctors might need to view
radiology information, such as exam rooms, doctor's office, nurse's
stations, light boxes, etc.
Zone 4.
The "Network of Networks" Zone
encompasses places outside the hospital that need to access
radiology information. Information access can occur electronically,
physically, or via telephone or fax.
For each zone, the trade-off must be made between procedural,
physical, and technical means. For example, it would be overkill to
send encrypted images electronically within zone one between a CT
scanner and a viewing station. Within the restricted-access zone
one, encryption would slow down communication unnecessarily. The
network used is typically does not have any external access
capabilities and protected by firewalls and network routers that do
not allow any external traffic. However, if the CT is located in an
outpatient clinic and the images are to be sent using a public
network, encryption must be used. The same applies when retrieving
an image from a PACS archive from a workstation within radiology;
no extra technical means are required for the image communication
itself. However, if the workstation is located in a physician's
office in zone three or a home office in zone four and the
information is sent via the Internet, the provision of a virtual
private network or other encryption is certainly in order.
These trade-offs are not only for business reasons, implementing
maximum security at every device would be expensive, especially
when there are legacy devices involved that would require a major
upgrade. The potential impact on patient care of making timely
information unavailable is more important. Again, common sense and
pragmatic solutions should prevail.
Some technology used for security is relatively inexpensive
and/or freely available. Most recent operating systems can require
a user name and password for access. Built-in utilities can encrypt
certain folders on a computer. Virtually every financial
transaction via the Internet is secured, part of which is a
built-in component of standard Internet browsers. The same
authentication and encryption can be used to exchange medical
images. The DICOM standard has specified security profiles that
allow a standard exchange of images and related information. The
fourth year (2002/2003) of the Integrating the Healthcare
Enterprise series of demonstrations organized by the RSNA and HIMSS
will demonstrate some of these security features through
connectivity among different vendors.
This article has focused on technology, rather than procedures.
However, a good rule of achieving HIPAA compliance is to use 80%
procedures and accompanying training, and 20% technology.
Technology, such as access cards and/or password authorization is
important, but even more important is eliminating "sticky" notes on
monitors with user names and passwords. Institutions with many
rotating residents will require someone to manage passwords and
access privileges on an on-going basis. High protection on a
workstation suddenly becomes irrelevant if it is positioned so
anyone can look over a physician's shoulder and see images and
related reports. Even if the monitors are screened from passers-by,
open discussion of the patient between physicians, audible to
anyone, also defeats the purpose. Without proper training and
procedures in place, any HIPAA compliance will fail.
CONCLUSION
Make sure to use common sense when implementing HIPAA compliance
solutions, and use widely available practical solutions. If in
doubt, ask experts, from the department of HHS or others. Be aware
of consultants that use "scare tactics." Instead, work with
consultants that can interpret the requirements sensibly to provide
pragmatic solutions. Do not "outsource" HIPAA compliance, but take
responsibility and work with an internal team. Finally, do not lose
track of the ultimate objective of providing high-quality care to
patients using all relevant information to make informed healthcare
decisions, while maintaining patient information privacy and
security.
PRACTICAL ISSUES
Fundamentals of the
Electronic Medical Archive
Edward M. Smith, ScD, FACNP
When PACS was first introduced, it was considered a radiology
resource to store radiology studies in DICOM Part 10 format and
distribute them to the radiologist. Today, PACS is a part of the
healthcare enterprise (HE) that is used to store and distribute
studies of all types: images, waveforms (eg, electrocardiograms),
and structured reports to all healthcare professionals in the HE
and beyond.
The electronic medical archive of the PACS and the
infrastructure are the two most critical components of PACS. The
archive consists of two components: the archive manager (AM) or
equivalent (the control center), and the associated image storage
system and related storage management software.
The AM is responsible for the acquisition, storage,
distribution, retrieval, and display of studies acquired from the
various modalities, stored in the archive, displayed on various
types of workstations, and printed to various hardcopy devices. The
hardware and software of the AM must be available at least 99.99%
of the time.
