Document 7772960
Download
Report
Transcript Document 7772960
EVALUATION OF HIPAA SECURITY REQUIREMENTS ON ENCRYPTION FOR RADIOLOGY THROUGHPUT RATES
Spencer B. Gay, M.D., Andrew M. Snyder, M.S., Alfred C. Weaver, Ph.D., Matthew J. Bassignani, M.D., Samuel J. Dwyer, III, Ph.D.
University of Virginia Health System, Charlottesville, VA
BACKGROUND
The structure of the security rule is based upon three standards:
1. Administrative safeguards (section 164.308)
2. Physical safeguards (section 164.310)
3. Technical safeguards (section 164.312)
and two administrative standards:
1. Organizational requirements (section 164.314)
2. Policies and procedures and documentation requirements (section 164.316).
The HIPAA security matrix (Appendix A, 45 CFR Part 164, Subpart C, Security Standards for the Protection of
Electronic Protected Health Information, published Feb. 20, 2003, 68 Fed. Reg. 8334) identifies the standards,
the sections, and the implementation specifications which are either required (R) or addressable (A). Under
the technical safeguard section, encryption and decryption (section 164.312 (a)(1)) and transmission security
(section 164.312 (e)(1)) are both marked as “addressable.”
A number of security protection schemes which proclaim HIPAA compliance are currently in use. Passwords
and biometric devices provide limited authentication; firewalls are often employed for intra-hospital
security; digital signatures are used to prove message integrity. Modern data encryption and decryption
algorithms are powerful techniques for data security, but their impact on throughput is not yet known. This
study provides an estimate of the performance impact of data encryption/decryption when applied to PACS
throughput.
R1
R2
R3
R4
R5
R6
R7
R8
R9
R10
R11
R12
Time
T1 =
15 min (900 sec) – Patient registration by hospital registration system
A
1
0
0
0
0
0
0
0
0
0
0
0
T1
T2 =
5 sec – Notify HIS of patient and data using HL7
B
1
1
0
0
1
0
0
0
0
0
0
0
T2
T3 =
30 sec – Schedule exam and notify RIS
C
0
0
1
1
1
0
0
0
0
0
0
0
T3
T4 =
10 sec – Patient data to RIS and to PACS archive
D
0
1
1
0
1
0
0
0
0
1
0
0
T4
T5 =
10 sec – DICOM worklist to image modality
E
0
0
1
0
0
1
1
0
0
0
0
0
T5
T6 =
F
0
0
0
0
0
0
1
0
0
0
0
0
T6
G
0
0
0
0
0
1
1
1
0
0
0
0
H
0
0
0
0
0
1
0
1
1
0
0
I
0
0
0
0
0
1
0
1
0
1
J
0
0
0
0
0
1
0
0
0
K
0
0
0
0
0
0
0
0
L
0
0
1
0
1
0
0
M
0
1
1
0
1
0
B1
B2
B3
B4
B5
B6
MB/s
Percent of
Fastest
Algorithm
MB/s
Percent of
Fastest
Algorithm
DES 56-bit
8.51
100.00%
DES 56-bit
7.68
100.100%
3-DES 112-bit
7.23
84.90%
AES 128-bit
6.96
90.61%
20 min (1200 sec) – Conduct patient exam
AES 128-bit
7.19
84.50%
3-DES 112-bit
6.56
85.42%
T7 =
3 min (180 sec) – Patient image data to gateway via DICOM
3-DES 168-bit
7.16
84.12%
3-DES 168-bit
6.45
83.88%
T7
T8 =
3 min (180 sec) – Relational database image data to gateway (prior exam)
AES 192-bit
6.63
77.93%
AES 192-bit
6.41
83.42%
0
T8
T9 =
3 min (180 sec) – Image data from gateway to PACS archiving
T9
AES 256-bit
6.24
63.36%
AES 256-bit
5.95
77.40%
0
0
T10 =
2 min (120 sec) – Image data to workstation
0
T10
T11 =
2 min (120 sec) – Patient report generated in reporting system
RSA 512-bit
0.90
10.53%
RSA 512-bit
0.11
1.38%
1
1
0
0
0
1
T11
T12 =
30 sec – Patient report to RIS from reporting system
RSA 1024-bit
0.62
7.34%
RSA 1024-bit
0.04
0.47%
0
0
0
0
1
T12
T13 =
30 sec – Patient report sent from RIS to HIS
0
0
0
0
0
0
T13
B7
B8
B9
B10
B11
B12
Table 3 shows the resources utilized in a typical patient encounter.
EVALUATION METHODS
R1 =
Table 3
RESOURCES TO BE MODELED
Hospital registration system
The metric selected for this study is “throughput.” To determine the “addressable” implementation
specifications of encryption on access control and transmission security, we conducted testbed experiments
to evaluate the effect of several popular methods on radiology workflow. The methods we evaluated are
shown in Table 1.
