Enhanced Cybersecurity for Medicine – Encrypting Medical Images

Encrypting medical image data offers extra protection against cyberattacks and other security threats

 

Key Takeaways:

 

• Cybercriminals are always lurking, ready to intercept electronically transmitted data, and they also go after images for reasons that include insurance fraud
• The use of mobile devices for reviewing patient data has compounded the problem
• HIPAA regulations require technical security measures, both for data “at rest” on your premises and “in transit” to another location
• There are a number of current approaches to image security that include color encryption and even the use of DNA
• New encryption methods had to be developed because the traditional approaches just did not work with images – they were designed for text

 

Cybersecurity requires a multi-step approach, and medical image encryption is one way to add an additional layer of protection against threats. Your data must be protected while at “rest” and in “transit.” The need for encryption is both necessary and obvious, given the use of electronic medical records (EMRs), mobile devices, and email for transmitting patient data. 

 

It’s also the law. In addition to requiring that private information is guarded on-premises, HIPAA requires technical security measures that protect against unauthorized access to Electronic Protected Health Information that is being transmitted across an electronic network. 

 

Hackers are everywhere, always looking for chinks in your data security. This makes it imperative to encrypt sensitive data. Let’s take a look at the benefits of encryption and some encryption methods in use today to protect patients’ MRI and CT scans from lurking cybercriminals. 

 

Why encrypt medical images?

 

You might think that hackers aren’t going to be able to read a medical image, that all they want is other personal information they can leverage for identity theft. However, cybercriminals often don’t work for their own sake – they are paid by others to steal information.

 

Even if they only obtain images, they still can be used to file false insurance claims. Other than protecting patient data and images, encryption offers some additional benefits:

 

• Encryption makes it easy to comply with HIPAA regulations for electronic data security
• Encrypted data cannot be altered by hackers and retains its integrity
• Data is protected no matter how it is transmitted, even through mobile devices

 

Protected, encrypted data also prevents data breaches and their costly aftermath.

 

Encrypting medical images

 

First, let’s look at some basic terms:

 

• Plain image: This is the original image that needs security while it is being transmitted.
• Encrypted image: This is used after the plain image has been converted into a non-readable form. 
• Encryption: This is the process of converting a plain image into an encrypted image by using an encryption method as well as a secret key.
• Decryption: This is what happens on the receiving side when the encrypted image is converted back to a plain image using both the secret key and a decryption method. 
• Key: The key determines the security of the encryption approach. Both encryption and decryption need the key to perform their respective operations, and strong keys – which can be numeric or alphanumeric – should be used for maximum security.

Currently image encryption methods

Over time, researchers have applied different concepts to increase the security of images. Traditional approaches such as the data encryption standard, advanced encryption standard, and the international data encryption algorithm, just don’t work for images because they have different properties from text. 

Here are some commonly used image encryption approaches used today:

• Chaos-based image encryption: In chaos-based (non-linear) image encryption, chaotic maps generate random numbers that are utilized as secret keys in encryption. Different types of chaotic maps are used, mainly one-dimensional and higher-dimensional. Chaotic maps aid the confusion and diffusion operations in the encryption process. 

 

• Elliptic curve-based image encryption: Elliptic curve cryptography works using the least amount of memory with a small key size. In this process, a color image is changed to grayscale and then compressed. The encryption is done by using an elliptic curve, 3D Lorenz chaotic map, and 4D Arnold cat map, which adds a color watermark to the color image before the process begins. Another method is based on pseudorandom numbers and substitution boxes for encryption by utilizing an elliptic curve. 

 

• Cellular automata-based image encryption: In this method, cellular automata generate random sequences that diffuse the pixel values of an image. Cellular automata, at their most basic, are visualized by drawing a row of cells, evolving that row per a rule, and then showing the evolved row below its predecessor using the rules to produce random sequences. Confusion and diffusion operations utilize the key generator and cellular automata, respectively.

 

• DNA-based image encryption: Deoxyribonucleic acid (DNA) cryptography has become extremely popular because of its properties: massive parallelism, large storage, and incredibly low power consumption. In this method, the color image is first decomposed into the three channels red, blue, and green, and then DNA encoding and XOR operations are utilized to encode each of the three channels. A chaotic map is then used to scramble matrices. Ultimately, the three channels are combined to obtain the encrypted image.

 

• Color image encryption: This approach utilizes three one-dimensional chaotic maps with DNA sequences by changing the original image and keystream into matrices using a DNA operation. Then, complementary and XOR encoding operations rearrange the matrices. The matrices are then decayed into blocks and rearranged arbitrarily. Finally, DNA addition and XOR encoding operations are executed on the scrambled matrices to get the encrypted image. 

 

• Compressive sensing-based image encryption: Compressive sensing can perform compression and encryption at the same time using a measurement matrix and reconstruction method. The measurement matrix is used to perform the compression, and it works as a cryptosystem when the measurement matrix is utilized as the secret key between the sender and receiver.

 

• Optical image encryption: Optical methods are widely used in the cryptography field because of good computational speed as well as parallel processing. A double random-phase encoding approach is used to convert the plain image into stationary white noise by adding two random phase masks placed in the input and Fourier plane. These random phase masks act as a key.

 

Encryption techniques for medical images such as CT and MRI scans, as well as other sensitive images, continue to evolve. At its heart, all encryption approaches need high confusion, no correlation with the original images, decreased computational complexity, and must be highly resistant to the techniques of cybercriminals. 

 

Medical image transfer with security 

 

For secure cloud-based PACS storage, STORE XR lets you access your images from anywhere with a user-friendly interface. When transmitting images, SHARE XR is a unique set of technologies that allows seamless communication between physicians, patients, and other providers. Large data files, like CT/MRI scans, mammograms, breast tomograms, and even pathology slide images are easily and quickly transferred electronically.

 

Scans and images can be shared securely from any location to anywhere in the world … in minutes!

For more information about how we can equip you for not only today’s technology but the future of medicine, please contact us today.