The network infrastructure or local area network (LAN) must have
at a minimum 1 Gbps backbone and 100 Mbps switched to the desktop
for diagnostic and clinical review workstations and be available at
a minimum 99.99% of the time. The storage system must be able to
write images to the storage media and retrieve and send images to
the various workstations rapidly under AM control. The storage
management software must be able to replicate the various
databasesdemographic, image, and hierarchical storage management
(HSM)both locally and remotely for disaster recovery. Typically,
the demographic and HSM databases are stored on redundant array of
inexpensive disks (RAID) in level 1 and the image database is
stored in RAID level 5. These data are duplicated in RAID level 1
and in RAID level 5, if a disk becomes corrupted, the data on the
disk can be reconstructed on the "hot" spare.
The AM, modalities, and the radiology information system (RIS)
must communicate seamlessly with each other. This communication was
initially accomplished using a uni-directional connection from the
RIS to the modalities and PACS via a PACS Broker. The functionality
of the PACS Broker is to translate Health Level 7 (HL7) messages
into DICOM and vice versa. HL7 is a messaging standard that is used
by the RIS and many other databases in the healthcare industry to
communicate with each other. Today, several RIS and PACS vendors
are working together to provide seamless bi-directional integration
of the RIS with the modalities and PACS to take advantage of DICOM
modality worklist (MWL), DICOM modality performed procedure step
(MPPS), and the integration profiles developed by the IHE
consortium. These steps will improve patient care, increase
productivity, reduce errors, and reduce cost.
ARCHIVE MANAGER REQUIREMENTS
The archive and AM must have the following attributes:
* Connectivity, interoperability, and DICOM functionality with
all of the other PACS components, the modalities, and other related
devices, such as printers;
* Seamless integration with the RIS;
* Virtual image database with global query and retrieve (so
patient data or studiesy can be retrieved from any workstation
without prior knowledge of where the study is stored);
* The workflow defined by the AM must be programmable to meet
the changing needs of the HE;
* A scalable storage system that can store a few TB to tens of
TB and associated storage management software that is independent
of the number of studies performed and stored both on- and offline.
The storage system must be media independent, ie, must be able to
support hard-disk, magneto-optical disk, DVD, tape, or any media
developed in the future;
* Administrative functionality (monitor system resources,
provide flexible audit trails that can be displayed and printed
out, and offer proactive system monitoring, including e-mailing and
paging, etc.);
* Data migration from one medium to another when the media or
read/write mechanisms are no longer supported or available;
* Redundancy and 99.99% availability with a maximum downtime of
¾15 minutes for any single outage; and
* The ability to provide a copy of all databases that can be
automatically or manually securely stored remotely.
The AM manages the distribution of studies, the PACS databases,
and storage of studies. Studies are distributed throughout the HE
using the rules-based or on-demand paradigm. In the rules-based
approach, the current study and related prior studies are fetched
to study server (SS) and/or workstations (WS) on which the study is
to be read by the AM. The current and prior studies are stored on
the SS and/or WS. In the on-demand paradigm, studies are not stored
on the SS or WS but are retrieved from online storage by the user
when they are to be interpreted. Typically, the first image of a
study should be available for viewing within 3 seconds after it is
queried by the user. The WS used for the rules-based approach is a
thick-client, whereas the WS used in the on-demand paradigm is
typically a thin-client. The on-demand approach is the method
currently used by most vendors .
The AM manages the demographic, image, and HSM databases. The
demographic database is used to store the DICOM header and
facilitates the retrieval of studies. The image database stores the
pixel data, the image, and portions of the DICOM header. Each entry
in the demographic database is typically ¾10 KB while the studies
in the image database range from a few MB to >500 MB. A single
direct radiography or mammography image can contain up to 18 MB. It
should be noted that studies are stored as one image per file
except images of a multiframe studies, which are stored in a single
file.
If the PACS utilizes an HSM database, this may be managed by the
AM or by the vendor that supplies the storage system for the
archive. The HSM keeps track of where images are stored and is used
to organize, migrate, retrieve, and delete studies. The HSM in most
PACS manages the storage of the images, however, in some current
PACS a storage vendor, rather than the PACS vendor, provides the
storage system, including the storage management software.
