Security issues for mobile medical imaging

A primer

Asim Choudhri, Arindam R. Chatterjee, Ramin Javan, Martin G. Radvany, George Shih

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

The end-user of mobile device apps in the practice of clinical radiology should be aware of security measures that prevent unauthorized use of the device, including passcode policies, methods for dealing with failed login attempts, network manager–controllable passcode enforcement, and passcode enforcement for the protection of the mobile device itself. Protection of patient data must be in place that complies with the Health Insurance Portability and Accountability Act and U.S. Federal Information Processing Standards. Device security measures for data protection include methods for locally stored data encryption, hardware encryption, and the ability to locally and remotely clear data from the device. As these devices transfer information over both local wireless networks and public cell phone networks, wireless network security protocols, including wired equivalent privacy and Wi-Fi protected access, are important components in the chain of security. Specific virtual private network protocols, Secure Sockets Layer and related protocols (especially in the setting of hypertext transfer protocols), native apps, virtual desktops, and nonmedical commercial off-the-shelf apps require consideration in the transmission of medical data over both private and public networks. Enterprise security and management of both personal and enterprise mobile devices are discussed. Finally, specific standards for hardware and software platform security, including prevention of hardware tampering, protection from malicious software, and application authentication methods, are vital components in establishing a secure platform for the use of mobile devices in the medical field.

Original languageEnglish (US)
Pages (from-to)1814-1824
Number of pages11
JournalRadiographics
Volume35
Issue number6
DOIs
StatePublished - Oct 1 2015

Fingerprint

Diagnostic Imaging
Equipment and Supplies
Computer Security
Security Measures
Software
Hypermedia
Mobile Applications
Health Insurance Portability and Accountability Act
Cell Phones
Privacy
Automatic Data Processing
Radiology

All Science Journal Classification (ASJC) codes

  • Radiology Nuclear Medicine and imaging

Cite this

Choudhri, A., Chatterjee, A. R., Javan, R., Radvany, M. G., & Shih, G. (2015). Security issues for mobile medical imaging: A primer. Radiographics, 35(6), 1814-1824. https://doi.org/10.1148/rg.2015140039

Security issues for mobile medical imaging : A primer. / Choudhri, Asim; Chatterjee, Arindam R.; Javan, Ramin; Radvany, Martin G.; Shih, George.

In: Radiographics, Vol. 35, No. 6, 01.10.2015, p. 1814-1824.

Research output: Contribution to journalArticle

Choudhri, A, Chatterjee, AR, Javan, R, Radvany, MG & Shih, G 2015, 'Security issues for mobile medical imaging: A primer', Radiographics, vol. 35, no. 6, pp. 1814-1824. https://doi.org/10.1148/rg.2015140039
Choudhri A, Chatterjee AR, Javan R, Radvany MG, Shih G. Security issues for mobile medical imaging: A primer. Radiographics. 2015 Oct 1;35(6):1814-1824. https://doi.org/10.1148/rg.2015140039
Choudhri, Asim ; Chatterjee, Arindam R. ; Javan, Ramin ; Radvany, Martin G. ; Shih, George. / Security issues for mobile medical imaging : A primer. In: Radiographics. 2015 ; Vol. 35, No. 6. pp. 1814-1824.
@article{b989ae65d8cb4be28019ef480306309e,
title = "Security issues for mobile medical imaging: A primer",
abstract = "The end-user of mobile device apps in the practice of clinical radiology should be aware of security measures that prevent unauthorized use of the device, including passcode policies, methods for dealing with failed login attempts, network manager–controllable passcode enforcement, and passcode enforcement for the protection of the mobile device itself. Protection of patient data must be in place that complies with the Health Insurance Portability and Accountability Act and U.S. Federal Information Processing Standards. Device security measures for data protection include methods for locally stored data encryption, hardware encryption, and the ability to locally and remotely clear data from the device. As these devices transfer information over both local wireless networks and public cell phone networks, wireless network security protocols, including wired equivalent privacy and Wi-Fi protected access, are important components in the chain of security. Specific virtual private network protocols, Secure Sockets Layer and related protocols (especially in the setting of hypertext transfer protocols), native apps, virtual desktops, and nonmedical commercial off-the-shelf apps require consideration in the transmission of medical data over both private and public networks. Enterprise security and management of both personal and enterprise mobile devices are discussed. Finally, specific standards for hardware and software platform security, including prevention of hardware tampering, protection from malicious software, and application authentication methods, are vital components in establishing a secure platform for the use of mobile devices in the medical field.",
author = "Asim Choudhri and Chatterjee, {Arindam R.} and Ramin Javan and Radvany, {Martin G.} and George Shih",
year = "2015",
month = "10",
day = "1",
doi = "10.1148/rg.2015140039",
language = "English (US)",
volume = "35",
pages = "1814--1824",
journal = "Radiographics",
issn = "0271-5333",
publisher = "Radiological Society of North America Inc.",
number = "6",

