![Post image for Using Dropbox and OsiriX on the iPad to view radiology images in the operating room [iPad in the OR, part II]](http://cdn.imedicalapps.com/wp-content/uploads/2010/12/step-1-osirix-MRI1-364x227.png)
Exporting Patient Imaging to the iPad
[Editor's Note: Felasfa Wodajo, senior editor at iMedicalApps, had the following article published in the Journal of Surgical Radiology. This is Part 2 of a two part series, in Part 1 we wrote on the general uses of the iPad in the Operating Room.]
As previously mentioned, one use of the iPad in the OR is to bring patient imaging studies to surgery. But, how does one copy computed tomography (CT) or magnetic resonance imaging (MRI) images from a patient’s CD ROM to the iPad? I have found a very useful method involving two terrific and freely available resources; OsiriX and Dropbox.
The first, Osirix, may already be familiar to many readers of this journal. For those not yet acquainted, OsiriX is a free, open source DICOM (digital imaging and communication in medicine) viewer written for the Macintosh. I find it easily superior to just about every built-in reader bundled with patients’ CD-ROMs and routinely use it to view patients’ DICOM data. It is an indispensable part of my practice. In addition to basic features, such as measuring distance and angle, modifying window and level, zooming and panning, OsiriX has some features usually available only on expensive imaging workstations, such as 2D & 3D image reconstruction, and fusion of PET & CT studies. While the iPhone version of OsiriX will run on the iPad, I still find transferring DICOM files between the desktop and mobile applications unwieldy. Therefore, I will describe a simple method that uses Dropbox to export selected images to the iPad.
Dropbox is a multi-platform file-syncing utility. This terrific service has a web component and native applications for Macintosh, Windows, Linux, iPhone and iPad. It is able to rapidly synchronize files across multiple devices through file-level trickery in which it determines only those portions of the files that are changed.
Sample Workflow
My workflow is as follows (see above screenshots):
1. Insert patient’s CD ROM in computer and open with OsiriX
2. Identify key images of interest
3. Export images as JPEGs into Dropbox folder on computer
4. View images using Dropbox app on iPad
I also use the Apple iPad camera adapter to quickly transfer intraoperative photos to my iPad. For the curious family member, these photos can really enliven the post-op waiting room conversation!
One glaring omission on the iPad is a method to organize images into albums that would be preserved even when the iPad is synchronized with iPhoto. The apps available for organizing photos on the iPad, such as PhotoSort, appear to duplicate the images rather than manipulate the native photo album. We can only hope Apple will provide this function in future updates of the iPad OS.
iPad on the Wards
Dr. Henry Feldman of Beth Israel Deaconess hospital in Boston shared with iMedicalApps.com his experience using the iPad as his primary computing device for a week as an attending.
One instance where the iPad really shone, he wrote, was its “nearly seamless experience” in accessing his hospital’s wireless networks. “The secure wireless network handoff was amazing. As I roved around it was seamless … and the best example is that I would use the elevator ride to catch up on news/tech websites, and every time the elevator doors would open it would reconnect and download some more prior to the door closing.”
The soft keyboard of the iPad, he found, was adequate for the bulk of his documentation needs on the wards. He brought his Bluetooth keyboard and iPad stand to the hospital but found both “sat on the shelf for one week, unused.” He used desktop computers for complex compositions such as admission notes and discharge summaries, but felt “this had less to do with the keyboard than being able to see multiple web pages at once.” Orders and discharge plans did not require an external keyboard although, “after one beefy paragraph the screen keyboard does feel a tad clunky.” Despite this enthusiastic report of iPad usage from an experienced physician, we should remember that Beth Israel has a sophisticated web interface for all their major clinical applications, making the transition to using an iPad fairly seamless. Personally, I also find a bluetooth keyboard much faster for typing longer documents.
When asked about security concerns with the iPad, especially if one is left behind inadvertently, Dr. Feldman pointed out that as with everything web-based, nothing is stored on the device. The iPad (like an iPhone) can be “remote-wiped,” meaning all the data and settings on the device can be erased remotely. Note that this requires a MobileMe subscription ($99 per year). Each of the applications in the hospital has a username/password, and network communication for most of the applications occurs over an encrypted (SSL) connection. These measures, Dr. Feldman suggested, already exceed the security that almost any institution places on paper charts. He also mentioned a strategy for the lock screen which I have since adopted. This involves replacing the iPad’s default background with an image including one’s name, cell and pager numbers, for device return information if the iPad were to fall into friendly hands.
Conclusion
The iPad clearly has the potential to be very useful in the hospital and in the operating theater. Medicine is, by its nature, a mobile occupation and a powerful and flexible computing device will almost certainly play some role in our future everyday practices. There is still much to be learned and undoubtedly we will see the introduction of other devices with different strengths and weaknesses. In my practice, using the resources described above, I have been able to maintain a portable image repository of my patients that has been very useful in the operating room, office, and in hallway discussions with colleagues.