STORAGE REQUIREMENTS
The archive can store various types of studies from many
modalities in different departments in the HE. The studies
generated by these modalities require varying amounts of storage
per study (Table 1). Storage requirements per study are steadily
increasing. For example, multislice CT studies may contain >=300
images per study, while a single-slice CT typically contains 60
images, which is a 500% increase in storage requirement. A
conventional MR acquires images in a 256 ¥ 256 image matrix, while
a 3-Telsa MR can acquire images in a 512 ¥ 512 image matrix, which
is a 400% increase in storage requirement. It is impossible to
project future storage needs, because imaging technology is
constantly improving and providing more data per study. The only
certain thing is that storage requirements will increase with time
for most modalities. This is why the archive must be scalable both
with respect to the number of procedures performed and the storage
requirement per study.
Studies are stored at the modality, WS, and hard drives for
online (rapid retrieval) that is used to store from 30 days to 6 to
12 months of studies, plus prior studies if a rules-based study
distribution paradigm is used. Some systems use a mid-term storage
device, however, this is being phased out. Long-term storage
typically uses a jukebox containing some type of tape media.
Currently, some implementations deploy an all-spinning media
solution that provides >=7 years worth of storage. In addition,
some form of off-site storage is required for disaster recovery,
which may be shelf storage (offline) or an off-site online storage
system.
The types of storage media range from hard drives in a mirrored
configuration RAID level 1 or RAID 5, which is a fault-tolerant
array that can repair itself should one of the disks fail. The
disks may contain from 36 to nearly 400 GB each. Other media
include magnetic optical disks (MOD), various types of magnetic
tape, CD, DVD, or the next new media. Only 12 to 24 months worth of
permanent storage should be purchased when acquiring the PACS,
since the cost per byte of storage is decreasing and the capacity
per media is increasing with time. However, the long-term storage
device must be capable of holding media to store >=7 years of
studies and take into account the expanding storage requirements of
the modalities and the HE.
DATA COMPRESSION
Data may be compressed to reduce the storage requirements and to
speed the transmission of data between the modalities and various
PACS components and between PACS components. There are various
levels and types of compression:
* Uncompressed
* Lossless (which is a non-destructive compression method
whereby the data can be reconstructed bit for bit). The compression
ratio will vary from 1.8 to 2.8 depending on modality and body
part.
* Lossy. With this compression, there is no loss of clinically
significant data, however, the compression is destructive and
cannot be reconstructed bit for bit. The compression ratios vary
from 5:1 to >=30:1 depending on modality and body part. The use
of lossy compression must be weighed in light of medical-legal
implications.
When a vendor specifies the storage capacity for any component
of PACS, it is incumbent on the user to make sure the vendor states
the
uncompressed
storage capacity.
DISASTER RECOVERY AND HIPAA
The HIPAA mandates that an exact copy of all patient data be
securely stored off-site in a recoverable manner. If the original
copy of the data were destroyed or corrupted, the patient data must
be able to be restored. This can be accomplished by simply having
copies of all data labeled and securely stored off-site on a shelf
in a vault (disaster recovery - restoration of service) to having a
redundant data center miles from the primary data center that can
continue operations within seconds or minutes if the primary data
center becomes unavailable (disaster recovery - continuation of
business). These are the two extremes of disaster recovery.
HIPAA also requires that each institution have a disaster
recovery plan. This plan must include identified personnel to carry
out the plan, a written procedure manual, and documentation that
the plan is practiced at least annually.
FUTURE OF THE ELECTRONIC MEDICAL ARCHIVE
Only a filmless HE will result in a productive and successful
PACS, not just a filmless radiology department, The objective must
be "Images Anywhere at Anytime." The archive will be an HE resource
to store DICOM objects, wave forms, and structured reports from
multiple departments. Web technology will become the primary
technology used to distribute studies for diagnostic, clinical,
physician review, and teleradiology purposes. The archive will
reside in a sophisticated primary data center. Enterprise storage
will be used and all studies will reside on hard disk or the
equivalent. Disaster recovery will be mandatory and recovery
solutions will migrate to the "continuation-of-business" model for
large enterprise implementations. PACS will not exist in its
present form, but there will be an integrated HIS/RIS/PACS
solution. n
ECONOMIC ISSUES
Impact of PACS on the radiology system
Ronald B. Schilling, PhD and Edward V. Staab, MD
The world of radiology has become a complex service and
business. Radiologists provide diagnostic information by analyzing
the results of studies obtained from sophisticated imaging
equipment, and are increasingly performing a myriad of new
treatment options. A growing number of professionals and skilled
experts support the radiologist in this endeavor.
