IT Matters: time to tackle the toughest part of enterprise imaging

November 24, 2016
By Michael J. Gray

The concept of enterprise imaging can cover a considerable amount of ground, depending on who is doing the talking. In my experience, “enterprise imaging” can mean any of the following:

Providing physicians and other caregivers access to the images being managed by their radiology, and possibly cardiology PACS through their smartphones and tablets. This is what many PACS vendors mean by the term enterprise imaging.

Consolidating most of the organization’s medical image data (in addition to radiology and cardiology) in a vendor-neutral archive. This is the VNA vendors’ concept of enterprise imaging.
Image-enabling the organization’s electronic medical record system. This is what the independent clinical viewer vendors mean by enterprise imaging.
Enterprise imaging can also refer to the introduction of more standardized digital imaging processes into the many other departments that create images for either diagnostic, procedural or evidentiary purposes.
Providing PACS-like functionality to imaging departments other than radiology and cardiology. I refer to these other imaging departments as the “ologies” and the “oscopies.” Facilitating the exchange of medical images with affiliated (outside) health care organizations, clinics or physician groups.
Capturing, managing and displaying clinically relevant, digital photos and video clips taken with mobile devices (personal smartphones and tablets), often referred to as multi-media or mobile imaging.

In my opinion, focusing on any one of the above six categories is shortsighted, as all of the above will eventually become the objective, assuming the ultimate goal of the health care organization is to provide all physicians and caregivers access to each patient’s complete longitudinal medical record. This would include the patient’s medical images (structured data); diagnostic reports, laboratory results, prescription details and care summaries (unstructured data); and the multitude of health details collected during years of office visits, such as age, weight, smoking status, etc. (discrete data).

Now is the time to tackle multimedia or mobile imaging, despite the fact that it is arguably the toughest part of our expanded concept of enterprise imaging. The urgency is driven by the fact that it is already underway, and the consequences of inaction can be far more expensive than the cost of the necessary technology.

Data security is the major concern. In the old days of film-based radiology imaging, it was not an uncommon practice to sequester borrowed original films in lockers, desk drawers, car trunks and briefcases. Ironically this was considered more of an obstacle to sharing those films than a HIPAA violation. In the era of computer-based digital image management, data security is considered a much more serious issue.

Before the advent of the smart-phone and tablet, it was relatively easy to secure image data and its associated protected health information by locking down the computers on the hospital network that were capable of accessing the department PACS and its radiology and cardiology images, and being somewhat careful about logins/passwords and timeouts.

For most of the other “ology” and “oscopy” departments and clinics that actually created and used clinical or diagnostic images there was no PACS, so security was somewhat simplified because their paper-based images or videotapes were rarely loaned and easily secured in the department files.

With the advent of the smartphone and tablet, the clinicians eventually succeeded in pressuring the IT department to approve the use of their personal devices to install thin client applications that would allow them to download images from the local PACS through the PACS zero or near-zero clinical viewing applications. Unfortunately, these same personal devices were also digital cameras, and so began the era of multimedia or mobile imaging. Today, still frame and video digital cameras, smartphones and tablets can be used throughout the health care organization to create a broad range of diagnostic, procedural or evidentiary images. Consequently, many departments and clinics can now easily become digital “imaging” departments. Dermatology, surgery, intensive care, anatomic pathology, the burn unit, the emergency department are but a few examples.

A PC can become the department’s “PACS archive," and assuming a degree of effort is made to establish and manage its network connections, as well as an active directory to manage user logins and passwords, a reasonable level of security can be achieved. Better yet, all of these departments and clinics could pass off the technical support and security issues to IT by arguing that these new imaging sets should be stored in a suitable PACS or the vendor neutral archive.

Unfortunately, in many health care organizations, a more standardized and formal approach to managing and providing security for this type of image data is frequently postponed or overlooked. The more serious problem is the practice of informal imaging, or as I refer to it, the “one-man imaging department.” In this use case, individuals are using their personal devices to capture clinical images and associated patient identifying information that is then kept on that device, or transferred to a thumb drive, back-up storage device, laptop or desktop computer, devices that are not behind a firewall or protected by any security measures besides a personal login.

Limiting the use of mobile imaging to specific user groups or mandating an enterprise-wide ban on mobile imaging are probably not viable solutions. Governance has frequently proven to be an ineffective solution to the one-man imaging department, just as governance was not an effective solution for keeping films out of the lockers and car trunks. This is why I believe that now is the time to tackle this tricky and troublesome part of enterprise imaging. What we have is a toxic soup of poor governance, inadequate technology and weak security. The potential for HIPAA violations and subsequent expensive litigation is obvious.

Unfortunately, the toughest part of this problem is not technology. There are numerous technology solutions that ultimately feed multimedia image data to PACS or neutral archives, and most clinical viewers can access and display both DICOM and non-DICOM image objects. The toughest part of this aspect of enterprise imaging is cost. Performing mobile imaging the correct, secure way will be prohibitively expensive, if the vendors are going to apply pricing structures patterned after radiology solutions to this class of image sets.

Taking pictures of a rash during a dermatology office visit is not a reimbursable effort, so it is going to be very difficult arguing the value proposition for doing mobile imaging the correct way, unless the “all-in” pricing of component licenses (acquisition, managing, distributing and displaying) is going to be considerably less than that being charged for an ordered procedure. This pricing issue is an interesting problem, and one that I submit both the providers and the vendors had better start working on together to solve as quickly as possible.

About the author: Michael J. Gray is a consultant specializing in the digital management and distribution of medical image data, and the founder of Gray Consulting. Gray’s areas of expertise are market analysis, technology analysis, strategic planning, equipment utilization, needs assessment, workflow analysis and vendor analysis/selection.