MIRC PHI Access Logging
This article describes how the PHI Access Log works in the RSNA MIRC implementation. It is intended for anyone who authors documents containing PHI and for administrators of sites with such documents.
The Advanced Author Tool provides a section called PHI. This section can contain one or more study blocks, each containing fields itentifying: - a study identifier (typically the DICOM StudyInstanceUID) - a patient identifier (typically the DICOM PatientID) - a patient name (typically the DICOM PatientName)
When a MIRCdocument is displayed or exported, the server checks the document to see if it contains a PHI section. If it does, the server makes an entry in an access log. The entry contains: - the date and time of the access to the PHI - the username of the requestor - the IP address of the requestor - the path identifying the MIRCdocument - the query parameters for the request - the contents of the three fields for each study block
The HIPAA privacy regulations require the mantenance of a log tracking access to PHI. The PHI section allows the author to specify what information is to be logged. This section is not intended for any other purpose. There may PHI in many sections of the document. The putpose of the PHI section is only to trigger the logging.
1 Responsibilities of the Author
When creating a document containing PHI, the author is responsible for adding a study block for each study whose PHI is included in the document.
Since the regulations require that the person accessing PHI be identified, it is important that documents containing PHI not be made public.
2 Responsibilities of the Administrator
If the DICOM Service template or TCE Service template is configured to capture PHI from DICOM transmissions, the <phi> element must be included in the template. The <ggggeeee> can be used to populate the fields automatically.
The contents of the access log are available to the administrator through the URL path /mirc/phi.
If a public document containing PHI is accessed by an unauthenticated user, the access log entry contains the value [User NOT authenticated] for the username. Seeing this in the log indicates a security problem that must be corrected by making the document either private or restricted (e.g., non-public).