In today's large imaging centers, the "team" mentality includes
physicians, technologists, nurses, administrators, secretaries, and
file room and billing office staff. Engineers, informatics staff,
physicists, and maintenance personnel also may be part of the
inhouse team. In other situations, some of these tasks are
outsourced to contracting firms. The advent of conversion to
PACS-based departments is affecting how each of these individuals
are called on to provide expertise to assure a successful radiology
service.
Fundamental to the service of radiology is the diagnostic image.
Whether the image is used for diagnosis of a patient's medical
problem or as a guide for therapy, it is the core of all
radiological procedures. The conversion from film-based to digital
media for storage, display, and archiving will have a variable
effect on the tasks performed by the team members involved in the
production and management of the images. For some of the players,
these changes will be so profound that a methodology is needed for
their management. By simply adding PACS into the equation without a
plan for managing these changes, great opportunities to improve the
productivity, efficiency, and quality of the center will be
lost.
This article will address the value of strategic thinking and
provide a discussion of how to use a valuable strategic thinking
tool to assist in the management of change, what we have called the
"sheet of music." We will then explore how PACS will change the
tasks of individual members of the radiology team.
STRATEGIC THINKING
Thinking and planning are activities that we perform every day,
and the sequence in which we complete these steps is an important
factor in achieving maximum effectiveness. Ideally, we should think
about all sides of a problem before planning or implementing a
solution. But too often, we forge ahead with elaborate plans before
to focusing enough attention on the ultimate goal of our plans. We
then have to rethink our options and correct our initial mistakes
before resuming our planning and implementation processes.
Strategic thinking tools are helpful because they are easy
enough to be understood and applied by radiologists without formal
business training. Essentially, the tools communicate at a
fundamental level between people. For example, in an imaging center
with people of diverse backgrounds, these tools enable the players
to cross boundaries and effectively relate at a fundamental
level.
The sheet of music tool can be used to present a view of the
impact of PACS on the imaging team. The sheet of music is a
framework for thinking about the activities of all the members of
an organization or department; it is analogous to the conductor's
musical score, providing a clear understanding of the parts played
by each of the musicians. In any well-run organization, a leader
needs the same type of understanding of the roles of each member.
Perhaps even more important is a clear understanding by all
participants of their roles and the ways these roles complement
those of other team members. In this way, duplication of roles is
avoided and synergy between the players can be optimized.
The framework for a sheet of music tool is simply a series of
columns. Each column has a heading that represents a specific
segment of an organization. Below each heading are approximately
five areas of activity that are determined to be the major focal
areas for the section in question.
A well-managed team will review the sheet of music several times
a year. The head of each "section" should be represented at a team
meeting. When the dialogue focuses on prioritization within each
column and interaction of items within and between columns, the
result is a set of activities that fit together (in type and time)
that are the most important areas of activity for the organization
to meet the customer needs.
SHEET OF MUSIC APPLIED TO THE INTRODUCTION OF
PACS
Let us look at several of the specific components needed for
implementation of PACS to see what will happen to the work
environment with the conversion to a digital PACS. Table 1
summarizes the major changes to individual components that we have
identified. It is clear that some will be more affected than
others. For example, the film librarian's duties will disappear, as
will the transcriptionist. It behooves the organization to be aware
of this fact and to develop strategies for the personnel in these
categories. Human resource counseling and training will be
necessary for most of these individuals. Some will move on to
outside positions, and others will be trained to fill new positions
created by a PACS-run system.
The technologist will be little affected, though there will be a
change in the methods for introducing patient data and accepting an
image. The technologist will not need to print film for every case,
but may need to do so occasionally for unique needs. However, in
most cases where PACS is nearly complete, the technologist is
relieved of this task and it is moved into a common central
location.
