What Is Enterprise Imaging?

Enterprise imaging is a set of strategies, initiatives, and workflows implemented across a healthcare enterprise to consistently and optimally capture, index, manage, store, distribute, view, exchange, and analyze all clinical imaging and multimedia content to enhance the electronic health record. For some audiences, “enterprise imaging” refers to consolidating various hospitals’ or imaging centers’ radiology departments into a unified imaging system, aiding in image transmission for interpretation. Others see it as integrating medical images into a centralized archive often linked with the electronic medical record (EMR).

Enterprise imaging, in its broader framework, occurs through a single archive. Medical images include standard DICOM images from traditional imaging modalities, such as CT or MRI, as well as visible light images, such as photographs, images from arthroscopes and endoscopes, fundal examinations, and any examination in which the data are displayed as an image and not as text, a graph, or a diagram. All of these images are a part of the comprehensive longitudinal medical record. Incorporating images into the EMR/EHR supports the concept of the EMR as a single source of truth about the patient’s medical care.1

Evolution of Enterprise Imaging

Healthcare image management has evolved for the better due to many technological advances that continue today. For some time, the medical sector has been pivoting away from traditional picture archiving and communications systems (PACS, now known as MIMPS) and cardiovascular information systems (CVS) in favor of enterprise imaging and data management systems. The advent of vendor-neutral archive technology (VNA) and its accelerated adoption over the past decade is an essential aspect of enterprise imaging.

Dentistry, Pathology, Breast Health, Dermatology, Gastrointestinal (GI), Endoscopy, and other departments within healthcare organizations produce images in the visible light spectrum. However, in some healthcare enterprises, these images are not readily available through the EHR, and frequently, departments cannot securely archive them digitally. In contrast, in healthcare enterprises that have adopted VNAs, the availability of images through a single login has been shown to help improve the quality of interpretation by clinicians, reduce the number of duplicate exams, and improve overall efficiency.

Today, enterprise imaging is the conglomeration of multiple hospitals or radiology departments into a single imaging system that allows routing images to interpret examinations. It is also defined as incorporating all medical images into a single archive, frequently integrated into the EMR. While these two practices are different, they are not mutually exclusive. The field will continue to evolve, and the practices will converge. Rather than a productivity tool primarily used by radiologists, enterprise imaging has the potential to become a platform of communication for the medical community.

Healthcare’s reimbursement model is changing, as is the role of radiologists. Other departments are incorporating radiology equipment into their own practice. The adoption of an enterprise approach to imaging technology instead of a narrow focus on radiology will encourage internal collaboration to face external pressures. Care coordination requires the exchange of clinical care among providers. The ordering of imaging data, reduction of costs, and increase in efficiency help improve patient outcomes.

Enterprise Imaging for Clinicians

Enterprise imaging has different connotations for different specialists. Traditionally each department had a specialty PACS/MIMPS, but now these disparate systems are connected in a single electronic patient medical record. Today, the medical image records of Cardiology, Oncology, and Pediatrics are located in Radiology as data exchanges between different vendors’ software. The popularization of VNAs has expedited connectivity across healthcare enterprises. Similar to how the Internet suddenly enabled connectivity between millions of people worldwide, despite different operating systems, time zones, and continents.

Vendor-neutral connectivity is not the only advantage for clinicians. Automating complex imaging workflows, including uploading and delivering images from remote locations, substantially boosts efficiency. Enterprise mobile imaging, ensuring timely access to clinical resources and patient summaries at the point of care, is also a significant improvement. Mobile medical imaging capabilities allow clinicians to quickly capture and integrate visible light images and videos with corresponding notes to patient health records. Another substantial enhancement for clinicians in the age of enterprise imaging is the availability of cognitive intelligence and analytics. Some enterprise imaging solutions have built-in analytics engines that extract crucial health information from complex data sources. They can also identify high-risk patients and provide intervention via understanding unstructured clinical notes in appropriate contexts.

