DICOM Encryption and Anonymization

What is DICOM Encryption, and how is it different from Anonymization?

DICOM encryption is vital for securing medical image data using encryption techniques in the DICOM (Digital Imaging and Communications in Medicine) format. DICOM is a widely used standard for storing and transmitting medical images, such as X-rays, MRIs, and CT scans. DICOM encryption is an essential security measure in the healthcare industry to protect patient data and ensure compliance with privacy regulations, such as Health Insurance Portability and Accountability Act (HIPPA). It’s important to note that encryption is just one aspect of securing DICOM data. To protect medical imaging data’s overall security and privacy, users must implement proper access controls, authentication mechanisms, and secure storage practices.

DICOM encryption protects sensitive patient information and images from unauthorized access, cyber-attacks, or data security breaches. DICOM anonymization focuses on removing sensitive patient information to maintain privacy, while DICOM encryption involves encoding the DICOM data to safeguard its confidentiality and integrity during transmission or storage. Both processes protect sensitive medical data in different ways.

In 2021, Healthcare-related data breaches occurred in over 22.6 million patients, with the single most significant data breach reported affecting more than 3 million individuals. Only authorized personnel with the appropriate decryption keys can access the information when DICOM data is encrypted, ensuring patient privacy and confidentiality by preventing potential data breaches.

Anonymization is a process employed in medical image and data management to protect patient privacy by removing or altering personally identifiable information (PII). In the context of DICOM, anonymization focuses on eliminating explicit identifiers that directly link the data to an individual. Anonymization occurs through various techniques, such as de-identification, masking, and pseudonymization. Image masking is the process of finding the identifiers in the file and masking them. Methods of de-identification include blurring, pixelating, or blocking.

Additionally, anonymization techniques may employ generalization methods where data is intentionally generalized or aggregated, making it more challenging to link specific data points to a particular person, with the goal is to protect patient privacy and minimizing the risk of identification.

Anonymization aims to transform the data so that re-identifying individuals becomes highly unlikely or practically impossible. Anonymized DICOM data should not contain explicit information about the patient’s identity. However, anonymization alone may not provide absolute privacy, as there is always a potential risk of re-identification through other indirect means.

The Importance of Encrypting DICOM Objects

Most DICOM objects contain images and associated demographic and medical information about the patient, which needs to be kept confidential. Encryption is a method for maintaining these data confidential. Encryption is just one aspect of the bigger picture regarding data security. Policymakers around the globe have recognized that healthcare institutions are part of a society’s critical infrastructure that requires protection, including protection from cyber threats. Many national and local regulations require healthcare providers to encrypt private health information (PHI). Encryption is also a best practice for medical imaging data since it often contains PHI.

DICOM Encryption Methods

DICOM encryption can use advanced encryption algorithms, such as AES (Advanced Encryption Standard) or RSA (Rivest-Shamir-Adleman), to encrypt the DICOM data before it is transmitted or stored. The National Institute of Standards and Technology (NIST) adopted AES as a standard for government use around 20 years ago, and it is not the de facto standard worldwide by private industry.

  1. AES is the standard for encrypting DICOM data; it uses a symmetric encryption algorithm: the same key for encryption and decryption. It provides fast and efficient encryption and decryption operations, making it ideal for securing large amounts of data. AES is a widely adopted and secure encryption algorithm that supports different sizes, AES-128, AES-192, and AES-256, indicating the length of the encryption key in bits. The typical recommendation for more robust security is AES-256.

    Diagram showing how symmetric encryption works.
  2. RSA is an asymmetric encryption algorithm that uses public and private keys for encryption and decryption. RSA is for encrypting the symmetric key used in AES encryption, an approach called hybrid encryption. RSA is valid for securely sharing the AES key between different parties involved in DICOM data exchange. It is computationally expensive compared to symmetric encryption algorithms like AES and for encrypting smaller pieces of data, such as the AES key.

    Diagram showing how asymmetric encryption works.
Both AES and RSA can encrypt algorithms for DICOM data, but they serve different purposes within the context of DICOM.

