In clinical trials, patient privacy is of utmost importance. The information collected during clinical trials is sensitive and must be protected to maintain the trust of study participants and to comply with regulations. One way to protect patient privacy is through de-identification of data, including medical images in the Digital Imaging and Communications in Medicine (DICOM) format. In this blog post, we will explore why DICOM de-identification is important, the regulations governing de-identification, and how de-identification is performed in SliceVault.
Why is de-identification important?
De-identification is important because it ensures that patient privacy is protected. DICOM images contain sensitive information such as patient name, date of birth, and medical history. Without proper de-identification, this information can be accessed by unauthorized individuals, potentially causing harm to the patient or compromising the integrity of the clinical trial.
De-identification also plays an essential role in data sharing. Many clinical trials require the sharing of data with other researchers or institutions. De-identified data can be shared more easily, as it does not contain personally identifiable information that would require a patient’s consent to be shared.
What regulates the collection of personal health information (PHI)?
The Health Insurance Portability and Accountability Act (HIPAA) is a regulation that governs the de-identification of subjects. HIPAA is a federal law that regulates the use and disclosure of protected health information (PHI). PHI includes any information that can be used to identify an individual, such as name, address, and social security number.
HIPAA defines two methods of de-identification: the safe harbor method and the expert determination method. The safe harbor method involves removing 18 specific identifiers, such as name, address, and date of birth, from the data. The expert determination method involves using a statistical or scientific method to determine the risk that the data could be used to identify an individual.
What is PHI?
PHI is defined as "individually identifiable health information” i.e., information that can be used to directly or indirectly identify an individual in relation to the individual’s past, present or future health condition and the provision of health care to the individual. Common types of PHI include: patient name, address, birth date, social security number, medical and laboratory reports, physician name, hospital name, and date of examination.
DICOM de-identification in SliceVault
SliceVault is a cloud-based platform for managing DICOM images in clinical trials. SliceVault has built-in tools for de-identifying DICOM images, ensuring that patient privacy is protected.
De-identification in SliceVault is performed using the safe harbor method. The following 18 identifiers are removed from the DICOM images:
Patient name
Patient ID
Patient birth date
Patient sex
Patient address
Patient telephone number
Patient email address
Social security number
Medical record number
Health plan beneficiary number
Account number
Certificate or license number
Vehicle identifier and serial number
Device identifier and serial number
Web URL
Internet protocol address
Biometric identifiers, including fingerprints and voiceprints
Full-face photographic images and any comparable images
In addition to removing these identifiers, SliceVault also replaces the original patient ID with a randomized, unique identifier. This ensures that the data can still be tracked and analyzed without revealing the patient’s identity.
Fully automated de-identification process
Image de-identification in SliceVault is a fully automated process consisting of the following steps:
1. Redaction of PHI in DICOM tags
2. Optical character recognition of burned in annotations
3. Formal determination by qualified expert
All steps of the de-identification process are executed locally, by means of a de-identification script provided by SliceVault that runs locally in the submitting investigator's internet browser. Local de-identification means no images containing PHI leaves the investigator site's closed network. Only after successful completion of the de-identification process, the de-identified images get transferred via secure communication to the SliceVault’ servers.
Conclusion
De-identification is an important aspect of protecting patient privacy in clinical trials. HIPAA provides regulations for de-identification, and SliceVault offers tools for de-identifying DICOM images in compliance with HIPAA regulations. By ensuring that patient privacy is protected, de-identification allows clinical trial data to be shared and analyzed more easily, leading to more effective treatments and better patient outcomes.