Storing DICOM headers in SQL & HIPAA

StackOverflow https://stackoverflow.com/questions/11788217

  •  24-06-2021
  •  | 
  •  

Question

I am reading DICOM headers and storing them in a database. Is there a list of DICOM objects that need to be store encrypted or anonymized in order to be HIPAA compliant?

This is the sort of list of DICOM tags we are storing: PatientID, PatientsName, PatientsBirthDate, StudyDate, StudyInstanceUid, SopInstanceUid, etc...

Was it helpful?

Solution

Interesting question. I've never come across a specific list that is ordered by dicom tag.

There is a dicom header anonymizer written as a Ruby gem (Ruby-Dicom).

Looking at it's source code here, I see that these are the fields they chose to address starting around line #663:

  ["0008,0012", "20000101", false], # Instance Creation Date
  ["0008,0013", "000000.00", false], # Instance Creation Time
  ["0008,0020", "20000101", false], # Study Date
  ["0008,0023", "20000101", false], # Image Date
  ["0008,0030", "000000.00", false], # Study Time
  ["0008,0033", "000000.00", false], # Image Time
  ["0008,0050", "", true], # Accession Number
  ["0008,0080", "Institution", true], # Institution name
  ["0008,0090", "Physician", true], # Referring Physician's name
  ["0008,1010", "Station", true], # Station name
  ["0008,1070", "Operator", true], # Operator's Name
  ["0010,0010", "Patient", true], # Patient's name
  ["0010,0020", "ID", true], # Patient's ID
  ["0010,0030", "20000101", false], # Patient's Birth Date
  ["0010,0040", "N", false], # Patient's Sex
  ["0020,4000", "", false], # Image Comments

OTHER TIPS

The GDCM project has a tool called gdcmanon that also annonymizes the data. The description in the man page describes that the tool claims that it's following a section out of the DICOM specification.

The gdcmanon tool is an implementation of PS 3.15 / E.1 / Basic Application Level Confidentiality Profile (Implementation of E.1.1 De-identify & E.1.2 Re-identify)

The man page has some further links to the DICOM spec.

The DICOM Standard at the time of releasing gdcmanon is:
ftp://medical.nema.org/medical/dicom/2008/

Direct link to PS 3.15-2008:
ftp://medical.nema.org/medical/dicom/2008/08_15pu.pdf
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top