- Email: [email protected]
A secure software architecture for collecting and processing medical image data in centers of excellence
International Congress Series 1281 (2005) 938 – 942
www.ics-elsevier.com
A secure software architecture for collecting and processing medical image data in centers of excellence H. Mu¨ncha,b,*, U. Engelmanna, A. Schro¨terb, H.P. Meinzera a
German Cancer Research Center, Medical and Biological Informatics Div., Germany b CHILI GmbH, Heidelberg, Germany
Abstract. Medical image data is used increasingly both in routine clinical applications as well as in treating rare diseases. In medical consultation work, image data occupies a prominent position alongside other information. Medical networks bundle available medical and scientific resources so that, for example, rare diseases are treated more efficiently and medical care is broadened. To transfer and store data more efficiently, a system was developed that allows users web-based access to central electronic patient files. Data can be uploaded into these files using standard protocols. All data transfers are encrypted and patient-related data is optionally pseudonymized or anonymized before uploading. A central user concept with specific role and user distributions regulates access to the medical information. For viewing image data, a fully functional viewer with extensive functions for image viewing and processing is available. Furthermore, participating partners can conduct synchronized teleconferences on image data. D 2005 CARS & Elsevier B.V. All rights reserved. Keywords: Medical networks; Teleradiology; Web; EPR; Pseudonymizing; Anonymizing; Centers of excellence
1. Introduction Medical images are playing an increasingly important role in the clinical environment. The combination of image and other patient data facilitates the diagnosis of very rare diseases for which only few specific cases are documented. Documentation and image collection of specific cases permits analysis of a far greater knowledge base. Therefore,
* Corresponding author. German Cancer Research Center, Medical and Biological Informatics Div., Germany. Tel.: +49 6221 42 2382. E-mail address: [email protected] (H. Mu¨nch). 0531-5131/ D 2005 CARS & Elsevier B.V. All rights reserved. doi:10.1016/j.ics.2005.03.216
H. Mu¨nch et al. / International Congress Series 1281 (2005) 938–942
939
this data is collected in centers of excellence, which are usually formed by the association of doctors and scientists of different institutions. A concentration of available data permits the derivation of more information and the expansion of existing knowledge. The experts within a center of excellence are usually not the doctors treating patients but doctors and scientists who cannot view patient-related data for legal reasons. This results in high protection and security requirements for the patient-related data. However, it is possible to achieve this, for example, by anonymizing or pseudonymizing the data. In some cases both procedures are required to protect patient-related data from being viewed by unentitled parties. There is no advantage to setting up specially adapted workstations for this purpose in a clinical environment because of the low frequency at which data is forwarded to a center of excellence and the usually high financial costs relative to its rare use. Therefore, data transfers at a clinical center of excellence should be carried out as far as possible with the available equipment in the clinical environment. This applies both to the data upload into the center of excellence’s network as well as the required pseudonymization and encryption of the data en route. Completely web-based applications are independent of the hardware and operating system used in particular clinical environments. They require no additional software installations or licenses on client computers, and an Internet browser for showing the HTML is present on each computer. Integration into the normal clinical work sequence achieves a high rate of acceptance, reduces costs [1] and, consequently, increases the quality of the data collected in the center of excellence. Another need arises with the association of several clinics for consultation and in teleradiological emergency consultations. The consultation group’s work is strongly simplified and facilitated with respect to the quality of the results by access to centrally available image data, which permits faster completion of the consultation. 2. Materials and methods CHILI is a family of software components in teleradiology, PACS and web-based image distribution [2,3]. Teleconferences can be conducted involving all CHILI viewing components (workstation and web client). The web-based system CHILI/Web permits image distribution within the hospital and to external users [4]. It is integrated in the clinical work process by incorporation into the existing HIS/RIS systems [5]. These systems can access the web client and control it from a simple, easily operated interface. Standard CHILI components are already in use on the server side for PACS and DICOM communications. The CHILI system makes the database and the images available on the web server. The database was expanded for the special storage requirements for anonymized and pseudonymized data as well as all other non-image related data of specific patients. With this approach we can simply reuse existing components and are able to implement an information system that can process all types of medical data. The data is uploaded in the web server’s database using a web interface. Patient-related data must not be transferred without protection [6]. Therefore, all data transfers are encrypted using the Secure Socket Layer (SSL) [7] protocol. To avoid problems with clinic network firewalls as far as possible, all data and communications with the server are transferred using the Hypertext Transfer Protocol (HTTP) [8]. The combination of SSL
