- edited description
Consider offering one-way hash function for accession number and patient ID
Issue #183
resolved
In Norway, accession number is considered to be patient identifiable data. Without accession number, OpenREM becomes difficult to use for individual patient dose calculations or investigations.
A workaround could be to store a one-way hash of the accession number in the database instead. You can then never work out from the hashed accession number alone what the original exam accession number was. However, if you were needing to investigate a particular exam and were in possession of the accession number, this could be entered and hashed in the same way as originally to obtain the correct study.
The idea for this approach came from the description of the PerMoS solution used for the EPICT project, created by Andreas Jahnen of the Luxembourg Institute of Science and Technology (formerly the Centre de Recherche Public Henri Tudor, Luxembourg) and presented at the NFMF MedFys 2015 conference in Kvitfjell, Norway.
An extension of this would be to use the same method and store a hash of patient ID. This would have the following advantages:
- Patient's studies can be easily found - radiographers like working with IDs and names, not accession numbers
- Patient's history could be tracked where appropriate, for example linking interventional studies to estimate skin doses
- A study cannot be attributed to any particular patient by knowledge of the ID hash
- Height and weight information can be imported if the ID is known but not the height and weight. This might get complicated by the lack of knowledge as to which exam the details are valid for, but could be a very useful tool.
There are also disadvantages to consider:
- It becomes trivial to look up an individual patient's dose. It has always been possible, by reviewing date/time/exam type/machine, but not trivial. However, authorisation levels might manage this risk. For example the ID lookup might be disabled for the 'view' level of access.
Comments (46)
-
reporter
-
reporter
- edited description
-
reporter
Added model for Patient ID Settings as a solo singleton model, including adding django-solo. Editable using the admin interface. Refs
#183. Should use the same method for the DICOM delete options, ref#263→ <<cset 7359c5adf5b6>>
-
reporter
Created an update form view and all the associated work. Linked from admin menu, and pretty. Refs
#183→ <<cset f8814b30a613>>
-
reporter
Implemented name and ID for rdsr. Tested and works. Refs
#183→ <<cset 1cc701c1ea21>>
-
reporter
Added check for None before hashing. Added Accession number hash. Not convinced it always works at the moment. Refs
#183→ <<cset b269a3646326>>
-
reporter
Hashing Accession number was working - I was importing both RDSR (working) and Philips CT (not changed at that point). Now both working. Refs
#183.→ <<cset 62aa0fbe5db3>>
-
reporter
Updated mam and dx with the patient ID changes. Refs
#183→ <<cset 17232bdacafa>>
-
reporter
Added creation of a pidgroup, for control of who can search, (see?) and export patient names and ID. Refs
#183→ <<cset 6729eea83293>>
-
reporter
Temporary addition of ID and name as a standard filter (works). Beginnings of a super function to do something more appropriate. Refs
#183→ <<cset 1eafc3b300c4>>
-
reporter
Non-working attempt to add the pid fields in a subclass. Refs
#183→ <<cset 43dffc4956b2>>
-
reporter
- changed milestone to 0.7.0
I want to have at least a basic version of this working in 0.7, as it is becoming increasingly important for us here.
At the same time I want to get 0.7 out of the door, so it might not be a perfect solution!
