Gary Kin Wai Tsui, Presenter: Nothing to Disclose

Kenneth Kwan-yee Wong PhD, Abstract Co-Author: Nothing to Disclose

Tao Chan MBChB,PhD, Abstract Co-Author: Nothing to Disclose

Based on the redundant patient details embedded in the USG images and in the DICOM header, our proposed method produced promising results in solving USG de-identification, USG image data integrity and USG tampering localization automatically, effectively and simultaneously.

The ease of medical data circulation, manipulation and replication introduce serious potential threats to medical data security, integrity, and confidentiality. With little knowledge of image manipulation, patient information can be revealed and medical images can be edited for different purposes from fine-tuning image contrasts to making fraudulent insurance claims. Such alterations may not be readily detectable even with clinical expertise. The aim of this method is to anonymize patient information, protect integrity of the medical image data and locate the tampered regions, if any, simultaneously on USG images.

144 ultrasound images were produced on different body parts of 3 different volunteers using multiple fictitious patient information and were digitally signed by our proposed method. We then apply possible editing effects such as blurring, contrast adjusting, and extra texts annotating to 107 digitally signed images. Our proposed method validated all digitally signed USG images and achieved 100% accuracy in both detecting and de-identifying all tampered images and non-tampered images.

We noticed that the burnt-in patient information are redundantly reproduced and can be located in the header of the DICOM image file. Making use of this redundancy, our proposed method starts by automatically locating the regions that contain patients’ burnt-in information (ie. Patient’s name and ID) on the USG images and label that as the embedding regions for digital signatures. After embedding, the region that originally has the patient details would now be obfuscated and the burnt-in patient details would not be visible. The digital signatures acting as a checksum of the other non-embedding regions or regions of interests allows tampering localization, which further strengthens the security of the USG image data.

Tsui, G, Wong, K, Chan, T, Automatic Ultrasound Image Authentication and Anonymization.  Radiological Society of North America 2011 Scientific Assembly and Annual Meeting, November 26 - December 2, 2011 ,Chicago IL. http://archive.rsna.org/2011/11007688.html