940
H. Mu¨nch et al. / International Congress Series 1281 (2005) 938–942
and HTTP [9] results in a high level of security with a simultaneous simplification of the transfer. As a result, no adaptation of the clinic infrastructure is usually required. If patient-related data must not leave the clinic network, this system provides an option for anonymizing or pseudonymizing them before the upload. A pseudonymizing service is available on the web server, which provides a pseudonym on request for a dataset before transfer. However, available third party pseudonymizing services [10] can also be employed. Using these systems, a definite pseudonym for the dataset incorporated into the central database is requested via an encrypted Internet connection. On the client’s side several options exist for selecting data for upload or assigning these data to an existing patient entry in the central file. The simple option is selecting individual local files. Optionally, attribution information and descriptions can be recorded for this data. In dependence on the specific project configuration the data is then immediately anonymized or pseudonymized before it is uploaded to the web server over an encrypted HTTPS connection. In addition, there is the option of uploading an entire series or study of images. For this purpose, a local DICOM [11] server has been integrated into the web client. Once the web client is started it can receive DICOM data from any modality or DICOM node in the Intranet. After successful receipt on the client side, the DICOM data is pseudonymized and transferred to the server. As a result, patient-related data on the Intranet will not leave the hospital. The web interface consists of an active Java [12] component. It can be started with almost any Internet browser and has expanded functions for comfortably and securely uploading data. The Java program in the web browser provides for specific selection and data acceptance, encryption and pseudonymization. Furthermore, it implements a clientside access protection for the data. Optionally, the image display or patient data display can be controlled using an existing hospital information system, which creates an additional simple integration option. Within the web interface, expanded options for image viewing will be made available to users. For each image entry in the patient data, a preview function is available with which the user can quickly navigate through the image data. DICOM data is displayed in diagnostic quality. To display data with a color depth of more than 8 bits, a level/window concept is available. Modality-specific presets for the image data and interactive selection of used values can be applied. Images can be enlarged, shifted, turned, mirrored and inverted. Determining the gray values of individual pixels as well as measurements and statistics in various forms, e.g., lines, circles, rectangles and polygons of all types, are possible. Angles are calculated from 3- and 4-point angles. On DICOM images, the image information is optionally blended in as overlays. All data that cannot be represented in the image viewer is passed on in the web browser to the viewers appropriate for its Mime type. That way special information for which no standard viewer is available can be uploaded into the electronic patient file. This data is then shown on the client in the respective viewer. Using the web client, synchronized teleconferences with other participants can be conducted on all the image data shown in the viewer. The mouse pointers are synchronized in the process and only individual events are transferred among clients. This even allows for teleconferencing over narrow band lines. Both participating partners have all
H. Mu¨nch et al. / International Congress Series 1281 (2005) 938–942
941
entitlements for performing actions on the viewed data. They can window, zoom, measure or show their counterpart details in the data. System users have different access rights to the data depending on their specific roles. Some users may only upload data into the database without viewing other data, while others have rights to view and diagnose data. Users may be combined into groups so that a group-specific issuing of rights is possible. If already existing authentication mechanisms are tied in, the system has the option on the server side of taking over the users and groups from an LDAP-conforming [13] server. A user authentication will then be performed directly on the LDAP server. This saves the costs involved in an additional user administration. 