Subjects anonymization
david.b...@brain-dynamics.es
Cinly Ooi
I am not sure whether tools like XNAT Desktop will do the anonymization first before sending data to XNAT.
Cinly
*****
“There should not be an over-emphasis on what computers tell you, because they only tell you what you tell them to tell you,” -- Joe Sutter, Boeing 747 Chief Engineer.
Hello. I'm using XNAT 1.7.3 and I'd like to know how to achieve a full subject anonymization. If I have understood how XNAT handles the anonymization, it overrides or deletes DICOM headers according to the anonymization scripts. However, the actual patient data read from the DICOM files is used and stored in the database. If you upload a DICOM image of a new subject, it will even create a new subject with the patient's name. What I want to do is remove the patient data and maybe other data too BEFORE it is used, thus making XNAT oblivious to that information. Is there a way to do that through configuration or do I have to add or modify the code? Thanks in advance.
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussion+unsubscribe@googlegroups.com.
To post to this group, send email to xnat_discussion@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
McKay, Mike
Another option is to upload the data using the XNAT Upload Applet or the XNAT Upload Assistant. If you upload the data via either of these methods and have saved a site-wide anonymization script, your data should be anonymized before being uploaded to XNAT. You can go to https://wiki.xnat.org/display/XW2/Step+4+of+8:+Write+Anonymization+Scripts for more information on this. Hope that helps!
-Mike
--
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To post to this group, send email to xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
xnat_discussi...@googlegroups.com.
To post to this group, send email to
xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.
Herrick, Rick
This is actually isn’t how anonymization works through the receive/prearchive/archive lifecycle, or at least doesn’t take the site anonymization script into consideration. Incoming DICOM data is actually anonymized at two separate points in this process:
· As the data is received and written to the prearchive, the site-wide anonymization script is applied
· As the data is moved from the prearchive to the archive, the anonymization script for the project is applied
To illustrate this, I set up a site-wide anonymization script that had the following expression:
(0008,1090) := "SITE ANON"
I also set up a script for my project with this:
(0010,21B0) := "PROJECT ANON"
I then set some values in the DICOM I was sending:
$ dcmdump +P "0008,1090" +P "0010,21B0" ~/DICOM/test-anon/000001.dcm
(0008,1090) LO [TOTALLY PRIVATE STUFF] # 22, 1 ManufacturerModelName
(0010,21b0) LT [PRETTY PRIVATE STUFF] # 20, 1 AdditionalPatientHistory
I sent the data via C-STORE to XNAT and it landed in the prearchive. Looking at the data that lands in the prearchive yields:
$ find . -type f -name *.dcm | xargs dcmdump +P "0008,1090" +P "0010,21B0" | more
(0008,1090) LO [SITE ANON] # 10, 1 ManufacturerModelName
(0010,21b0) LT [PRETTY PRIVATE STUFF] # 20, 1 AdditionalPatientHistory
So the tag specified in the site-wide anon script has been anonymized away, while the project-specific tag still has its original value. Now I moved the data from the prearchive to the archive project. The data that lands there shows this:
$ find . -type f -name *.dcm | xargs dcmdump +P "0008,1090" +P "0010,21B0" | more
(0008,1090) LO [SITE ANON] # 10, 1 ManufacturerModelName
(0010,21b0) LT [PROJECT ANON] # 12, 1 AdditionalPatientHistory
The original tag values are completely gone from the system at this point: they can’t be found in log files, the database, catalog XML files, nor in the DICOM data stored in the archive. They’re also not accessible in the DICOM header dumps through UI, which are actually generated on demand and so will only return what’s in the DICOM itself.
From this, we can say that your DICOM data is completely secure and anonymized with a couple of caveats:
· Data en route from the sender to the DICOM receiver would be vulnerable to network sniffing or man-in-the-middle attacks (XNAT doesn’t support TLS encryption on its receiver, although that would be something that could be set up; support for TLS encryption in many sender tools is a bit spotty as well)
· If there is a significant number of DICOM tags that may contain sensitive data for one project but contain important values to retain for another project (meaning that those values can’t be anonymized or deleted at the site-wide level), those fields would be exposed for the period of time that the data sits in the prearchive before being moved to the target project
· If your anonymization scripts don’t delete or transform sensitive data values, those fields would be exposed
Like Mike said, you can use the upload assistant application to send data as well. That has a number of advantages:
· The upload assistant applies the site-wide and project-specific anonymization scripts on the data before being sent across the wire. This means that even a MITM exploit would fail to extract sensitive information (again, presuming the anon scripts are effectively scrubbing that data).
· It uses http(s) for transfer, meaning that the reliability of the network connection is much better and more suited for long-haul data transfers (e.g. between institutions), whereas C-STORE traffic has a very high failure rate outside of fairly closely tied networks.
It has its disadvantages as well, since it requires a separate installation, isn’t integrated directly into most clinical workflows the way that standard DICOM composite operations are, etc.
HTH.
--
Rick Herrick
Sr. Programmer/Analyst
Neuroinformatics Research Group
Washington University School of Medicine
From:
"xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com> on behalf of Cinly Ooi <cinl...@gmail.com>
Reply-To: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com>
Date: Wednesday, January 25, 2017 at 10:13 AM
To: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com>
Subject: Re: [XNAT Discussion] Subjects anonymization
If you push data to XNAT Prearchive, a copy of your stored data will be placed in Prearchive, in my case /export/data/xnat/prearchive, where /export/data/xnat is the top level directory for all XNAT data. In Prearchive, the data that gets stored that is an exact copy of what you had uploaded.
--
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To post to this group, send email to xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
xnat_discussi...@googlegroups.com.
To post to this group, send email to
xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
Daniel Marcus
--
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussion+unsubscribe@googlegroups.com.
To post to this group, send email to xnat_discussion@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussion+unsubscribe@googlegroups.com.
To post to this group, send email to xnat_discussion@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussion+unsubscribe@googlegroups.com.
To post to this group, send email to xnat_discussion@googlegroups.com.
david.b...@brain-dynamics.es
--
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To post to this group, send email to xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To post to this group, send email to xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To post to this group, send email to xnat_di...@googlegroups.com.
Daniel Marcus
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussion+unsubscribe@googlegroups.com.
To post to this group, send email to xnat_discussion@googlegroups.com.
Maria de la Iglesia Vayá
Hi all
----
C/Eduardo Primo Yúfera (Científic), nº 3 (Junto Oceanográfico)
46012 Valencia, Spain
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussion+unsubscribe@googlegroups.com.
To post to this group, send email to xnat_discussion@googlegroups.com.