From a compliance perspective, well-implemented enterprise imaging platforms are able to securely store and distribute clinical contents in standardized healthcare data formats, while supporting the gamut of clinical specialties. These platforms can also reduce storage costs and provide tools for information life cycle management while offering business continuity solutions and disaster recovery options in the event of catastrophes. Overall, an enterprise imaging platform that is suitably furnished with clinical collaboration and synchronization tools can facilitate substantial leaps forward in efforts towards care personalization and patient-centric service.

Enterprise Imaging for IT Professionals

Healthcare costs continue to rise for the average American, as do patient expectations related to the convenience of care. A Kelton Global survey found that 94% of patients believed that their medical data and records should be centrally stored and electronically accessible. Patients are used to having their financial details at their fingertips and are often dissatisfied when their health records are not easily accessible.

Building and implementing a successful enterprise imaging platform represents a significant undertaking for an institution.

IT professionals working in a healthcare enterprise are the champions of enterprise imaging. By promoting enterprise imaging, you can help your organization realize the following benefits:

  • A patient-centric view of all clinical information on a patient, including images, accessible from the point of care, enables the care provider to make better and quicker clinical decisions. The patient can more easily be kept up to date on their condition and treatment.
  • The availability of imaging data in the electronic health record (and its accessibility by imaging analytics and AI applications) has positive repercussions for macro-level preventative efforts: by managing health population-wide.
  • There are also financial savings that can be achieved as a result of consolidating imaging data into a smaller number of repositories, even with the initial investment required to purchase a new system. Centralized data management cuts maintenance costs significantly, reducing or entirely eliminating the necessity of data migrations.

Enterprise Imaging Challenges

Enterprise healthcare providers use medical images to help diagnose diseases, document abnormalities or interventions and guide patient treatment. As a point of reference, nearly 40 million MRI scans are performed annually in the United States. In addition to MRI scans, medical imaging includes CT scans, PET scans, ultrasounds, x-rays, arthrograms, myelograms, and several types of mammography. Together, these images help to tell the story of each patient’s clinical journey. Unfortunately, most images are not visible to the team of doctors, nurses, therapists, technologists, and other clinicians caring for a patient for several reasons, including a lack of systems and workflows to acquire, upload, and view images. Historically, radiology and cardiology services have created automated workflows for image acquisition and information systems for image distribution. However, other specialties do not adopt these practices at the same rate.

As images have become more critical, hospitals have needed help to store, display effectively, and distribute them throughout the enterprise. Inefficient workflows and incomplete solutions often pose additional enterprise imaging challenges.

Imaging Workflow Challenges

Every imaging study begins and ends with a workflow. An imaging workflow is the sequence of steps required for the image to be ordered, requested, read, evaluated, and stored. By analyzing clinical and informatics workflow challenges, enterprise imaging companies can identify potential solutions and opportunities for improved workflow and, ultimately, better patient care. Workflow challenges are usually caused by one or more of the categories below:

  • Workflow Adaptations
  • Patient Identification
  • Information Needed in an Image
  • Reporting
  • Metadata Data Normalization
  • Legal and Regulatory Concerns
  • Mobile Device Integration
  • Storage
  • Cloud vs. On-Prem Infrastructure
  • AI Integration

While each medical specialty acquires and uses images differently, most begin with an order placed by a referring physician. Once the order is placed, it is transferred to the Radiology Information System (RIS). The RIS uses the information contained within the order to create a worklist for the imaging modality. Technologists select the patient from the worklist, ensuring that all demographic and order information is correct. After the images are obtained, they are sent to PACS/MIMPS for storage and viewing. Even though this workflow is fairly simple, it is not standard. There are numerous variations to the workflow, depending on the ordering physician and their specialty, the differential diagnosis, the time and location of the clinician’s evaluation, and many other factors.

Hospitals have taken one of two approaches to accommodate the numerous variations of workflows. They either use an order-based workflowor the encounter to drive the workflow. In an order-based workflow, the physician order initiates an automated workflow which includes the unique study identifier and a PACS worklist of patient studies that require review. If an order for imaging is not needed by other specialties, an encounter to drive workflow method is used which creates a unique study identifier and patient worklist. Encounter-based imaging is defined as medical imaging that is intentionally performed during a patient encounter without an associated imaging order. Images are generally acquired at the discretion of the provider.