}

TY - JOUR

T1 - Security issues for mobile medical imaging

T2 - A primer

AU - Choudhri, Asim

AU - Chatterjee, Arindam R.

AU - Javan, Ramin

AU - Radvany, Martin G.

AU - Shih, George

PY - 2015/10/1

Y1 - 2015/10/1

N2 - The end-user of mobile device apps in the practice of clinical radiology should be aware of security measures that prevent unauthorized use of the device, including passcode policies, methods for dealing with failed login attempts, network manager–controllable passcode enforcement, and passcode enforcement for the protection of the mobile device itself. Protection of patient data must be in place that complies with the Health Insurance Portability and Accountability Act and U.S. Federal Information Processing Standards. Device security measures for data protection include methods for locally stored data encryption, hardware encryption, and the ability to locally and remotely clear data from the device. As these devices transfer information over both local wireless networks and public cell phone networks, wireless network security protocols, including wired equivalent privacy and Wi-Fi protected access, are important components in the chain of security. Specific virtual private network protocols, Secure Sockets Layer and related protocols (especially in the setting of hypertext transfer protocols), native apps, virtual desktops, and nonmedical commercial off-the-shelf apps require consideration in the transmission of medical data over both private and public networks. Enterprise security and management of both personal and enterprise mobile devices are discussed. Finally, specific standards for hardware and software platform security, including prevention of hardware tampering, protection from malicious software, and application authentication methods, are vital components in establishing a secure platform for the use of mobile devices in the medical field.

AB - The end-user of mobile device apps in the practice of clinical radiology should be aware of security measures that prevent unauthorized use of the device, including passcode policies, methods for dealing with failed login attempts, network manager–controllable passcode enforcement, and passcode enforcement for the protection of the mobile device itself. Protection of patient data must be in place that complies with the Health Insurance Portability and Accountability Act and U.S. Federal Information Processing Standards. Device security measures for data protection include methods for locally stored data encryption, hardware encryption, and the ability to locally and remotely clear data from the device. As these devices transfer information over both local wireless networks and public cell phone networks, wireless network security protocols, including wired equivalent privacy and Wi-Fi protected access, are important components in the chain of security. Specific virtual private network protocols, Secure Sockets Layer and related protocols (especially in the setting of hypertext transfer protocols), native apps, virtual desktops, and nonmedical commercial off-the-shelf apps require consideration in the transmission of medical data over both private and public networks. Enterprise security and management of both personal and enterprise mobile devices are discussed. Finally, specific standards for hardware and software platform security, including prevention of hardware tampering, protection from malicious software, and application authentication methods, are vital components in establishing a secure platform for the use of mobile devices in the medical field.

UR - http://www.scopus.com/inward/record.url?scp=84944315700&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944315700&partnerID=8YFLogxK

U2 - 10.1148/rg.2015140039

DO - 10.1148/rg.2015140039

M3 - Article

VL - 35

SP - 1814

EP - 1824

JO - Radiographics

JF - Radiographics

SN - 0271-5333

IS - 6

ER -