Protecting patient privacy against unauthorized release of medical images in a group communication environment

In this paper, we identify and study an important patient privacy protection problem related to medical images. Following Health Insurance Portability and Accountability Act (HIPAA) mandate on privacy protection of patients' medical records, efforts have been devoted to guaranteeing the confidentiality of data and medical images during storage and transmission via an untrustworthy channel. However, to our knowledge. there has not been any effort towards protecting against unauthorized release of images by an authorized recipient. In this paper, we study the problem of tracing illegally distributed medical images in a group communication environment and identify a set of design requirements that must be met. We propose a fingerprint model suitable for many-to-many multicast, that is computationally efficient and scalable in user storage and key update communication. Simulation results also show that our scheme is highly robust to typical medical image processing and collusion attacks, while yielding high quality watermarked images. (c) 2005 Elsevier Ltd. All rights reserved.