Usually, there were multiple clinical departments providing imaging-enabled healthcare
services in enterprise healthcare environment, such as radiology, oncology, pathology, and
cardiology, the picture archiving and communication system (PACS) is now required to
support not only radiology-based image display, workflow and data flow management, but
also to have more specific expertise imaging processing and management tools for other
departments providing imaging-guided diagnosis and therapy, and there were urgent demand
to integrate the multiple PACSs together to provide patient-oriented imaging services for
enterprise collaborative healthcare. In this paper, we give the design method and
implementation strategy of developing grid-based PACS (Grid-PACS) for a hospital with
multiple imaging departments or centers. The Grid-PACS functions as a middleware between
the traditional PACS archiving servers and workstations or image viewing clients and provide
DICOM image communication and WADO services to the end users. The images can be
stored in distributed multiple archiving servers, but can be managed with central mode. The
grid-based PACS has auto image backup and disaster recovery services and can provide best
image retrieval path to the image requesters based on the optimal algorithms. The designed
grid-based PACS has been implemented in Shanghai Huadong Hospital and been running for
two years smoothly.
A number of hospitals in Shanghai are piloting the development of an EHR solution based on a grid concept with a
service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows
seamless sharing of images and reports across the multiple hospitals. The EHR solution is fully aligned with the IHE
XDS-I integration profile and consists of the components of the XDS-I Registry, Repository, Source and Consumer
actors. By using SOA, the solution uses ebXML over secured http for all transactions with in the grid. However,
communication with the PACS and RIS is DICOM and HL7 v3.x. The solution was installed in three hospitals and one
date center in Shanghai and tested for performance of data publication, user query and image retrieval. The results are
extremely positive and demonstrate that the EHR solution based on SOA with grid concept can scale effectively to
server a regional implementation.
KEYWORDS: Picture Archiving and Communication System, Computer security, Information security, Surgery, Computing systems, Medicine, Databases, Network security, Control systems, Magnetic resonance imaging
As a governmental regulation, Health Insurance Portability and Accountability Act (HIPAA) was issued to protect the
privacy of health information that identifies individuals who are living or deceased. HIPAA requires security services
supporting implementation features: Access control; Audit controls; Authorization control; Data authentication; and
Entity authentication. These controls, which proposed in HIPAA Security Standards, are Audit trails here. Audit trails
can be used for surveillance purposes, to detect when interesting events might be happening that warrant further
investigation. Or they can be used forensically, after the detection of a security breach, to determine what went wrong
and who or what was at fault. In order to provide security control services and to achieve the high and continuous
availability, we design the HIPAA-Compliant Automatic Monitoring System for RIS-Integrated PACS operation. The
system consists of two parts: monitoring agents running in each PACS component computer and a Monitor Server
running in a remote computer. Monitoring agents are deployed on all computer nodes in RIS-Integrated PACS system to
collect the Audit trail messages defined by the Supplement 95 of the DICOM standard: Audit Trail Messages. Then the
Monitor Server gathers all audit messages and processes them to provide security information in three levels: system
resources, PACS/RIS applications, and users/patients data accessing. Now the RIS-Integrated PACS managers can
monitor and control the entire RIS-Integrated PACS operation through web service provided by the Monitor Server.
This paper presents the design of a HIPAA-compliant automatic monitoring system for RIS-Integrated PACS Operation,
and gives the preliminary results performed by this monitoring system on a clinical RIS-integrated PACS.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.