Note that remote wiping is possible for free since the recent release of iOS 4.2, no mobileme subscription needed (and companies running an exchange server could already do this without any subscription).
Great point Wouter — it’s nice to see apple adding this functionality
for free even without a mobile me subscription. Now if only some of
the other mobile me features were offered free I wouldn’t have to rely
on google for my cloud as much.
This is quite interesting. When a public cloud like dropbox is used, how closely are regulations of maintaining patient privacy and confidentiality followed?
storing patient data in the cloud is no longer unusual, in fact it is becoming the norm
privacy has to do with who has access to the data, in this case only the treating physician does
device security is fairly simple since it is password protected also and can be remote-wiped
It would be nice if all the imaging centers provided DICOM disks – some we get are proprietary and not readable.
If you have your hospital or other center provide access to the PACS, you can view any study you desire directly with OsiriX.
I agree, Stentor/Phillips and Amicas being the biggest culprits for non-proprietary formats
Hopefully they will evolve over time
Unfortunately, unless all your patients get imaged at the same location, getting PACS access does not help that much
I faced the same problem: a great worry about losing my iPad. My simple solution: buy an iPad case that has a shoulder strap and allows for access to the iPad without removing the bag!
See http://www.protabstuff.com as example.
Please read the terms and conditions of dropbox. You are Not the only One, who is legally able to access the Patient Data you stored in the dropbox cloud. Neither are the data stored encryped in the cloud.
Me as a Patient would never allow a physician to store MY data in a PUBLIC cloud.
As an ICT Consultant I find it stunning to see how easy people discard the security issues with simple statements like the use of https or username/password combínations. This article is a good starting point for a discussion but the offered methods I would not recommended at all.
Could you elaborate further – what would you recommend for a single provider for cloud-based storage of PHI ? The records in this instance are accessible only by the provider giving care, so patient privacy is not at issue. Data transport is encrypted, access is locked by password and device can be remote wiped if lost. Are there are other parameters you think are important ?
- Remotely wiping the iPad’s is only possible when the iPad connnects to a network. Until then the iPad is vulnerable.
- No central user and password management for the iPad and a lot of applications
- So passwords are often written down on those yellow sticky papers or in agenda’s for obvious reasons
- Social hacking is a very easy way to get access to a device (bad guy pretends to be your service desk and needs password to block/wipe your stolen iPad)
- Clouds like Dropbox are platforms that should no be used to store patient information. The fine print of the terms makes it clear that access to this information is possible without asking permission to the uploader of the data or the patient. And there is no control that this data is removed after the doctor-patient relationship has ended.
The concept of storing patient information in the cloud is will be used a lot in the (near) future in my opinion. Providers of these clouds are starting to present their concepts of legally secure environments for healthcare business in The Netherlands right now. These clouds will also have the possibility to function as an archive for large medical exams like MRI scans.
So my advice to doctors is not to use Dropbox and iPad’s for storing and viewing patient sensitive data. It breaks the Dutch law dozens of times, it can break the trust of the doctor-patient relationship and the hospital’s reputation is at risk.
Thank you @R Derks for your thoughtful comments
You made several points above but I do notice that all but one pertain to the device itself. Therefore, am I to understand that you believe one should never have any patient information on a mobile device ? I suspect many US institutions have already taken a different course on this but a unifying protocol for mobile health security has yet to be defined (as we have also reported).
As for the latter, yes the Dropbox terms are not 100% protective of the data but I suspect any commercial cloud storage vendor will have some exemptions. But this challenge does open up some business opportunites and it will be interesting to see how this market develops over the next 1-2 years.
Thanks for your feedback. The commercial “health care” cloud storage vendors will have to live up to certain regulations and standards before health care organizations will start using them (that is where we stand in the Netherlands right now). The European Union is working on regulations for this, and it’s an open door to say that making these regulations takes a lot of time.
For individuals it is easier to take a shortcut to the not-yet-secure clouds as the technology of today allows this. Awareness of the privacy regulations and the security risks is important and hopefully not set aside to easily because of the ease of use of new technology.
Hi R Derks: I am in the UK and we are looking at cloud type storage solutions. I am interested in the Netherlands examples as legal/regulatory requirements likely to be similar as within EU. Would you give me some examples/pointers please? (eg Providers of these clouds are starting to present their concepts of legally secure environments for healthcare business in The Netherlands right now) Thanks.
I’ve talked to one party so far: KPN. The sollution they are building is called “zorgarchief”, translated it’s something like “healtcare archive”. Here is the link to some Dutch info I found on their website: http://www.kpn.com/zakelijk/ict-diensten/kpn-zorg/zorgslim.htm
Hope this helps you.
R Derks: What about cloud sites like SpiderOak, who claim even they cannot see the data because it is encrypted before it is stored on their servers?
Also, a comment from an expert on our woefully inefficient passwords might be in order!
Thanks for your comments!