Consider offering one-way hash function for accession number and patient ID
In Norway, accession number is considered to be patient identifiable data. Without accession number, OpenREM becomes difficult to use for individual patient dose calculations or investigations.
A workaround could be to store a one-way hash of the accession number in the database instead. You can then never work out from the hashed accession number alone what the original exam accession number was. However, if you were needing to investigate a particular exam and were in possession of the accession number, this could be entered and hashed in the same way as originally to obtain the correct study.
The idea for this approach came from the description of the PerMoS solution used for the EPICT project, created by Andreas Jahnen of the Luxembourg Institute of Science and Technology (formerly the Centre de Recherche Public Henri Tudor, Luxembourg) and presented at the NFMF MedFys 2015 conference in Kvitfjell, Norway.
An extension of this would be to use the same method and store a hash of patient ID. This would have the following advantages:
- Patient's studies can be easily found - radiographers like working with IDs and names, not accession numbers
- Patient's history could be tracked where appropriate, for example linking interventional studies to estimate skin doses
- A study cannot be attributed to any particular patient by knowledge of the ID hash
- Height and weight information can be imported if the ID is known but not the height and weight. This might get complicated by the lack of knowledge as to which exam the details are valid for, but could be a very useful tool.
There are also disadvantages to consider:
- It becomes trivial to look up an individual patient's dose. It has always been possible, by reviewing date/time/exam type/machine, but not trivial. However, authorisation levels might manage this risk. For example the ID lookup might be disabled for the 'view' level of access.