is a Professor of Imaging Sciences, Department of Imaging Sciences,
University of Rochester Medical Center, Rochester, NY.
is a consultant to, and on the advisory board of, InSiteOne Inc.,
Wallingford, CT, and a consultant to Iron Mountain, Boston,
The number and size of digital clinical studies are increasing,
requiring a continuous expansion of storage requirements. The
requirements for rapid access of clinical images throughout the
healthcare enterprise (24 hours a day, 7 days a week), and
retention and security of medical data are straining the storage
management capabilities of most facilities. To minimize these
constraints, health-care entities must consolidate their storage
management resources from departmental silos of storage to an
enterprise storage solution.
It is important to understand the relationship and
responsibilities of the information technology (IT) department,
radiology and other clinical departments that are intensive users
of the digital enterprise. Together, they must establish standards
to which all hardware and software that touches the digital
enterprise must adhere. This is critical if the hardware and
applications obtained from multiple vendors will seamlessly
interoperate with a minimum of interfaces and rekeying of critical
clinical data. Manually re-entering data will introduce single
points of failure and errors that impact patient care.
The digital enterprise includes the infrastructure, computer
hardware and software applications, clinical workstations, and the
data center where the majority of the hardware (servers on which
the applications are running and storage on which medical data are
stored) islocated. The IT department is responsible for funding,
managing and supporting the data center and the associated hardware
and software.The cost to support a secure and highly available data
is significant, requiring personnel, power, cooling, and redundant
infrastructure components, plus the cost for a second secure data
center for disaster recovery. These costs can be reduced, and the
risks associated with data loss can be shared, by outsourcing the
required long-term storage and disaster recovery.
Radiology departments must specify the characteristics of the
computing resources and clinical applications they require,
including response time for clinical queries; system availability;
interoperability of clinical applications, single password log-on;
the environment and ergonomics of the clinical workstation; IT
response time to solve operational problems, and; storage
requirements. These requirements must comply with operational
standards mutually agreed upon by all parties.
The aspects of storage management that directly affect the
productivity of radiologists and the welfare of patients are:
- Ability to select the clinical application that impacts their
workflow and productivity.
- Accessibility of patient studies and related medical
- Ability to satisfy the informational requirements of the
referring physicians and other healthcare professionals.
- Long-term availability of patient data including, data
migration, disaster recovery and retention and destruction of
electronic protected healthcare information (ePHI).
This article will discuss the fundamental aspects of storage
management that radiologists should understand to ensure that the
IT department supports their workflow and productivity.
Types of medical data
From a data storage perspective, data generated by radiology can
be divided into data that may change after it is stored and is
managed as a variable content file (VCF) or data that will not
change once it is stored and managed as a fixed content file
The VCF radiology data consists primarily of databases that
comprise approximately 5% or less of stored radiology data.
Examples of VCFs are the radiology information system (RIS) and the
demographic database of the picture archiving and communications
system (PACS). The high frequency of read/ write commands to these
databases dictates the technology used to store, manage and
replicate or backup these databases.
The FCF radiology data consists primarily of digital imaging and
communications in medicine (DICOM) objects, such as images,
structured reports and waveforms that comprise 95% or more of the
stored radiology data. At any point in time, there will be from 4
to at least 2 copies of these FCFs stored. The storage and
management technology for FCF differs significantly from VCF.
Storage management system architecture
The responsibility for managing the storage of ePHI is an
enterprise responsibility and must be an integrated solution and
not a departmental solution. Each department must specify the
functional and security requirements for the ePHI it generates as
long as any authorized user also has access to the ePHI.
The enterprise storage management system must provide the
- From a functionality perspective the clinical requirements of
each application must be met.
- Availability of ePHI-24 hours by 365 days with minimal to
- Accessibility-response time to read (retrieve) and write
ePHI to the storage system.
- Longevity and durability of the storage system and components
to meet the mandated retention time for ePHI.
- How long will the media and the components used to
read/write to the media be available and be supported
(technology obsoles-cence-typically 3 to 6 years depending on
when purchased in its life-cycle). Will there be backward
compatibility or will ePHI have to be migrated?
- ePHI must be accessible for 5 to 10 years or longer,
factors that affect durability include wear and tear from
read/write components, temperature, humidity changes, etc. The
integrity of ePHI on the media must be validated
- Scalability of the storage system to meet current and future
storage requirements while minimizing future cost.