R2 =
HIS (hospital information system)
R3 =
RIS (radiology information system)
R4 =
Examination schedule system
R5 =
HL7 communications for text data
R6 =
DICOM communications for image
data
R7 =
Image modality unit
DICOM gateway
Table 1
ENCRYPTION METHODS SELECTED FOR EVALUATION
Method
Comments
Data Encryption Standard (DES)
Twenty years of use
Triple DES (3-DES)
Successor to DES
R8 =
Advanced Encryption Standard (AES)
Newest technique approved by the National
Institute of Standards and Technology (NIST)
R9 =
Relational database
R10 =
PACS archive
The most popular public key cryptosystem
R11 =
Workstation
R12 =
Reporting system
Rivest, Shamir, and Adleman (RSA)
RADIOLOGY DEPARTMENT WORKFLOW MODEL
The use of a radiology workflow model details how the department operates and how data flows throughout
the department (Figure 1). Models are valuable performance prediction tools, because modification of an
operational PACS would disrupt the daily work of the department. The selected workflow model is a resource
allocation table for estimating throughput and identifying bottlenecks. The resource allocation table (Table
2) is constructed with columns labeled for each of the particular resources (HIS, RIS, Networks, PACS Archive,
etc.). The successive rows of the table represent the successive steps of a job or process. The right-most
column of a row identifies the average time needed for the step. The matrix entries are Boolean, with a one
signifying that the resource is used in the step and a zero signifying that it is not. The “bottleneck” of a job
is identified by inspecting each column in the table and determining the average limitation of the resource
throughput for each resource (the reciprocal of the sum of the execution times of the resources involved).
Patients
Hospital
Registration
System
HL7
Exam
Schedule
System
HL7
Image
Modality
DICOM
HL7
DICOM
HL7
Data
HIS
Worklist
HL7
DICOM
Gateway
RIS
Reports
HL7
HL7
Relational
Database
Data
Report
PACS
Archive
DICOM
Reporting
System
Workstation
Figure 1
MODEL FOR DATA FLOW ABOUT DEPARTMENT
Table 7
THROUGHPUT OF ENCRYPTION AND DECRYPTION ON 3 GHz PENTIUM 4
STEP
Thirteen steps in a typical information flow are shown in Table 4.
Table 4
STEPS IN WORKFLOW MODEL
Steps
A.
Patient registration by hospital registration system
B.
Notify HIS of patient and data using HL7
The bottleneck(s) can also be obtained from the resource
allocation table, and that calculation is shown in Table 6. The
smallest value of Bi identifies the bottleneck because resource i
is operating at full capacity and therefore step i is the ratelimiting procedure.
THE COMPUTING ENVIRONMENT
Our experiments were performed using the Microsoft .NET
framework and our test scenarios were developed in C# using
Visual Studio .NET. By using a web services approach, we
ensured that we are moving along a language-neutral, platformindependent path. The testbed consisted of a network of 3 GHz
Pentium 4 computers with 1 GB RAM each, connected via 100
Mbps Ethernet.
B1
B2
B3
B4
B5
=
=
=
=
=
B6 =
B7 =
B8 =
B9 =
B10 =
B11 =
B12 =
1/(T1 + T2)
1/(T2 + T4 + T13)
1/(T3 + T4 + T5 + T12 + T13)
1/(T3)
1/(T2 + T3 + T4 + T12 + T13)
Decryption
As expected, DES was fastest because it has the shortest key and is therefore the least secure. Predictably,
the RSA public key algorithm was slowest because it was never meant to be used with large files such as
images. The significance of Table 7 is that it reveals for the first time (in a .NET environment) what
computational price is being paid for the superior protection of the new AES-256 encryption algorithm. AES is
many orders of magnitude more secure than the other techniques, and we have shown that its use entails
acceptable computational costs.
Applying the data flow model as shown in Figure 1, we were able to predict the radiology department’s
expected throughput when images were and were not encrypted and decrypted upon storage and transmission
(Table 8).
Table 8
AVERAGE TIMES FOR EACH STEP IN THE SYSTEM
1/(T5 + T7 + T8 + T9 + T10)
1/(T5 + T6 + T7)
1/(T7 + T8 + T9)
1/(T8)
1/(T4 + T9 + T10)
1/(T10)
1/(T11 + T12)
Time
Each encryption technique shown in Table 1 was tested using four file sizes. The first file size was one byte—
the smallest possible file, and thus the one that will provide a lower bound on the overhead associated with
invoking each algorithm. The second file was 1 MB, which represents a single, compressed, 2000x1500x16
screen image. The third file size was 3 MB, which represents an uncompressed 4000x3000x16 image. The
fourth file was a 500 image MRI set, each image being 256x256x16, yielding a total file size of 68 MB. Each
file size was processed using DES with its 56-bit key, 3-DES using 128- and 192-bit keys, AES using 128-, 192-,
and 256-bit keys, and RSA with key sizes of 512 and 1024 bits. Each experiment performed 100 encryptions
and decryptions on a given file size using a particular technique and key size, and then averaged the results.