Healthcare organizations can also experience workflow challenges related to: patient identification, information needed in an image, reporting, metadata, legal concerns, and mobile devices.

Enterprise Imaging and Patient Data Security

One of the most pressing health IT concerns in the industry is patient data security and keeping patient information protected. Healthcare providers represent significant targets for cyber attackers. Digital security threats are constantly emerging from unexpected avenues. One potential downside of an enterprise imaging solution is that a centralized network, while offering substantial efficiency gains and savings on storage solutions, is more vulnerable to cybersecurity threats than networks acting individually. Cyber attacks can quickly spread malware and compromise vital operations. Security must be taken seriously by any enterprise that implements an integrated care delivery network. If a hacker is able to penetrate a network to interfere with a medical imaging acquisition device, its safe operation can be jeopardized, which in turn endangers patient safety. Organizational cybersecurity requires a unified effort from departmental staff and the rest of the enterprise. In a 2014 statement, IBM identified ‘human error’ as a contributing factor in over 95% of all cybersecurity incidents.

According to The HIPAA Journal, 2023 was the worst-ever year for breached healthcare records. The number of records breached increased by 156% from 2022 to 133,068,542, beating the previous record of 113 million records set in 2015. In 2023, an average of 373,788 healthcare records were breached every day.

Cyber resiliency is the capacity of an organization to detect, protect, respond to, and recover from a cyber attack with minimal impact. In response to the increased threats and attacks, today’s image management infrastructure offers new capabilities to ensure that the data residing in PACS/VNA/EI archives is being done securely and that proper cyber resiliency tools are in place to not only secure the data but to preserve users’ access to it.

10 essential steps to proactively protect an enterprise imaging environment

Securing enterprise imaging environments has become crucial to prevent cyber attacks and safeguard sensitive medical data. Here are ten essential steps for protecting an enterprise imaging environment proactively.

  1. Minimize network exposure for all control system devices and/or systems, and ensure they are NOT accessible from the Internet. DICOM is not a secure protocol.
  2. Locate control system networks and remote devices behind firewalls and isolate them from business and other end-user networks.
  3. Use DICOM over TLS as it is highly desirable and recommended.
  4. Ensure a valid certificate is loaded on the server for DICOM over TLS and HTTPS traffic. It can be signed by a local CA authority but must be valid. Encryption ciphers need to be verified and complied with the latest version. The cipher suite has been whittled down substantially for TLS 1.3, to the point where there are five recommended cipher suites:
    • TLS_AES_256_GCM_SHA384
    • TLS_CHACHA20_POLY1305_SHA256
    • TLS_AES_128_GCM_SHA256
    • TLS_AES_128_CCM_8_SHA256
    • TLS_AES_128_CCM_SHA256
  5. If secure transmission over TLS is not available and remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities of their own and should be routinely updated to the most current version available. Also recognize VPN is only as secure as the devices connected within its boundaries.
  6. Only allow access to devices you are communicating with and make sure promiscuous access is disabled. Imaging device vendors can only allow DICOM traffic from/to specific devices.
  7. Don’t run programs as root. Run programs as a user with restricted access.
  8. Make sure permissions are set to restrict access to specific files for users running the application. The rest should have no access.
  9. Introduce chroot access. A program that is in a modified environment and cannot name (and therefore normally cannot access) files outside the designated directory tree. The term “chroot” may refer to the chroot(2) system call or the chroot(8) wrapper program. The modified environment is called a chroot jail. Containers are chroots on steroids.
  10. No remote access for admin users (root) and Active Directory or single sign-on authentication for regular users for remote access.

Preventing cybersecurity risks involves a delicate, closely monitored, system of people, processes, and technologies. IT departments must work closely with imaging service lines to develop operational plans and strategies that are practical and robust. Imaging staff must be kept aware of best practices and cybersecurity threats. Healthcare organizations are now looking at Artificial Intelligence (AI) to rise to the challenge to help ransomware victims fight back.

