Image CDs pose security risks, study finds

CDs containing patient and imaging data can be altered and reproduced without any sign of the changes, according to an article published online in the Journal of Digital Imaging.

"Such media should be considered unsafe where there is a potential for financial or other gain to be had from altering the data, and the copy cannot be cross-checked with the original data," according to researchers from the department of small animal clinical sciences at the University of Copenhagen in Denmark.

The study team evaluated image CDs produced by software supplied with computed radiography units from Agfa HealthCare of Mortsel, Belgium, and Fujfilm Medical of Tokyo. Content from both CDs were copied onto a partitioned drive of a Windows XP-based PC, and folders were created to contain the CD's entire content (JDI, August 21, 2007).

These folders' properties were then set to "shared"; each folder was then mapped to a network drive to permit the content of the CD to be run directly from the hard drive and allow changes to the files to be tested using the autorun.exe file, according to the researchers.

The study team then viewed each CD in the manufacturer-supplied DICOM reader and identified data fields of interest, including patient identification number, name, age, date of birth, study accession number, date of study, and institution. After closing the viewers, the content of each CD was examined using a standard Windows file browser.

The Agfa CD contained data in a Microsoft Access database, and the password required to alter the file structure was revealed using Access PassView software. At that point, the researchers opened images from both CDs and edited their tags using the DicomWorks utility.

The researchers noted that no expert computer assistance was needed; both authors are veterinarians specializing in diagnostic imaging and have no formal computer training. They said they were, however, experienced users of database, DICOM, and HTML files.

In both cases, the researchers were able to burn a fresh CD containing altered DICOM image files, a new dicom.dir file, as well as the original autorun.exe file and remaining files. Both CDs opened in the same way as the original disk, but displayed the altered data, according to the study team.

Users should be aware of the vulnerability to alteration of study and image data on CDs, the authors concluded.

"The need for data that is robust and secure should be communicated to the manufacturers, and professionals involved in imaging should not compromise themselves by using these media for anything other than the usage the manufacturers approve in their license agreements and program documentation," the authors wrote.

By Erik L. Ridley staff writer
August 31, 2007

Related Reading

Testing procedure improves usability of DICOM CDs, January 22, 2007

IHE's Import Reconciliation Workflow eases portable media handling, July 17, 2006

Handling priors and the 'portable patient': A case for inter-PACS communication, November 16, 2005

Copyright © 2007

Page 1 of 775
Next Page