3. Results The described software architecture is currently being used for constructing three different medical networks. The ISIS medical network (Du¨sseldorf, Germany) [14] is a network of clinics in which associated clinics or partners are organized in working groups. Individual participants can upload data to the web server and make it available to partners of the same group. This enables specialists in another clinic to come by the respective data via a uniform route and quickly ask consultation questions. The high quality image viewing allows consulting doctors to answer questions quickly, which in turn saves time and money. SKELNET [15] is a network of experts for rare skeletal diseases . The central database is located at the university clinic in Mainz. It provides secure and encrypted access for members of the SKELNET network. In this network the described data safety and encryption methods are used. Members of the network can upload their data (patient information, results, image data) to the central web server. The doctor currently treating the patient has access to the patient data but all other participants only have access to pseudonymized data or no access to individual patient data at all, depending on their specific rights. The treating doctor can consult with other participants or communicate with them using direct messages. AHF [16] is an expert network for congenital heart disease. Like SKELNET, it is a national research project funded by the German Ministry for Education and Research (BMBF) [17] that links research and medical treatment. This network has an efficient research structure and high quality treatment as its objectives. It uses a third party TMF pseudonym generator [10]. 4. Discussion Due to partial use of already existing CHILI components, this system has a large number of image viewing and processing functions. It enables synchronized teleconferencing with other web clients and CHILI diagnostic workstations. No special requirements are made on the client’s hardware or infrastructure. This provides all users who are members of medical networks with the option of accessing the system from their normal clinical workplace. To protect patient data, a high degree of security is required. This need is satisfied by implementing anonymization and pseudonymization. Patient-related data only leaves the
942
H. Mu¨nch et al. / International Congress Series 1281 (2005) 938–942
Intranet if this is required within a medical network, and it is only transferred over encrypted lines. The use of HTTP permits system use in already existing infrastructures and, in most cases, it conforms to the local security guidelines of hospital. Therefore, this system requires no adjustments of the existing infrastructure. 5. Conclusion The cooperative work in medical centers of excellence raises the quality of medical treatment by quickly and economically making data available to specialists. Consultation questions are readily solved using this system while data collection and scientific analysis of rare diseases is facilitated. Furthermore, the implemented system offers the user extensive image processing and teleconferencing functions. As a result, two participants can directly discuss image data. The requirements of secure data transfer and secure data storage as well as the implementation of pseudonymizing and anonymizing conform to the requirements of medical networks of excellence. References [1] M. Feron, et al., Experience with a commercial clinical viewer tightly integrated into local and remote workflow, in: J. Niinima¨ki, E. Ilkko, J. Reponen (Eds.), Proceedings of the 20th EuroPACS Annual Meeting, 2002, pp. S201 – S204, Oulu. [2] U. Engelmann, et al., Second generation teleradiology, in: H.U. Lemke, M.W. Vannier, K. Inamura, A.G. Farman (Eds.), Computer Assisted Radiology and Surgery, Excerpta Medica International Congress Series, vol. 1134, Elsevier, 1997, pp. S.632 – S.637. [3] U. Engelmann, et al., Openness and flexibility: from teleradiology to PACS, in: H.U. Lemke, M.W. Vannier, K. Inamura, A.G. Farman (Eds.), Computer Assisted Radiology and Surgery, Excerpta Medica International Congress Series, vol. 1134, Elsevier, Amsterdam, 1999, pp. S.534 – S.538. [4] H. Mu¨nch, et al., Web-based distribution of radiological images from PACS to EPR, in: H.U. Lemke, M.W. Vannier, K. Inamura, A.G. Farman, K. Doi, J.H.C. Reiber (Eds.), CARS 2003. Computer Assisted Radiology and Surgery, Proceedings of the 17th International Congress and Exhibition, Elsevier, Amsterdam, 2003, pp. 873 – 879. [5] H. Mu¨nch, et al., The integration of medical images with the electronic patient record and their web-based distribution, Acad. Radiol. 11 (2004) 661 – 668. [6] E. Mand, Datenschutz in medizinnetzen, MedR 7 (2003) 393 – 400. [7] T. Dierks, C. Allen, RFC 2246: The TLS Protocol Version 1.0, 1999 (January) (http://www.ietf.org/rfc.html). [8] R. Fielding, et al., Hypertext Transfer Protocol (HTTP), 1999, ftp://ftp.rfc-editor.org/in-notes/rfc2616.txt (10 Mar. 2005). [9] E. Rescorla, HTTP over TLS, 2000, ftp://ftp.rfc-editor.org/in-notes/rfc2616.txt (10 Mar. 2005). [10] C. Semler, et al., Pseudonymisierung fu¨r Forschungsdatenbanken und Register, in: A. Ja¨ckel (Eds.), Telemedizinfu¨hrer Deutschland, Ausgabe 2005, Deutsches Medizin Forum, Ober-Mo¨rlen, 2004, pp. 209 – 214. [11] DICOM Standards Committee, Digital Imaging and Communications in Medicine (DICOM). http:// medical.nema.org (10 Mar. 2005). [12] Sun Microsystems. The Java Technology. http://java.sun.com (10 Mar. 2005). [13] M. Wahl, T. Howes, S. Kille, RFC 2251: Lightweight Directory Access Protocol (v3), 1997 (December), ftp://ftp.rfc-editor.org/in-notes/rfc2251.txt (10 Mar. 2005). [14] ISIS Medizinnetz, http://isis.de/ISIS_Medizinnetz.294.0.html (10 Mar. 2005). [15] SKELNET, http://www.skelnet.de (10 Mar. 2005). [16] AHF, http://www.kompetenznetz-ahf.de (10 Mar. 2005). [17] BMBF, http://www.bmbf.de (10 Mar. 2005).