Enterprise Imaging Data Standards

Another challenge in enterprise imaging is the use of different data standards for medical imaging as opposed to non-imaged data. Perhaps the most well-known standard is Digital Imaging and Communications in Medicine (DICOM), which was specially developed by the American College of Radiologists (ACR) and the National Electrical Manufacturers Association (NEMA). The DICOM standard applies to imaging equipment, printers, and PACS/MIMPS. This format focuses on the workflow of images, as well as provides protocols for the integration of image data. It also allows functions like film printing or CD burning. Data standards are critical for enabling the seamless and secure sharing of medical images and related data across different systems and devices, which is essential for modern enterprise imaging environments. By providing a consistent format for medical images and related data, regardless of the equipment or software used, the DICOM standard enables reliable interpretation and comparison of medical images over time, which is essential for accurate diagnosis and treatment.

Enterprise Imaging, HIPAA, and De-Identification

Patient privacy is another challenge for enterprise imaging. Per federal law, all patient data must be protected and HIPAA-compliant. However, one of the main advantages of enterprise imaging is the possibility of sharing significant data banks with other enterprises for medical research, AI training, and similar projects. It is essential that, whenever data sharing is offered, identifying information is stripped away to protect individuals’ medical data. De-identification is the most common method of performing this information removal for DICOM data in Cross-Enterprise Document Sharing (also known as XDS-I). DICOM files consist of the image and the header, which contain meta-elements containing patient information, as well as institution and study data. The patient name and number must be obscured to prevent the patient from being identified. Hence, de-identification. De-identification in healthcare removes all direct identifiers from patient data and allows organizations to share it without the potential of violating HIPAA. Direct identifiers, known as Protected Health Information, can include a patient’s name, address, and medical record information, and convey a patient’s physical or mental health condition, any healthcare services rendered to that individual, as well as financial data related to healthcare. For example, medical records, hospital bills, and lab results are all PHI.

De-identification in the healthcare industry has multiple uses cases, including:
  • Sharing health information with non-privileged parties
  • Creating datasets from multiple sources and analyzing them
  • Anonymizing data so that it can be used in machine-learning models
  • Providing public health warnings without revealing PHI
  • A company that licenses de-identified patient data to analyze trends and patterns that help verify efficacy or buying trends.

De-identification preserves patient confidentiality without affecting the values and the information for different research purposes and protects specific health information that could identify living or deceased individuals.

There are two main approaches to de-identification: anonymization and pseudonymization. Anonymization is a process employed in medical image and data management to protect patient privacy by removing or altering personally identifiable information (PII). In the context of DICOM, anonymization focuses on eliminating explicit identifiers that directly link the data to an individual. Anonymization occurs through various techniques, such as de-identification, masking, and pseudonymization. Image masking is the process of finding the identifiers in the file and masking them. Methods of de-identification include blurring, pixelating, or blocking.

HL7 Interoperability in Enterprise Imaging

Interoperability is central to the seamless exchange of medical images and related data within enterprise imaging systems, ensuring that diverse modalities and departments can communicate effectively. Health Level Seven (HL7) is a format seeking wider acceptance, intended for the general use of electronic health information in hospitals. This format manages non-imaging data and provides protocols for exchanging, managing, and integrating clinical and administrative electronic health data. It allows interoperability between different systems, including patient administration, laboratory information systems, billing systems, electronic medical records, and health record systems.

