Medical imaging acquired for clinical purposes can have several legitimate secondary uses in research projects and teaching libraries. For these uses, and when imaging is acquired directly for research, most personal data can be safely removed, but in many cases it is necessary to keep some personal data or a link with the personal data. At this moment, no commonly accepted solution exists because the amount of personal data that is required by researchers and teaching libraries varies case by case.
DICOM Confidential is an open source DICOM (Digital Imaging and Communications in Medicine) de-identification toolkit that provides the necessary flexibility to account for different de-identification requirements and does not impose a given anonymisation model. It also provides a mechanism for forwarding the anonymous output to a remote site using either SFTP (SSH File Transfer Protocol) or DICOM communications protocol. The core functionality is contained in a Java library, which we have used to develop two DICOM anonymisation applications; these are included in the toolkit: one for DICOM files contained in a folder and one for objects received via the DICOM protocol (a receiver). A separate graphical application is provided to help users in policy writing and configuration.
In the case of multicentre clinical research projects a uniform, accountable de-identification process at all the participant centres is desirable. This can be done by prior distribution of the Privacy Policy to be used or by deploying it in a web server from which DICOM Confidential can read it directly. The toolkit was deployed in a multicentre setup and the experience gained in this deployment is presented.
Relevant files and media
PrivacyGuard News