Secure and Interoperable Teleradiology Solutions based on

Open Source Standards

Secure and Interoperable Teleradiology Solutions based on

Open Source Standards

Peter Mildenberger

Johannes Gutenberg-University Hospital, Mainz, Germany

• TeleconsultationTeleconsultation

• TeleradiologyTeleradiology• for central reference centerfor central reference center

• regional TR-Projects in Southern Germanyregional TR-Projects in Southern Germany

• Research cooperationResearch cooperation•VICORA Project, with 9 Universities, one Dep. for VICORA Project, with 9 Universities, one Dep. for Medical Informatics, two industrial partnersMedical Informatics, two industrial partners

Use CasesUse Cases

• Establishment of secure datalinks with various and independant external partners.

• Exchange of selected medical data by using standards.

• Integration into the existing IT-infrastructure.

• Easy to use and maintain, respecting legal requirements and privacy

GoalsGoals

Motivation for StandardizationMotivation for Standardization

IT-Working Group (@GIT) of the DRG IT-Working Group (@GIT) of the DRG

PGP/MIMEPGP/MIME

• DICOM - email (Suppl. 54)DICOM - email (Suppl. 54)

OpenPGP-compatibleOpenPGP-compatible

encryption encryption with compressionwith compression

• DICOM-Object /DICOM-Object /

• any file formatany file format

Format of Datatransfer Format of Datatransfer

Ideas• Mechanism to ensure complete

transmission of all images (date, messages…) on the recipient site

• Also mechanism to ensure complete transmission for the sender (by receipt from recipient)

• Authentification and integrity of messages (signature)

• Supporting MIME Standards[1], esp. Multipart Mail, Message Partial und der Verwendung von X-Tags [1] incl. RFC2045/46 (MIME Part 1&2), RFC3156 (MIME Security with OpenPGP)

Ideas• Supporting secure variants of POP, IMAP…

(optional, may become legal requirement in Germany)

• Encryption according OpenPGP using only the „MUST“-criteria, (ZIP as optional)

• Digitale Signatur (PGP / MIME)– PGP/ GnuPG for Encryption and Signature

acc.to RFC 3156 und RFC 1847 both ways are recommended:

– Encryption and signature in one step (combined method, RFC 3156, Kapitel 6.2)

– Data with seperated signature acc RFC 1847 PGP kompatibel encrypted (encapsulation, RFC 3156, Kap.6.1).

Internet

SecTelMed Mailserver

SMTP/S

Outlook/ PGP

Chili o.a.Mailserver

POP3/S(IMAP4/S)

SMTP/S

POP3/S & (IMAP4/S)

SMTP/S

POP3/S(IMAP4/S)

Clinic A

POP3/S(IMAP4/S)

SMTP/SSMTP/S

POP3/S(IMAP4/S)

Clinic B

Clinic CSMTP/S

Provider

Mailserver

Telemedicine via e-mailTelemedicine via e-mail

POP3/S &(IMAP4/S)

Members of the Telemedicine-InitiativeMembers of the Telemedicine-Initiative

Ärztliche Stelle Hessen

AGFA

Charité Berlin

Chili

ConVis

Curagita AG

DKFZ

FH Würzburg-Schweinfurt

GI Gesundheitsinformatik

Gesundheitsnetz-RND

Image Devices

Medical Communications

OFFIS

Steinhart Medizinsysteme

University Mainz

University Freiburg

University Mannheim

@GIT Initiative Online@GIT Initiative Online

Thank you for your attention!

More information:

www.tele-x-standard.deInfo@tele-x-standard.de

Peter.Mildenberger@web.de