www.ics-elsevier.com
A secure software architecture for collecting and processing medical image data in centers of excellence H. Mu¨ncha,b,*, U. Engelmanna, A. Schro¨terb, H.P. Meinzera a
German Cancer Research Center, Medical and Biological Informatics Div., Germany b CHILI GmbH, Heidelberg, Germany
Abstract. Medical image data is used increasingly both in routine clinical applications as well as in treating rare diseases. In medical consultation work, image data occupies a prominent position alongside other information. Medical networks bundle available medical and scientific resources so that, for example, rare diseases are treated more efficiently and medical care is broadened. To transfer and store data more efficiently, a system was developed that allows users web-based access to central electronic patient files. Data can be uploaded into these files using standard protocols. All data transfers are encrypted and patient-related data is optionally pseudonymized or anonymized before uploading. A central user concept with specific role and user distributions regulates access to the medical information. For viewing image data, a fully functional viewer with extensive functions for image viewing and processing is available. Furthermore, participating partners can conduct synchronized teleconferences on image data. D 2005 CARS & Elsevier B.V. All rights reserved. Keywords: Medical networks; Teleradiology; Web; EPR; Pseudonymizing; Anonymizing; Centers of excellence
1. Introduction Medical images are playing an increasingly important role in the clinical environment. The combination of image and other patient data facilitates the diagnosis of very rare diseases for which only few specific cases are documented. Documentation and image collection of specific cases permits analysis of a far greater knowledge base. Therefore,
* Corresponding author. German Cancer Research Center, Medical and Biological Informatics Div., Germany. Tel.: +49 6221 42 2382. E-mail address: [email protected] (H. Mu¨nch). 0531-5131/ D 2005 CARS & Elsevier B.V. All rights reserved. doi:10.1016/j.ics.2005.03.216
H. Mu¨nch et al. / International Congress Series 1281 (2005) 938–942
939
this data is collected in centers of excellence, which are usually formed by the association of doctors and scientists of different institutions. A concentration of available data permits the derivation of more information and the expansion of existing knowledge. The experts within a center of excellence are usually not the doctors treating patients but doctors and scientists who cannot view patient-related data for legal reasons. This results in high protection and security requirements for the patient-related data. However, it is possible to achieve this, for example, by anonymizing or pseudonymizing the data. In some cases both procedures are required to protect patient-related data from being viewed by unentitled parties. There is no advantage to setting up specially adapted workstations for this purpose in a clinical environment because of the low frequency at which data is forwarded to a center of excellence and the usually high financial costs relative to its rare use. Therefore, data transfers at a clinical center of excellence should be carried out as far as possible with the available equipment in the clinical environment. This applies both to the data upload into the center of excellence’s network as well as the required pseudonymization and encryption of the data en route. Completely web-based applications are independent of the hardware and operating system used in particular clinical environments. They require no additional software installations or licenses on client computers, and an Internet browser for showing the HTML is present on each computer. Integration into the normal clinical work sequence achieves a high rate of acceptance, reduces costs [1] and, consequently, increases the quality of the data collected in the center of excellence. Another need arises with the association of several clinics for consultation and in teleradiological emergency consultations. The consultation group’s work is strongly simplified and facilitated with respect to the quality of the results by access to centrally available image data, which permits faster completion of the consultation. 2. Materials and methods CHILI is a family of software components in teleradiology, PACS and web-based image distribution [2,3]. Teleconferences can be conducted involving all CHILI viewing components (workstation and web client). The web-based system CHILI/Web permits image distribution within the hospital and to external users [4]. It is integrated in the clinical work process by incorporation into the existing HIS/RIS systems [5]. These systems can access the web client and control it from a simple, easily operated interface. Standard CHILI components are already in use on the server side for PACS and DICOM communications. The CHILI system makes the database and the images available on the web server. The database was expanded for the special storage requirements for anonymized and pseudonymized data as well as all other non-image related data of specific patients. With this approach we can simply reuse existing components and are able to implement an information system that can process all types of medical data. The data is uploaded in the web server’s database using a web interface. Patient-related data must not be transferred without protection [6]. Therefore, all data transfers are encrypted using the Secure Socket Layer (SSL) [7] protocol. To avoid problems with clinic network firewalls as far as possible, all data and communications with the server are transferred using the Hypertext Transfer Protocol (HTTP) [8]. The combination of SSL
