-
Hospital IT requirement to upload DICOM images to AI (Artificial Intelligence) cloud
Hi Group members,
Can anyone help me to provide a list of Hospital IT security requirement to upload DICOM images to AI (Artificial Intelligence) Cloud Application.
Here is few of my item in the list
1. Anonymize the Tags(HIPPA)
2. Encryption
3. Compress the DICOM image.
4. User authentication
Can anyone has a better list. If so please share.
Thank you.
regards,
JF -
3 Replies
-
You should probably have some kind of architecture review and determine what the requirements are for the software. You dont necessarily need to anonymize data. But look at the machinist for uploading. Is it a gateway type of software. Does it encrypt data, what kind of encryption. Does is use SSL TLS1.2 etc. Do you have a BAA in place? How does the cloud keep your data secure and siloed from other data. Is the dat encrypted in the cloud. Can the cave for provide SOC2
-
Yes, we are uploading the images to the DICOM gateway and its supports both SSL/TLS and we are finalizing the BAA. The cloud platform is AWS. Since we have anonymized the data and its for temporary storage, not concerned about mixing the data with other data. The Application vendor provide a hitrust compliance certificate.
Thank you.-
I generally think that would slide through infosec approval if it’s anonymized data using SSL outbound. Think you still want something like a SOC2.
-
-
