Child pages
  • Submission and De-identification Overview

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Department of Biomedical Informatics at UAMS hosts The Cancer Imaging Archive for the National Cancer Institute (NCI). At NCI’s direction, TCIA personnel collect and curate clinical and pre-clinical (animal studies) Radiology and Pathology images, clinical trial data (including patient demographics and clinical outcomes), annotations and image derived features and other types of clinical research data (e.g., gene expression profiles) as directed by NCI and the research community.    Data comes from NIH programs, funded research and clinical trials.  In most instances this data is the result of completed clinical trialsresearch activities, but with NCI permission TCIA may also serve as the information repository for prospective clinical trials, pre-clinical research studies and co-clinical trialsdata collection initiatives

The ultimate goal of this data collection is to make the information publicly available.  The TCIA team at UAMS ensures all data is fully de-identified in accordance with international standards, US laws and UAMS IRB protocol requirements. TCIA then makes the data freely and openly available under the Creative Commons licensing as shown below:

...

Info
titleLicense Agreement

“This collection is freely available to browse, download, and use for commercial, scientific and educational purposes as outlined in the Creative Commons Attribution 3.0 Unported License.  See TCIA's Data Usage Policies and Restrictions for additional details. Questions may be directed to help@cancerimagingarchive.net.”

Prior to uploading data to TCIA, the submitter must obtain IRB approval (or ethics board equivalent) from their institution allowing them to submit a de-identified version of their data to TCIA.  The NCI and the submitting site IRB are jointly responsible for reviewing the consent under which data to be submitted to TCIA was originally collected.

Submission sites are provided with de-identification tools by the UAMS TCIA team.  These tools have been approved by NIH and comply with the Digital Imaging and Communications in Medicine (DICOM) international standard for medical image de-identification.  Following industry best practices, TCIA uses a standards-based approach to de-identification of DICOM images and non-image data to insure that all data make publicly available are free of protected health information (PHI).  The TCIA de-identification process ensures that the HIPAA de-identification standard is met by following the Safe Harbor Method as defined in section 164.514(b)(2) of the HIPPA Privacy Rule. 

All data is encrypted prior to transmission to UAMS. All incoming data is captured in a quarantine system and treated as if it contains PHI. All TCIA personnel are trained in HIPAA regulations and procedures. TCIA servers are managed by UAMS IT as if they were UAMS clinical systems. Once the full analysis and de-identification is complete, data is moved to a separate public repository and made available to the research community.  This process has been reviewed by the UAMS Chief Security Officer.

Radiology Curation Overview

A TCIA submission expert will work with an Imaging point of contact from your site. The expert will provide all the required tools for de-identifying and sending your imaging data and will answer any questions you have throughout the process. Typically, site resources required will be time from a PACS or other technician who will set up the software on a standard computer, complete testing, and then download imaging studies from the local PACS to the installed software as they become available. Once setup and testing are completed, images are exported from the local accessible drive to the Clinical Trial Processor (CTP) Wizard, which is an application provided by TCIA and used to de-identify and transmit images to TCIA. De-identification of the data is highly automated, and the de-identified data is transferred to TCIA via HTTPs by the CTP Wizard.

This process includes:

1. Install pre-configured Clinical Trials Processor (CTP or CTP-Wizard) java software and use it to submit your data.

...

These tools have been approved by NIH and comply with the Digital Imaging and Communications in Medicine (DICOM) international standard for medical image de-identification.  Following industry best practices, TCIA uses a standards-based approach to de-identification of DICOM images and non-image data to insure that all data make publicly available are free of protected health information (PHI).  The TCIA de-identification process ensures that the HIPAA de-identification standard is met by following the Safe Harbor Method as defined in section 164.514(b)(2) of the HIPPA Privacy Rule utilizing the following steps:

  1. TCIA will help your technical point of contact (PACS administrator or designated IT technician, henceforth referred to as "submitter") install TCIA's software on a standard desktop computer.  The software runs on regular Windows/Mac/Linux desktop computers and requires Java to also be installed.  It does not require any specialized hardware (e.g. servers are not necessary). 
  2. TCIA will help the submitter create mapping tables (which do not leave the submitting site) which our software will use to assign anonymous patient IDs and to offset study dates.
  3. TCIA will walk the submitter through software testing using a small sample set of their study data (e.g. 1-2 patients). 
  4. TCIA will help the submitter export the full set of imaging studies from their local PACS (or wherever the data resides) into the TCIA software for processing.
    1. Note: Please do not utilize your PACS system or other de-identification software as this usually deletes critical information researchers will need to make use of the data.
  5. TCIA will help the submitter use the software used to de-identify and transmit images to TCIA according to DICOM standards (Attribute Confidentiality Profile – DICOM PS 3.15: Appendix E) before it leaves your institution.

...

  1. TCIA quality control and curation staff will work with you to ensure the data are fully de- identified and received. Additional reviews are performed, and any remaining PHI are deleted if found.

...

  1. TCIA will publish the final data set with a descriptive page and announce its addition via our mailing list and social media channels.

Submission Site role:

With help from a TCIA submissions manager, Researchers submit imaging data using the Clinical Trial Processor (CTP) Wizard. There are four basic steps to submitting your data to TCIA using the CTP Wizard:

1. Locate the data you will be sending to TCIA and export it to the computer where you’d like to install our submission software.

Note: Please do not utilize your PACS system or other de-identification software as this usually deletes critical information researchers will need to make use of the data.

2. Download and unzip CTP Wizard

3. Complete the mapping table file to assign anonymous patient IDs and to offset study dates

4. Launch CTP Wizard to process and transfer the DICOM files to TCIA

...

De-identification Details

Following industry best-practices, TCIA uses a standards-based approach to de-identification of DICOM images to insure that images are free of protected health information (PHI).  The TCIA de-identification process ensures that the HIPAA de-identification standard is met by following the Safe Harbor Method as defined in section 164.514(b)(2) of the HIPPA Privacy Rule. The standard for de-identification of DICOM objects is defined by Attribute Confidentiality Profile – DICOM PS 3.15: Appendix E. At the submitting site, a DICOM PS 3.15 compliant script removes or modifies DICOM tags deemed to be unsafe (See table 1 for a complete listing). TCIA incorporates the “Basic Application Confidentiality Profile” which is amended by inclusion of the following profile options: Clean Pixel Data Option, Clean Descriptors Option, Retain Longitudinal With Modified Dates Option, Retain Patient Characteristics Option, Retain Device Identity Option, and Retain Safe Private Option.  The de-identification rules applied to each object are recorded by TCIA in the DICOM sequence Method Code Sequence [0012,0063] by entering the Code Value, Coding Scheme Designator, and Code Meaning for each profile and option that were applied to the DICOM object during de-identification. The DICOM standard for de-identification of objects defines a minimum set of elements to de-identify to be in compliance with the standard. It is up to the user doing the de-identification to insure that PHI is removed or cleaned according to the laws and practices in place at the time de-identification occurs.

Details

Base level de-identification 

...