- Compliance with HIPAA relating to access control, data
integrity, audit requirements and disaster recovery of ePHI.
Figure 1 illustrates the data flow and storage schematics for
the variable content files (VCFs), e.g., the databases associated
with theRIS and PACS. The options for backup and disaster recovery
for these data are also shown. Figure 2 illustrates a 3-tiered data
storagestrategy for fixed content files (FCFs), such as clinical
- Tier-1 storage archives online studies for 90 days to 2 years
depending on whether the facility is an inpatient or outpatient
imagingcenter and depending on the makeup of the patient
- Tier-2 long-term storage is used to retain images for the
legal life of the study.
- Tier-3 disaster recovery is a back-up copy retained for the
legal life of the study.
After a study is acquired by the modality, it is stored there
and forwarded to the PACS, which stores it on tier-1 storage and
the study's digital imaging and communications in medicine (DICOM)
header information is compared to the study data on the RIS. After
verification, the study is forwarded to tier-2 storage and then to
tier-3 disaster recovery. Initially, there will be 4 copies of the
study. The study will generally be eliminated from the modality
after 1 day or more, resulting in 3 copies being stored.
Eventually, when the study is eliminated from tier-1 storage, 2
copies will be stored for the legal life of the study.
The Health Information Portability and Accountability Act
(HIPAA) security regulations became effective April 21, 2005. They
confidentiality, integrity and availability
(CIA) of ePHI.
HIPAA regulations include electronic health records past, present
and future, relating to the physical or mental well-being of a
person. The security regulations can be an effective tool to
guarantee that IT provides the radiologist with a storage
management system that will provide the required availability and
accessibility to ePHI regardless of its location for as long is it
is legally required to be retained-irrespective of internal or
external factors. These requirements are essential if the
radiologist is to provide diagnostic results in a timely manner to
ensure quality patient healthcare.
is the assurance that ePHI is available to only authorized persons
or organizations. HIPAA covers ePHI stored on any typeo f media
including portable computers and related devices, as well as ePHI
transmitted electronically via the internet, including e-mail. ePHI
that is stored on media, or electronically transmitted, must be
encrypted both when in transit and stored on physical media when it
can be accessed by unauthorized individuals or organizations. This
includes portable computers and memory devices.
is the assurance that systems responsible for delivering, storing
and processing ePHI are accessible in a timely manner by those who
need them under both routine and emergency situations. HIPAA
requires that 2 copies of ePHI must exist, so if 1 copy is
accidently destroyed during its legal life (retention period), a
second copy will be available in a secure and accessible location.
Retention period can be defined as the mandated time (as specified
by federal, state or local statutes) that medical information must
be retained in its original or legal form.
is the assurance that ePHI is not changed unless an alteration is
known, required, documented (audit trail), validated and
authoritatively approved. When ePHI has been authoritatively
approved, e.g. a clinical study has been interpreted and the report
signed by an authorized person, it should be stored in a format
that inhibits unauthorized alterations such as write once, read
many (WORM) format.
Compressing clinical studies
Clinical studies, i.e. FCFs, can be compressed. The reasons for
compressing images include decreased transmissiontimes, decreased
storage requirements, decreased infrastructure bandwidth
requirements for transmitting the images, and reduced cost of
storage and infrastructure.
There are two types of compression: lossless and lossy. If
lossless compression is used, the original image can be
reconstructed from the compressed image without loss of any of the
original data. This is accomplished by using the data redundancy
within the image to decrease the image size. Compression ratios of
between 1.8:1 and 2.8:1 can be achieved depending on the imaging
modality and body part. The user should verify that the PACS vendor
is using a DICOM-compliant lossless compression algorithm to
compress the images. If the vendor is using a U.S. Food and Drug
Administration (FDA)-approved compression algorithm that is not
DICOM compliant, it may negatively impact interoperability of the
images with other applications. It may also increase future data
migration costs, as well as lock in the current PACS vendor, since
the compression algorithm may be proprietary.
When a study is compressed using lossy compression, no
clinically significant data is lost; however, the original
information cannot becompletely reconstituted. Currently it is
primarily used for web distribution of images for review purposes
rather than primary interpretation. The compression ratio must be
stated on each image of the study. The compression ratios depend on
body part and modality. Typically:
- Computed radiography (CR) and digital radiography (DR) employ
a 20:1 compression ratio
- Computed tomography (CT) em-ploys a 10:1 compression
- Magnetic resonance imaging (MRI) employs a 5:1 compression
A study by Dr. David Koff for the Canadian Association of
Radiologists evaluated the use of 2 DICOM-compliant lossy
compressionalgorithms and found that lossy compression had no
effect on the diagnostic accuracy of interpretations made for
modalities and body parts tested.
