New liability concerns emerge for radiologists who have used patient images in presentations

Recent updates to search engines such as Google and Bing may expose patient imaging data previously thought to be anonymous.

That’s according to an update shared by the American College of Radiology, RSNA and the Society for Imaging Informatics in Medicine on Thursday. Radiologists and other providers often use patient images in educational presentations or online PDFs and, until recently, search engine spiders could not pinpoint any unique patient identifiers. However, advances in web-crawling and content processing are increasingly allowing for large-scale info extraction from previously stored files thought to be safe.

Physicians and other health professionals must pay special attention to this concern or open themselves up to potential privacy breaches and liability risk, the three groups advised.  

“Healthcare providers frequently create presentations containing medical imaging for many worthwhile purposes,” according to an Aug. 20 ACR news update. “Patient privacy guidance including the Health Insurance Portability and Accountability Act and General Data Protection Regulation may extend to these situations. Providers may be responsible for protecting their patients’ privacy in this context just as they are in routine clinical operations.”

ACR gave the hypothetical example of a patient punching her name into a search engine and turning up a diagnostic imaging study from four years ago. Clicking through, she’d be directed to the website of a professional association, which has housed the presentation, unaware that it contains protected health information.

To avoid this concern, the societies suggest only using images that are free of any identifiers in educational presentations. They also recommend utilizing screen-capture tools to grab only the relevant portions, disabling patient information overlays, or using an anonymization algorithm in the PACS. Cropping out protected info or inserting a black box over it is insufficient to protect a patient and their imaging practice, the trio stressed.

“Specific functions are available in some software to permanently delete cropped, obscured or hidden information in presentation files. As a final quality control check, it is recommended that these ‘sanitization’ functions be run on all presentations prior to being made public,” the societies advised.

ACR said it has also assembled a best practices webpage to further guide radiologists in this safeguarding process.

Marty Stempniak

Marty Stempniak has covered healthcare since 2012, with his byline appearing in the American Hospital Association's member magazine, Modern Healthcare and McKnight's. Prior to that, he wrote about village government and local business for his hometown newspaper in Oak Park, Illinois. He won a Peter Lisagor and Gold EXCEL awards in 2017 for his coverage of the opioid epidemic. 

Around the web

The patient, who was being cared for in the ICU, was not accompanied or monitored by nursing staff during his exam, despite being sedated.

The nuclear imaging isotope shortage of molybdenum-99 may be over now that the sidelined reactor is restarting. ASNC's president says PET and new SPECT technologies helped cardiac imaging labs better weather the storm.

CMS has more than doubled the CCTA payment rate from $175 to $357.13. The move, expected to have a significant impact on the utilization of cardiac CT, received immediate praise from imaging specialists.