The radiologist will review his/her patient's request and data
before reading at the image-reading station. Comparison images will
be sorted more easily and will be available rapidly. Medical
reports will be dictated using a voice recognition system, which
the radiologist will have to become familiar with. Verification
will be electronic, and there will be opportunities to consult with
colleagues and other clinicians at a distance. All of these
activities will require a familiarity with the system and its
operations, which will be gained with experience. Radiologist must
realize that they may not be as accurate initially when reading
softcopy images, compared to the familiar film. Efforts should be
taken by management to minimize adjustments.
An all-important role is taken on by the quality control
person(s) in a digital department, much of their day-to-day tasks
will change. They may be called on to maintain a much less
frequently used processor in lieu of maintaining the networks,
archives, and display stations.
Maintenance of the networks sometimes falls to the healthcare
information systems (HIS) team. Nevertheless, someone in radiology
should understand the unique needs for and problems in networking
large image data sets, in order to represent imaging needs at the
HIS level. This person will have to check the computer displays on
a regular basis and will be responsible for making sure that
software associated with new or upgraded equipment is validated
before being added to the PACS environment. This task may be
handled by the industry representatives. But due to multivendor
environments, there must be some way of providing in-house
oversight.
Finally, the quality control staff are usually responsible for
the training of various personnel. In the PC environment, software
changes take place constantly. It is important that someone is
familiar with and able to explain these changes to users.
Those who perform ancillary functions will have to understand
the computer format and the new functions and information that it
will provide online. Transportation is one example of a seldom
thought of activity that will benefit from electronic
assistance.
These generic comments are likely to be true in most situations.
The real value of using the sheet of music tool is a greater
understanding of how these changes will affect your personnel and
how to plan for these changes. Do not underestimate the value of
this approach as a communication tool. The process of using the
tool is at least as important (if not more so) than the actual
action items identified. Maximum benefits from the film-to-PACS
conversion will only be gained if management decision-makers
consider the effects on individual jobs and tasks, then work to
provide better service through a continuous re-evaluation of the
processes involved.
Note: This article is adapted with permission of the
publisher and authors from Schilling RB, Staab EV. Impact of
PACS on the radiology system. Appl Radiol.
1999;28(8):10-13.
STEPS FOR SUCCESS
1. Identify the unique sections or clinical tasks within the
department.
2. Identify the responsible person/groups for each section or
task.
3. Charge the responsible person/groups to identify five major
focus areas of activity for their sections.
4. Create chart listing sections versus activities (tasks).
5. Executive team should review and approve selected tasks.
6. Management team goes over the entire chart, focusing on
prioritization and interaction among sections, leading to the
action items.
7. The action plan, including all base assumptions, should be
monitored and reviewed on a periodic basis.
Editor-in-Chief Ronald B. Schilling, PhD
President, RBS Consulting; General Partner, Mi3 Venture Capital
Group
Contributing Editors
Edward M. Smith, ScD, FACNP, Professor of Radiology, University
of Rochester Medical Center, Rochester, NY
Herman Oosterwijk, President of OTech Inc., Aubrey TX; and
adjunct faculty of the University of North Texas Health Informatics
Program, TX
Edward V. Staab, MD, Radiology Branch Chief, Biomedical Imaging
Program, National Cancer Institute, Rockville, MD
Let Agfa HealthCare help you transition to digital imaging at
your own pace.
Call 888-877-AGFA (2432) today to speak to your Agfa
representative. www.agfa.com/healthcare/us/
Applied Imaging: Current Trends in PACS
is published by Anderson Publishing, Ltd., 1301 West Park Ave.,
Ocean, NJ 07712. " Copyright 2003 O. Oliver Anderson, Publisher;
Elizabeth A. McDonald, Editor
Sponsored by an educational grant from Agfa HealthCare. The
views and opinions expressed in this publication are those of the
authors and do not necessarily reflect those of the publisher or
sponsor. Full and complete prescribing information should be
reviewed regarding any product mentioned prior to use.