Centers in the United States now use lossy compressed studies for
primary interpretation with the exception of mammograms, which is
not FDA approved. The decision to use lossy compression for primary
diagnosis is up to the physician. The use of lossy compression for
primary interpretation and storage will significantly reduce the
cost of storage management and possibly telecommunication
A caveat: If lossy compression is used for primary
interpretation, only store the lossy compressed study. Do not store
the lossless compressed study because it is not considered the
legal and original copy.
Retention and destruction of ePHI
Many of the retention and destruction requirements of ePHI are
federally mandated by the FDA, HIPAA and others. In addition, state
and local entities impose their own requirements, which in many
cases are more restrictive than those federally mandated. To
further complicate the matter, retention requirements are typically
5 to 7 years, but they vary by type of healthcare entity, by type
of ePHI, and even by subcategories within radiology such as
mammography and pediatrics. Images stored for purposes of complying
with regulatory backup (disaster recovery) requirements must be of
the same quality as images used for primary diagnostic
Resulting from the complex rules governing retention of ePHI,
automation of its destruction is not currently possible. The most
cost-effective solution to manage outdated ePHI may be permanent
retention. Any study that is deleted must be documented, and the
study typically will only be deleted from the demographic database
and not from the storage media.
Clinical study storage requirements
Beyond 1 or 2 years, projecting the storage requirements for a
radiology department is at best an educated guess. Storage
requirements tend to increase as the capabilities of modalities are
enhanced and new protocols are introduced for CT, CT angiography
(CTA), MRI, MR angiography (MRA) and fused studies such as positron
emission tomography (PET)-CT and single photon emission computed
tomography (SPECT)-CT. This is also true in subspecialties such as
women's imaging, which is rapidly going digital with digital
mammography, MR, tomosynthesis and cone-beam CT.
Studies consist of images which are made up of picture elements,
pixels, that have an "x" and "y" dimension. Each pixel contains a
value that is 1 or 2 bytes and 3 bytes for color. The modality
acquires the images in full resolution, i.e., uncompressed, and the
PACS typically compresses the images in a lossless compressed
format, which reduces the storage requirements by a factor of 1.8
Table 1 illustrates the typical number of images and image size
for a variety of radiological procedures along with the
uncompressed and lossless compressed storage requirements for these
studies. Note that as the image size doubles, e.g. 256 by 256
pixels to 512 by 512 pixels,the storage required for that image
quadruples. Table 2 provides an estimate for the storage
requirements for a radiology department performing 100,000
procedures distributed as specified at 4.1 terabytes (TB)
uncompressed and 1.6 TB lossless compressed. Table 3 provides
storage estimates for digital mammography for both screening and
diagnostic studies. Table 4 provides similar information for breast
Periodically, the radiology studies stored on a storage system
have to be moved, or migrated, to another storage system. Data
migration is typically required when changing PACS vendors, when
converting from departmental silos of storage to enterprise
storage, sometimes when a PACS system is upgraded, when storage
requirements need to be increased, and also due to technology
obsolescence of storage components.
To maintain system efficiency, data migration may be required as
frequently as every 3 to 5 years. Data migration is both time
consuming and expensive.
Every effort should be made to require vendors to store data in
a vendor-neutral DICOM-compliant format. Depending on the amount of
data to be migrated, data migration can cost hundreds of thousands
of dollars and take a year or more. Much of the cost and effort of
datamigration can be mitigated by outsourcing long-term storage and
disaster recovery to a storage service provider (SSP) that
maintains the datain a secure and rapidly accessible off-site data
center that is vendor neutral.
Disaster recovery and business continuance
Disaster recovery of ePHI is mandated by HIPAA. HIPAA security
regulations require backup of retrievable exact copies, i.e. a copy
from which the diagnosis was made, of all ePHI.
Figures 1 and 2 present disaster recovery strategies for both FCF
Disaster recovery provides the ability to restore ePHI that has
been corrupted or deleted due to hardware or software failure,
human error or a catastrophic event. Disaster recovery alone is not
sufficient to provide the level of availability of ePHI required in
a healthcare environment. Disaster recovery includes component
failure, as well as human errors that comprise >95% of these
events, whereas catastrophic events such as power failures,fire,
flood and other natural disasters (or acts of terror) are
Business continuance must be implemented to provide a
satisfactory level of availability of ePHI while the system failure
is corrected and disaster recovery restores the unavailable ePHI.
