- AI
- Molecular Imaging
- CT
- X-Ray
- Ultrasound
- MRI
- Facility Management
- Mammography
Security transcends devices and IT
Security is not something that you buy and install, according to Dr. Paul Chang, director of radiology informatics at the University of Pittsburgh Medical Center. A proper security model transcends devices and technology. It requires a reengineering of user behavior, attitude, and philosophy.
Security is not something that you buy and install, according to Dr. Paul Chang, director of radiology informatics at the University of Pittsburgh Medical Center. A proper security model transcends devices and technology. It requires a reengineering of user behavior, attitude, and philosophy.
Chang had been introduced at the Society for Computer Applications in Radiology's membership luncheon as the latest SCAR Fellow. He treated students at a SCAR University session to one of his favorite security rants.
"Healthcare users are under the misconception that security is an IT problem," he said.
The Health Insurance Portability and Accountability Act has made security one of healthcare's hottest topics.
"It's one thing to lose a paper chart, but it's another to expose your medical records to the outside world," Chang said.
Attacking a hospital is probably low on a hacker's priority list, he said. The threat is more likely to emanate from inside, from disgruntled or reckless employees, or from physically insecure facilities. Whatever the source, the consequences are significant if security is breached.
Hospitals tend to house data centers and network server closets wherever there is room.
"Is your data center located below the laundry?" Chang said.
He suggested that it takes only one burst pipe to knock the center offline. Peripheral closets that have inadequate air conditioning and ventilation invite overheating and subsequent meltdown.
Securing the network requires more than installation of a firewall, which must continually be evaluated. Firewalls are just computers that need to be updated, he said.
Chang advised aggressively monitoring backdoor access to the network, including such innocuous portals as PACS and scanners.
"Modems are a no-no, and don't let the vendor slip a backdoor in under the guise of service access," Chang said. "Make them go through IT and get a virtual private network account like everyone else."
Users can find security help from Carnegie Mellon's Computer Security Response Team (CERT), or Microsoft's Windows Security Hardening Guide, both accessible online.
Ultimately, however, users are on their own.
"Security requires cultural reengineering of user behavior, and that can be more challenging than the technology itself," Chang said.
Volumetric navigation tackles image overload but introduces new challenges
June 6th 2005While the rapid transition to multislice CT overloads radiologists with images, the typical workflow strategy used to cope with image overload is unsatisfactory, according to a SCAR University session. A volumetric navigation approach addresses this problem, but not without problems of its own.
Lively vendor panel concludes marathon digital mammography forum
June 6th 2005The final 30 minutes of SCAR’s marathon five-hour digital breast imaging forum on Saturday afternoon was allotted to a manufacturers’ panel discussion. Representatives from more than 15 manufacturers fielded questions from the audience.
