Upload
douglas-ball
View
223
Download
2
Tags:
Embed Size (px)
Citation preview
MIRC Clinical Trials Software
MIRC Clinical Trials Software
Medical Imaging Resource CenterMedical Imaging Resource Center
Technical IssuesTechnical Issues
1.1. Image acquisitionImage acquisition
2.2. AnonymizationAnonymization
3.3. Data transportData transport
4.4. Image managementImage management
5.5. Non-image dataNon-image data
6.6. Configuration managementConfiguration management
FCDICOM
FCDICOM
PIDICOM
MIRC Clinical Trial DataflowMIRC Clinical Trial Dataflow
Database
HTTP
InternetHTTP / HTTPS
Typical MIRC DataflowTypical MIRC DataflowPrincipalPrincipal
InvestigatorInvestigator
PACS
MIRCMIRC
Modality
Field CenterField Center
Database
Work-stations
PACS
FieldCenterFieldCenterStorage SCPHTTP ServerAnonymizer
Storage SCUS/W Update
DICOMDICOM
HTTP(S)HTTP(S)
DIC
OM
DIC
OM
Image AcquisitionImage Acquisition
DICOM ImagesDICOM Images
from Modalities orfrom Modalities or
from PACSfrom PACS
Images contain Images contain
clinical PHIclinical PHI
plus trial IDsplus trial IDs
Modality PACS
FieldCenterFieldCenterDICOM Storage DICOM Storage
SCPSCP
DICOMDICOM
• AnonymizationAnonymization– Removal of PHIRemoval of PHI– Replacement of PHI with values that are Replacement of PHI with values that are
the same for all patientsthe same for all patients
• PseudonymizationPseudonymization– Replacement of PHI with values that are Replacement of PHI with values that are
specific to the patient and the trial but specific to the patient and the trial but which are not meaningful anywhere elsewhich are not meaningful anywhere else
Anonymization and Pseudonymization Anonymization and Pseudonymization
The HIPAA 18The HIPAA 181.1. Name Name 2.2. Location; all geographic subdivisions smaller than a state, including Location; all geographic subdivisions smaller than a state, including
street address, city, county, precinct, zip code, and their equivalent street address, city, county, precinct, zip code, and their equivalent geocodes. geocodes.
3.3. Dates (all dates related to the subject of the information, e.g. birth dates, Dates (all dates related to the subject of the information, e.g. birth dates, admission dates, discharge dates, encounter dates, surgery dates, etc.) admission dates, discharge dates, encounter dates, surgery dates, etc.)
4.4. Telephone numbers Telephone numbers 5.5. Fax numbers Fax numbers 6.6. Electronic mail addresses Electronic mail addresses 7.7. Social security numbers Social security numbers 8.8. Medical record numbers Medical record numbers 9.9. Health plan beneficiary numbers Health plan beneficiary numbers 10.10. Account numbers Account numbers 11.11. Certificate / license numbers Certificate / license numbers 12.12. Vehicle identifiers and serial numbers, including license plate numbers Vehicle identifiers and serial numbers, including license plate numbers 13.13. Device identifiers and serial numbers Device identifiers and serial numbers 14.14. Web Universal Resource Locators (URLs) Web Universal Resource Locators (URLs) 15.15. Internet Protocol (IP) address numbers Internet Protocol (IP) address numbers 16.16. Biometric identifiers, including finger and voice prints Biometric identifiers, including finger and voice prints 17.17. Full face photographic images and any comparable images Full face photographic images and any comparable images 18.18. Any other unique identifying number, characteristic, or code Any other unique identifying number, characteristic, or code
PseudonymizationPseudonymization
Element typesElement types– Patient IDPatient ID– Dates (Birth / Study)Dates (Birth / Study)– UIDsUIDs– Accession, non-unique IDsAccession, non-unique IDs
Central vs distributed remappingCentral vs distributed remapping
Hashing vs remappingHashing vs remapping
Mapping / HashingMapping / Hashing
• Central vs local mappingCentral vs local mapping– Central mapping is more controlled, but it Central mapping is more controlled, but it
requires that PHI be kept at the PI’s site.requires that PHI be kept at the PI’s site.– Local mapping is more susceptible to data Local mapping is more susceptible to data
loss, but has a different security profile.loss, but has a different security profile.
• HashingHashing– Very convenient in a multi-center trial and Very convenient in a multi-center trial and
very secure, but inversion can only be very secure, but inversion can only be done through a dictionary attack.done through a dictionary attack.