Business continuance provides access to ePHI via alternate pathways
or workarounds within the institution. A business continuance plan
is made up of multiple components, including:
- Work-arounds that are developed and documented to access ePHI
from alternate locations or sources.
- Elimination of single points of failure in the
infrastructure, application gateways and interfaces, etc.
- Installation of alternate data pathways if a transmission
line should be accidentally cut, and installation of back-up
power sources,including both uninterruptible power sources and
automated emergency power generators.
- Implementation of a test server to run all new applications
and upgrades prior to clinical use.
- Use of clustered or virtualized servers instead of
- Contracting an SSP to provide rapid access to ePHI (both FCF
and VCF) that is stored off-site in a secure data center.
Vendors providing healthcare-related hardware or software must
be required to provide well-documented service level
agreements(SLAs) that are enforceable and contain monetary
penalties if they do not adhere to their SLA. The SLA must contain
a return to operation statement (RTO)
Disaster recovery can be implemented using several approaches
that adhere to the letter of the HIPAA regulations, but not
necessarily the intended spirit of HIPAA, i.e. rapid access to an
exact unaltered copy of ePHI. ePHI can be backed-up to tape or
other media and stored off-site in a fire- and heat-proof safe or
with a secure storage vendor. These approaches satisfy the letter
of the law and are inexpensive, but will not minimize downtime and
they could expose the healthcare entity to lost productivity and
other economic and healthcare risks.
Options that satisfy both the letter and spirit of the mandate,
and provide a form of risk management insurance,
- Back-up ePHI in a second, secure data center operated by the
healthcare entity, preferably at a site >100 miles from the
- Rent space and functionality at a tier-3 or tier-4 data
center located at >100 miles from the healthcare
- Store ePHI in multiple data centers owned by the healthcare
entity and utilize grid-storage technology.
- Outsource the management and storage of ePHI for disaster
recovery, and possibly for long-term storage, to an SSP.
The mandatory procedures and additional precautions discussed as
part of disaster recovery and business continuance will add to the
cost compared with a strategy that just adhered to the letter of
the mandated requirements. However, these additional expenditures
for disaster recovery and business continuance must be considered
part of the healthcare facility's risk management expenditure, i.e.
insurance,that will minimize or eliminate the cost of downtime
because of human error, system failure or technology obsolescence.
Calculate the cost for an adequate level of disaster recovery and
business continuance against the tangible and intangible costs of
downtime such as lost productivity, delayed patient care,
diminished public relations and impact on cash-flow.
Isolated silos of departmental storage must be eliminated in
favor of an enterprise storage solution. Storage requirements will
continue to increase annually, however, the use of lossy compressed
studies for primary interpretation, when in widespread use, will
temper the need for an ever-expanding storage management system
with faster networks for clinical studies.
The IT department must manage and fund the storage management
system and provide radiology and other authorized users
24-hours-by-365-days access and availability to the stored,
unaltered ePHI that is needed to provide cost-effective
- Updated tier classifications define infrastructure
performance. Available at www.uptimeinstitute.org. Accessed April
- Smith, EM. The outsourcing option.
Advance for Imaging and Oncology Administrators.
- Smith EM. Advantages of outsourced storage surpass expenses.
- 45 CFR Part 164; §308(a)(7)(i) Contingency Plan, §308 (a) (7)
(ii) (B) Disaster Recovery Plan, (C) Emergency Mode Operation
Plan, (D) Testing and Revision Procedures, (E)Applications and
Data Criticality Analysis.
- Koff D, Bak P, Brownrigg P. Pan-Canadian evaluation of lossy
compression ratios for developments of national guidelines,
Presented at SIIM 2007, Providence, RI.
- Dilulio, R. Migrating with the times. Available at
Accessed April 15, 2009.
- Valenza, T. Changing PACS: Time, Money and DICOM. Available
at www.imagingeconomics.com/ issues/articles/2007-06_01.asp.
Accessed April 15, 2009.
- Smith EM. Risk Management.
Advance for Imaging & Radiation Oncology
, in press.
- Langer SG. Issues surrounding PACS archiving to external
third party DICOM archives,
J of Digital Imaging,