The throughput of each algorithm was calculated from the resulting data logs. Figure 2 shows the results for
the three symmetric key algorithms while Table 7 shows the results for all experiments, sorted by throughput.
Average time without
Encryption
Average time with
Encryption
Short Description
T1
900 seconds
900 seconds
Patient registration
T2
5 seconds
5 seconds
Notify HIS of patient
T3
30 seconds
30 seconds
Schedule exam
T4
10 seconds
11 seconds
Patient data to RIS and PACS
T5
10 seconds
10 seconds
Worklist to image modality
T6
1200 seconds
1200 seconds
Conduct patient exam
T7
180 seconds
240 seconds
Patient image data to gateway
T8
180 seconds
240 seconds
Relational DB images to gateway
T9
180 seconds
240 seconds
Image data from gateway to PACS
T10
120 seconds
180 seconds
Image data to workstation
T11
120 seconds
120 seconds
Patient report generation
T12
30 seconds
30 seconds
Patient report to RIS
T13
30 seconds
30 seconds
Patient report from RIS to HIS
CONCLUSION
ENCRYPION AND DECRYPTION AVERAGES
USING POLYNOMIAL FITTED LINES (n=2)
C.
Schedule exam and notify RIS
D.
Patient data to RIS and to PACS archive
E.
DICOM worklist to image modality
F.
Conduct patient exam
12
G.
Patient image data to gateway using DICOM
10
H.
Relational data to gateway (required prior images)
I.
DICOM image data from gateway to PACS archive
J.
DICOM image data to workstation from PACS archive
3 GHz Pentium 4
14
DES - 56 bit
3DES - 112 bit
8
6
K.
Patient report generated in reporting system
4
L.
Patient report sent to RIS from reporting system
2
M.
Patient report sent from RIS to HIS
Our study shows that when using the Department of Radiology dataflow model (Figure 1), a resource
allocation table (Table 2) analysis, and using symmetric key encryption on all patient data and images,
throughput would be reduced 5-7%. Knowing that the impact of encryption is small, a department could
embrace it without fearing disastrous consequences. Alternatively, if encryption were applied only to the
patient data and not to the images, then the impact of encryption would be negligible. Either way, we have
demonstrated that symmetric key encryption, especially the new AES algorithm with 256-bit keys, is a highly
secure technique that achieves HIPAA’s goals with minimal disturbance to the radiology department’s
throughput.
3DES - 168 bit
REFERENCES:
AES - 128 bit
1.
AES - 192 bit
2.
AES - 256 bit
3.
4.
5.
6.
0
0
The encryption step is included in T4 (patient data to RIS and PACS archive) and the decryption step is included in T10
(image data to workstation). Table 5 shows the expected average times for completion of each step of the job. These
mean values were measured from an operational PACS.
Table 6
RESOURCE BOTTLENECKS
Encryption
TESTING THE PERFORMANCE OF THE ENCRYPTION ALGORITHMS
Time (s)
Almost a decade after the passage of the Health Insurance Portability and Accountability Act of 1996 [1],
HIPAA will require compliance with its Security Standards (Section 164, 68 Fed. Reg. 8333) by April 20, 2005,
for all entities covered by these rules (except small health plans which have an additional year). The
Security Standards guard electronic Protected Health Information (PHI), which includes any health care or
health payment information that identifies or could be used to identify the individual to whom it pertains and
that is stored or transmitted using electronic media.
Table 5
ESTIMATED TIMES FOR COMPLETION OF THE STEPS PER JOB
Table 2
RESOURCE ALLOCATION TABLE
10
20
30
40
50
6
File Size (10 Bytes)
Figure 2
60
70
7.
8.
Public Law 104-191, “Health Insurance Portability and Accountability Act of 1996.”
http://aspe.hhs.gov/admnsimp/pl104191.htm
“Standards for Electronic Transactions.” Federal Registry, Volume 65, Number 160, August 17, 2000,
http://aspe.hhs.gov/admnsimp/final/txfin00.htm
Stallings W. “Cryptography and Network Security.” Prentice Hall, 1999.
King CM, Dalton CE, Osmanoglu TE. “Security Architecture.” Osborne/McGraw-Hill, New York, 2001.
Wagner N. “The Laws of Cryptography: The RSA Cryptosystem.” http://www.cs.utsa.edu/~wagner/laws/
Andriole KP, Arvin DE, Yin L, Gould RG, Arenson RL. “PACS database and enrichment of the folder manager concept.”
Digital Imaging 2000; 13:3-12.
Stuck BW, Arthurs E. “A Computer and Communication Network Performance Analysis Primer.” Prentice-Hall Inc.,
Englewood Cliffs, NJ, 1985.
Gay SB, Sobel AH, Young LQ, Dwyer SJ III. “Processes involved in reading imaging studies: workflow analysis and
implications for workstation development.” J Digital Imaging 2002; 15(3):171-177.
J