AES is generally used for encrypting the actual DICOM data due to its efficiency and speed, while RSA is commonly for securely sharing the AES key between authorized parties. The combination of AES and RSA provides a robust and secure encryption solution for protecting DICOM data throughout storage and transmission. As a general rule, to create a secure random AES key, use a robust cryptographic number generator to develop a secret key of the desired length, such as AES-256.

DICOM Data Encryption implementation for Data at Rest, Data in Motion, and Data in Use

Encryption plays a significant role in protecting data at rest, in motion, and use. Data should always be encrypted when traversing external or internal networks, including encrypting all data before transport or using protected tunnels, such as HTTPS or SSL/TLS.

  1. Encrypt the DICOM data with the generated key, regardless of data encryption type.
  2. Store the encrypted DICOM data and metadata required to decrypt it. In the case of full-disk encryption using SSD or software-based LUKS encryption, all data on the disk is encrypted using a single encryption key. Encrypt all data on a disk at rest using full-disk encryption. FDE cannot protect data in motion or use because it can only protect data stored on a device.
  3. Implement a separate server for critical data in use. Encrypting files while data is in use is possible but highly impractical and resource-intensive. A diagnostic application’s ability to access data slows down when data is encrypted in motion or used within the same server. A separate secure server or critical clinical management storage is best practice and allows end-users to authenticate for access to encrypted files continuously. Complete at-rest encryption, including data encryption to restrict access to data from running computers, is possible to implement. However, it adds substantial overhead to meet clinician and diagnostician workflow expectations.
  4. Securely distribute or transmit the encrypted data over the internal and external network: If you need to transfer or share the encrypted DICOM data, ensure that it is securely transmitted using TLS protocols, such as DICOM over TLS or HTTPS for DICOM WEB. Enterprise imaging vendors should support data encryption in motion.
  5. Decrypt the data: To access the original DICOM data, the recipient must decrypt it using the same secret key used for encryption. Securely share the key with authorized parties only. Then, authorized users with corresponding decryption keys decrypt the encrypted metadata.
In addition to encryption, there is a way to comply with security requirements by removing, replacing, or anonymizing all the sensitive information from the metadata with de-identification or anonymization. Although they are different methods, there are use cases when they go hand in hand with encryption.

Dicom Systems Encryption and Anonymization of DICOM Data

Dicom Systems offers encryption for outgoing and incoming imaging traffic, ensuring data security during transmission and includes adhering to Supplement 31, which follows the Transport Layer Security (TLS) protocol standard for secure DICOM communication. The authentication process involves a secure handshake protocol that verifies the entities exchanging DICOM objects and HL7, such as images, orders, and diagnostic reports, in DICOM and HL7 formats.

Using the RSA encryption algorithm, Dicom Systems supports encryption keys with a robust strength of up to 4,096 bits. The setup for encryption does not incur any additional cost, as certificate management is within the Dicom Systems Unifier platform. Clients can create and manage their certificates, ensuring end-to-end encryption and allowing complete control over the certificate process. This approach empowers customers to maintain security and privacy measures by handling certificates independently, without relying on The Unifier server for certificate generation.

The Unifier platform natively supports LUKS Encryption and is the standard for Linux hard disk encryption. LUKS bulk-encrypts hard drive partitions to protect data even when the computer is not on. Once the computer is on and LUKS has decrypted the disk, the files are available to anyone with valid credentials. For hardware-based encryption, Unifier uses SSD self-encryption, which provides the highest level of protection by featuring Military-grade AES with 256-bit keys for heightened security.

We recommend full disk encryption in conjunction with other measures, such as file-based encryption, to protect files when the computer is on. The Unifier’s default implementation of LUKS is AES 128 with SHA256 hashing.

Dicom Encryption Available Ciphers:

More information about encryption standards is available at NEMA Standards.

Schedule a meeting with our team to learn more about the Unifier platform’s DICOM encryption and anonymization features or to discuss your enterprise imaging workflow needs.