-
reporter
-
assigned issue to
Ed McDonagh
-
assigned issue to
-
reporter
Automatically creating the PatientIDSettings singleton table with the default configuration. Refs
#183→ <<cset 0aa409b6effb>>
-
reporter
Only exploritory logging really, but we are getting somewhere. Next task is to refactor so that Meta.fields is a dictionary containing the lookups etc. Refs
#183→ <<cset afbb6ba8d3a3>>
-
reporter
Super class that adds the PID search into a non-PID filter now working for mammography. The list of fields is ignored if there are a list of filters, but the list does need to exist. Refs
#183→ <<cset 7d03dd344734>>
-
reporter
Added a PlusPid filter to each of the other modalities. Added it to the RF view. Refs
#183→ <<cset 59391249558d>>
-
reporter
Removed the fields contents as per mammo. Refs
#183→ <<cset 2e80cc718ed0>>
-
reporter
Added working MethodFilter to mammo patient name filtering on both non-hashed and hashed names. Hoorah. Refs
#183→ <<cset 6ac1481adf87>>
-
reporter
Moved hash function to tools. Added custom_id_filter to match name version, moved them up to the top of mod_filters. Refs
#183→ <<cset d156df659e44>>
-
reporter
Changed each of the PlusPid filters to use the MethodFilter. Refs
#183→ <<cset 59e2147f6c6d>>
-
reporter
Added config option for date of birth being stored. Refs
#183→ <<cset d32f822d42b4>>
-
reporter
Added storing of DOB to database depending on config flag. Refs
#183→ <<cset 8e2c81be1a3e>>
-
reporter
Added configuration interface for date of birth. Refs
#183→ <<cset e91754ad0dd6>>
-
reporter
Changing the Accession Number hashing to use the tool. Refs
#183→ <<cset 4b49c892ebf9>>
-
reporter
Added custom filter for accession number. Always operates, not just when have pid privileges. Refs
#183→ <<cset f6be14b6ca09>>
-
reporter
Hide hashed accession numbers from filtered lists, both as they aren't good for formatting, and because if they are hashed they should probably be hidden. Refs
#183→ <<cset e997c28d3ab6>>
-
reporter
Hide hashed accession numbers from the detail page. Refs
#183→ <<cset 36b3e4796eb1>>
-
reporter
Converted exportMG2excel to use the django-filter function properly, including allowing or denying pid query. Need to add export versions with id, name or both. Refs
#183→ <<cset dade20bae2b1>>
-
reporter
Mammo csv export now available with name, ID or both, if you are in the PID group. Doesn't allow if not in group, even if know the URL. However, the export page allows anyone who can see that page to download anything... need to restrict. Refs
#183→ <<cset d94bd92daa5e>>
-
reporter
Added user and includes_pid to the export model, now users not in the pid group won't see exports that contain pid. User is now displayed in the export table - this could be changed in the future so that you can either filter (in which case the full name should be displayed instead of the username), or list mine vs all exports. Only mammo csv export has been updated to fill the new model fields. Refs
#183→ <<cset 76cc7f9fdf93>>
-
reporter
Converted the fluoro csv export to allow PID. Seems to work, though test data was anonymised so more testing required. Refs
#183. Added sex to RF csv export refs#235→ <<cset b7de279b44eb>>
-
reporter
Prepared for pid and user information to come into rfxlsx, changed to filtering data using djangoo-filter, added patient sex to the standard export data (refs
#235), changed column resize for date column, though will be wrong again if pid. Refs#183→ <<cset 5a01cf531dc1>>
-
reporter
Adding pid and user feed to rf_export rfxlsx. Refs
#183→ <<cset 4806ae2ce637>>
-
reporter
Added xlsx patient identifier export links to RF filtered. Worked through to the actual writing. Tested, but only with blank IDs. Refs
#183→ <<cset 2e5c77c66aa4>>
-
reporter
Brought the pid headers and data through to the protocol sheets. Refs
#183→ <<cset f1b70d4c18a6>>
-
reporter
Modified original RF xlsx export link with the 0/0 to indicate no pid. Refs
#183→ <<cset 41daefe5ffdb>>
-
reporter
Starting the conversion for CT to filter on patient name and ID. Refs
#183→ <<cset f74648558ef5>>
-
reporter
Tooltip now fixed for CT, though some of the charts may be broken. Not changed DX yet, but will do as part of refs
#183and#235. For now, fixes#277→ <<cset 36a682b217df>>
-
reporter
Added patient name and ID to CT XLSX export (refs
#183), changed method of getting the data to allow for missing tables (refs#120), added patient sex (refs#235).→ <<cset 40214828bf4d>>
-
reporter
Added PID export to CT CSV. Refs
#183. Noticed that a known URL can download a file with PID without PID rights even though the link is missing.→ <<cset ee4acad395c9>>
-
reporter
PID exports are now only allowed if user has right permissions, even if URL is known. Refs
#183→ <<cset 768fbecffda2>>
-
reporter
Starting to convert DX csv export to use the new acquisition level filter (refs
#277) and also to bring in PID (refs#183)→ <<cset 33b7f4b51e68>>
-
reporter
Added PID to DX csv export (refs
#183). Moved export links to right column buttons.→ <<cset 3f691dbb485b>>
-
reporter
Added PID to DX XLSX exports. Refs
#183→ <<cset 8353df527677>>
-
reporter
- changed status to resolved
Merge issue183IDs into develop. Needs thorough testing. Fixes
#120,#183,#235→ <<cset 4b99762bb140>>
- Log in to comment