940
H. Mu¨nch et al. / International Congress Series 1281 (2005) 938–942
and HTTP [9] results in a high level of security with a simultaneous simplification of the transfer. As a result, no adaptation of the clinic infrastructure is usually required. If patient-related data must not leave the clinic network, this system provides an option for anonymizing or pseudonymizing them before the upload. A pseudonymizing service is available on the web server, which provides a pseudonym on request for a dataset before transfer. However, available third party pseudonymizing services [10] can also be employed. Using these systems, a definite pseudonym for the dataset incorporated into the central database is requested via an encrypted Internet connection. On the client’s side several options exist for selecting data for upload or assigning these data to an existing patient entry in the central file. The simple option is selecting individual local files. Optionally, attribution information and descriptions can be recorded for this data. In dependence on the specific project configuration the data is then immediately anonymized or pseudonymized before it is uploaded to the web server over an encrypted HTTPS connection. In addition, there is the option of uploading an entire series or study of images. For this purpose, a local DICOM [11] server has been integrated into the web client. Once the web client is started it can receive DICOM data from any modality or DICOM node in the Intranet. After successful receipt on the client side, the DICOM data is pseudonymized and transferred to the server. As a result, patient-related data on the Intranet will not leave the hospital. The web interface consists of an active Java [12] component. It can be started with almost any Internet browser and has expanded functions for comfortably and securely uploading data. The Java program in the web browser provides for specific selection and data acceptance, encryption and pseudonymization. Furthermore, it implements a clientside access protection for the data. Optionally, the image display or patient data display can be controlled using an existing hospital information system, which creates an additional simple integration option. Within the web interface, expanded options for image viewing will be made available to users. For each image entry in the patient data, a preview function is available with which the user can quickly navigate through the image data. DICOM data is displayed in diagnostic quality. To display data with a color depth of more than 8 bits, a level/window concept is available. Modality-specific presets for the image data and interactive selection of used values can be applied. Images can be enlarged, shifted, turned, mirrored and inverted. Determining the gray values of individual pixels as well as measurements and statistics in various forms, e.g., lines, circles, rectangles and polygons of all types, are possible. Angles are calculated from 3- and 4-point angles. On DICOM images, the image information is optionally blended in as overlays. All data that cannot be represented in the image viewer is passed on in the web browser to the viewers appropriate for its Mime type. That way special information for which no standard viewer is available can be uploaded into the electronic patient file. This data is then shown on the client in the respective viewer. Using the web client, synchronized teleconferences with other participants can be conducted on all the image data shown in the viewer. The mouse pointers are synchronized in the process and only individual events are transferred among clients. This even allows for teleconferencing over narrow band lines. Both participating partners have all
H. Mu¨nch et al. / International Congress Series 1281 (2005) 938–942
941
entitlements for performing actions on the viewed data. They can window, zoom, measure or show their counterpart details in the data. System users have different access rights to the data depending on their specific roles. Some users may only upload data into the database without viewing other data, while others have rights to view and diagnose data. Users may be combined into groups so that a group-specific issuing of rights is possible. If already existing authentication mechanisms are tied in, the system has the option on the server side of taking over the users and groups from an LDAP-conforming [13] server. A user authentication will then be performed directly on the LDAP server. This saves the costs involved in an additional user administration. 