Looking Ahead: Trends Shaping the Future of Enterprise Imaging

The field of enterprise imaging has great potential but also challenges to surmount. It took the U.S. healthcare industry almost a decade to adjust after its investment in enterprise EHR. What’s more, the changing legislative environment and consolidations of hospital infrastructure have quenched enthusiasm for pursuing the kind of complex implementations enterprise imaging needs. Generally, specific departments and care areas are more enthusiastic about converting to enterprise imaging than others. Radiology is one of them, but Dermatology, non-invasive Cardiology, and standard Mammography are also typically receptive to the shift. Dental radiology is a strong candidate for enterprise imaging, particularly for advanced dental imaging and multi-location clinics. Departments with which progress for adopting enterprise imaging is generally less keen include core Pathology, Genomics, multimedia Endoscopy, and Oncology. The reasons vary but may involve a lack of leadership, a reliance on a committee or cross-department decision-making, adherence to a broader contract involving non-software equipment and services, or a desire to use a dedicated best-of-breed functionality in a specific care area.

The long-term impact of enterprise imaging will be substantial and measurable. From small community hospitals to large institutions, enterprise imaging is essential to information technology infrastructure that can promote interoperability between different sites. Communication within the hospital and beyond via image sharing and other means is made more accessible along different points of the care continuum. As a result of healthcare increasingly being absorbed into the Cloud, data migrations will no longer be necessary. This will reduce the image management role of healthcare IT vendors and place more power in the hands of the providers. Vendor-neutral data will allow providers to innovate and adopt scalable and interoperable solutions, ultimately leading to better patient care with faster diagnosis and imaging orders.

AI In Enterprise Imaging

One innovation in enterprise imaging is the ability to facilitate the ‘on-ramp’ of artificial intelligence for diagnostics. AI allows radiologists to foresee a future in which machines enhance patient outcomes and reduce misdiagnosis. AI algorithms can assist organizations with workflow improvements. AI tools can reduce the workload of radiologists by automating repetitive tasks, which means they can focus more on complex cases. As more departments and enterprises consolidate their image management into enterprise imaging health systems, AI developers’ ability to source the terabytes of deidentified images necessary to train their machine learning diagnostician algorithms will increase. AI can improve workflow efficiency by automating repetitive tasks such as image tagging and analysis. In a split second, machines’ ability to assess a mammogram, MRI, or other medical scan and accurately (more accurately than any human diagnostician) diagnose a patient will represent a significant leap forward in the efficiency of medicine.

Ten Rules for Successful Clinical AI Adoption

Introducing AI into any environment, mainly enterprise imaging workflows, can be challenging. A thorough understanding of patient data flow is crucial before deployment to improve patient throughput and eliminate latency or bottlenecks. To effectively and accurately deploy an AI app or algorithm in a clinical setting, here are ten rules for successful adoption for reference.

  1. Be clinically relevant.
  2. Know the Clinician’s perspective.
  3. Respect the Clinician’s workflow preferences.
  4. Be natively interoperable: use industry standards.
  5. Neutralize bias in machine learning methodology.
  6. Have a viable long-term business model.
  7. Don’t introduce latency in clinical workflows.
  8. Be more accurate than a human.
  9. Generate and distribute usable results.
  10. Be equally deployable on-prem and in the cloud.

Cloud Computing Solutions for VNA

A Vendor Neutral Archive (VNA) greatly benefits healthcare systems. The ability to switch PACS/MIMPS vendors regardless of image data migration/conversion is highly significant. A cloud-based archive can remove one of the biggest impediments to implementing a VNA: how to store all that data? The demand for the use of the cloud in image management deployments is growing. Solution providers are now offering Cloud-hosted, hybrid-cloud, and cloud-adjacent solutions, and the benefits include on-demand scalability and as-a-service cost models—data migrations within a cloud offer lower operational and maintenance costs for data storage. Additional benefits include scalability and the capability to homogenize data from disparate systems. Data stored on a cloud is much more affordable to recover in a disaster. Furthermore, many solutions expand a client’s current PACS/MIMPS capabilities and longevity. In addition, these solutions de-identify personal and healthcare information contained in DICOM metadata and pixels helping protect patients’ confidentiality and offering greater research possibilities.

Want to learn more about the Dicom Systems Unifier platform? Meet with one of our enterprise imaging workflow experts.


1 Petersilge CA. The Evolution of Enterprise Imaging and the Role of the Radiologist in the New World. AJR Am J Roentgenol. 2017 Oct;209(4):845-848.