Anonymizer ScriptingAnonymizer Scripting
• Modality-specificModality-specific• Manufacturer-specificManufacturer-specific• MIRC-defined script languagesMIRC-defined script languages
– DICOMDICOM– XMLXML
• Shared remapping tablesShared remapping tables– Self-consistencySelf-consistency
• Script language documentationScript language documentation– http://mircwiki.rsna.orghttp://mircwiki.rsna.org
Data TransportData Transport
• Principal issue: securityPrincipal issue: security– HTTP – data is in the clearHTTP – data is in the clear– HTTPS – data is encryptedHTTPS – data is encrypted– VPN – data and IPs are encryptedVPN – data and IPs are encrypted
• FirewallsFirewalls
FC PIInternet
HTTP / HTTPS
Negotiating FirewallsNegotiating Firewalls
Connections and portsConnections and ports
Inbound vs outbound connectionsInbound vs outbound connections
Connection streamsConnection streams
WWW example:WWW example:– How the web page gets back to the browserHow the web page gets back to the browser
Browser Web SiteInternet80
Firewalls in Clinical TrialsFirewalls in Clinical Trials
Minimize the need for support at acquisition sitesMinimize the need for support at acquisition sites
Acquisition site:Acquisition site:– Only make outbound connectionsOnly make outbound connections
PI site:PI site:– Allow inbound connections on 8443Allow inbound connections on 8443
FC PIInternet
HTTP / HTTPS
8443
Additional Security: the DMZAdditional Security: the DMZ
Receive data in the DMZReceive data in the DMZ
Poll the DMZ to import to the data managerPoll the DMZ to import to the data manager
DataManager
PI8443
DMZ
InternalNetwork
Image ManagementImage Management
ProcessingProcessing
StorageStorage
Export to participating systemsExport to participating systems–Other PIsOther PIs
–PACS / workstationsPACS / workstations
DatabaseDatabase
Processing PipelineProcessing Pipeline
• Import ServiceImport Service– HTTP / DICOM / HTTP with pollingHTTP / DICOM / HTTP with polling
• PreprocessorPreprocessor– AnonymizerAnonymizer
• Storage ServiceStorage Service• Export ServiceExport Service
– HTTP / HTTPSHTTP / HTTPS– DICOMDICOM– DatabaseDatabase
The RSNA MIRC Software for Clinical Trials
The RSNA MIRC Software for Clinical Trials
• FieldCenterFieldCenter– Acquisition sitesAcquisition sites
• MIRCsiteMIRCsite• ClinicalTrialProcessorClinicalTrialProcessor
– Highly configurableHighly configurable– More flexible and extensibleMore flexible and extensible– Includes all types of stagesIncludes all types of stages– To be released 1Q2008To be released 1Q2008
• See the wiki for documentationSee the wiki for documentation
XMLServerXMLServer
OS FileOS FileSystemSystem
InputInputQueueQueue
StorageStorageServiceService
MIRCMIRCIndexIndex
AdminAdminServiceService
AuthorAuthorServicesServices
FileFileServiceService
Ob
jec
t P
roc
es
so
rO
bje
ct
Pro
ce
ss
or
MIRCMIRCAnonymizerAnonymizer
DICOMDICOMImportImport
QueryQueryServiceService
MIRC Site ServicesMIRC Site ServicesSubmitSubmitServiceService
ZipZipServiceService
TCETCEServiceService
HTTPHTTPExportExport
HTTPHTTPImportImport
DICOMDICOMExportExport
DICOMDICOMImportImport
MIRCMIRCAnonymizerAnonymizer
DatabaseDatabaseExportExport
MIRC Clinical Trial Data TypesMIRC Clinical Trial Data Types
•ImagesImages
– DICOM, multi-mediaDICOM, multi-media
•Text dataText data
– XMLXML
•Trial-specific file collectionsTrial-specific file collections
– Zip (with manifest)Zip (with manifest)
•Undefined file typeUndefined file type
Configuration ManagementConfiguration Management
• IT support at field centers is almost IT support at field centers is almost unavailable.unavailable.
• Initial software installation requires a Initial software installation requires a human being, but it should be simple.human being, but it should be simple.
• Software updates should require a Software updates should require a person to trigger them.person to trigger them.
• Anonymizer scripts should be Anonymizer scripts should be automatically updated.automatically updated.
MIRC Update ServiceMIRC Update Service
MIRCMIRCUpdateUpdateServletServlet
HTTP(S)HTTP(S)
FieldCenterFieldCenterStorage SCPHTTP ServerAnonymizerStorage SCUS/W Update
S/WS/W
Config 1Config 1
Config 2Config 2
Config nConfig n
FieldCenter SitesFieldCenter Sites
The RSNA MIRC SoftwareThe RSNA MIRC Software
Runs on Windows, Mac, Linux, SolarisRuns on Windows, Mac, Linux, SolarisThree components:Three components:
Java / Tomcat / MIRCJava / Tomcat / MIRC
All components are freeAll components are freeMIRC Users Group meetings:MIRC Users Group meetings:
11/2511/25 1:30 - 3:30 1:30 - 3:30 E251E25111/2911/29 12:15 - 2:1512:15 - 2:15 E257E257
Questions/Answers & HelpQuestions/Answers & HelpThe MIRC WikiThe MIRC Wiki
– http://mircwiki.rsna.orghttp://mircwiki.rsna.org
RSNA Forums:RSNA Forums:– http://forums.rsna.orghttp://forums.rsna.org
– User Comments, Questions and AnswersUser Comments, Questions and Answers– RSNA MIRC Software AnnouncementsRSNA MIRC Software Announcements– MIRC Implementers’ CornerMIRC Implementers’ Corner
Subscribe on the Forums siteSubscribe on the Forums site