3. Results The described software architecture is currently being used for constructing three different medical networks. The ISIS medical network (Du¨sseldorf, Germany) [14] is a network of clinics in which associated clinics or partners are organized in working groups. Individual participants can upload data to the web server and make it available to partners of the same group. This enables specialists in another clinic to come by the respective data via a uniform route and quickly ask consultation questions. The high quality image viewing allows consulting doctors to answer questions quickly, which in turn saves time and money. SKELNET [15] is a network of experts for rare skeletal diseases . The central database is located at the university clinic in Mainz. It provides secure and encrypted access for members of the SKELNET network. In this network the described data safety and encryption methods are used. Members of the network can upload their data (patient information, results, image data) to the central web server. The doctor currently treating the patient has access to the patient data but all other participants only have access to pseudonymized data or no access to individual patient data at all, depending on their specific rights. The treating doctor can consult with other participants or communicate with them using direct messages. AHF [16] is an expert network for congenital heart disease. Like SKELNET, it is a national research project funded by the German Ministry for Education and Research (BMBF) [17] that links research and medical treatment. This network has an efficient research structure and high quality treatment as its objectives. It uses a third party TMF pseudonym generator [10]. 4. Discussion Due to partial use of already existing CHILI components, this system has a large number of image viewing and processing functions. It enables synchronized teleconferencing with other web clients and CHILI diagnostic workstations. No special requirements are made on the client’s hardware or infrastructure. This provides all users who are members of medical networks with the option of accessing the system from their normal clinical workplace. To protect patient data, a high degree of security is required. This need is satisfied by implementing anonymization and pseudonymization. Patient-related data only leaves the
942
H. Mu¨nch et al. / International Congress Series 1281 (2005) 938–942
Intranet if this is required within a medical network, and it is only transferred over encrypted lines. The use of HTTP permits system use in already existing infrastructures and, in most cases, it conforms to the local security guidelines of hospital. Therefore, this system requires no adjustments of the existing infrastructure. 5. Conclusion The cooperative work in medical centers of excellence raises the quality of medical treatment by quickly and economically making data available to specialists. Consultation questions are readily solved using this system while data collection and scientific analysis of rare diseases is facilitated. Furthermore, the implemented system offers the user extensive image processing and teleconferencing functions. As a result, two participants can directly discuss image data. The requirements of secure data transfer and secure data storage as well as the implementation of pseudonymizing and anonymizing conform to the requirements of medical networks of excellence. References [1] M. Feron, et al., Experience with a commercial clinical viewer tightly integrated into local and remote workflow, in: J. Niinima¨ki, E. Ilkko, J. Reponen (Eds.), Proceedings of the 20th EuroPACS Annual Meeting, 2002, pp. S201 – S204, Oulu. [2] U. Engelmann, et al., Second generation teleradiology, in: H.U. Lemke, M.W. Vannier, K. Inamura, A.G. Farman (Eds.), Computer Assisted Radiology and Surgery, Excerpta Medica International Congress Series, vol. 1134, Elsevier, 1997, pp. S.632 – S.637. [3] U. Engelmann, et al., Openness and flexibility: from teleradiology to PACS, in: H.U. Lemke, M.W. Vannier, K. Inamura, A.G. Farman (Eds.), Computer Assisted Radiology and Surgery, Excerpta Medica International Congress Series, vol. 1134, Elsevier, Amsterdam, 1999, pp. S.534 – S.538. [4] H. Mu¨nch, et al., Web-based distribution of radiological images from PACS to EPR, in: H.U. Lemke, M.W. Vannier, K. Inamura, A.G. Farman, K. Doi, J.H.C. Reiber (Eds.), CARS 2003. Computer Assisted Radiology and Surgery, Proceedings of the 17th International Congress and Exhibition, Elsevier, Amsterdam, 2003, pp. 873 – 879. [5] H. Mu¨nch, et al., The integration of medical images with the electronic patient record and their web-based distribution, Acad. Radiol. 11 (2004) 661 – 668. [6] E. Mand, Datenschutz in medizinnetzen, MedR 7 (2003) 393 – 400. [7] T. Dierks, C. Allen, RFC 2246: The TLS Protocol Version 1.0, 1999 (January) (http://www.ietf.org/rfc.html). [8] R. Fielding, et al., Hypertext Transfer Protocol (HTTP), 1999, ftp://ftp.rfc-editor.org/in-notes/rfc2616.txt (10 Mar. 2005). [9] E. Rescorla, HTTP over TLS, 2000, ftp://ftp.rfc-editor.org/in-notes/rfc2616.txt (10 Mar. 2005). [10] C. Semler, et al., Pseudonymisierung fu¨r Forschungsdatenbanken und Register, in: A. Ja¨ckel (Eds.), Telemedizinfu¨hrer Deutschland, Ausgabe 2005, Deutsches Medizin Forum, Ober-Mo¨rlen, 2004, pp. 209 – 214. [11] DICOM Standards Committee, Digital Imaging and Communications in Medicine (DICOM). http:// medical.nema.org (10 Mar. 2005). [12] Sun Microsystems. The Java Technology. http://java.sun.com (10 Mar. 2005). [13] M. Wahl, T. Howes, S. Kille, RFC 2251: Lightweight Directory Access Protocol (v3), 1997 (December), ftp://ftp.rfc-editor.org/in-notes/rfc2251.txt (10 Mar. 2005). [14] ISIS Medizinnetz, http://isis.de/ISIS_Medizinnetz.294.0.html (10 Mar. 2005). [15] SKELNET, http://www.skelnet.de (10 Mar. 2005). [16] AHF, http://www.kompetenznetz-ahf.de (10 Mar. 2005). [17] BMBF, http://www.bmbf.de (10 Mar. 2005).