TRANSFER SYSTEM FOR SECURITY-CRITICAL MEDICAL IMAGE CONTENTS

摘要

A transfer method, a system and a product are disclosed for transferring security-critical medical image data records with PHI sections from a source application to a destination application. In an embodiment, the method accesses a PKI infrastructure that provides a user-specific key for each user. Following detection of a copy command for at least one image data record in the source application, a data convolute is produced, including an anonymized and an encrypted image data record, which are forwarded to a trader module and/or a memory module. After a pasted command is detected, the key is used to access the clipboard and/or the memory module in order to decrypt the image data record from the encrypted image data record and to paste it (for a secure destination application), and/or to access the anonymized image data record and to paste it (for a nonsecure destination application).

主权项

1. A method for providing a transfer function for security-critical medical image data records with PHI sections from a source application to a destination application, wherein the method can simultaneously serve destination applications that are recognized as secure and destination applications that are recognized as nonsecure and wherein the method accesses a PKI infrastructure that provides a user-specific key for each user, the method comprising:
forwarding at least one image data record and an anonymized image data record, following detection of a copy command for the at least one image data record in the source application, to a trader module; detecting the respective key and creating at least two data convolutes for the image data record, comprising the anonymized image data record and an encrypted image data record; forwarding at least the anonymized image data record to a clipboard and forwarding at least the encrypted image data record to a memory module for storing an association relation for a key and at least one image data record associated with the respective key from the data convolute; detecting the key, following detection of a paste command for at least one image data record in the destination application and automatically detecting whether the destination application is registered as a secured application or is a nonsecure application; accessing the clipboard via the destination application, if the destination application is a nonsecure application, in order to access the anonymized image data record associated with the detected key and to present the anonymized image data record associated with the detected key on the destination application; and forwarding the paste command from the destination application to the trader, if the destination application is a secure application, wherein the trader uses the detected key to access the memory module in order to access the encrypted image data record associated with the respective key and to decrypt the encrypted image data record associated with the respective key using the key and to provide the decrypted image data record on the destination application.