Questions regarding PACS Server Security

  • Hi


    I want to implement following options in my current setup. Please guide me how to do so .


    1. AET of the Archive:: Define that specific AETs can Q/R from a specific MAG. All their data will be stored in specific MAG (this is done using lua. But have to code for every sending AET).


    2. Access control over AETs:: When there are multiple Application Entities which need to store objects. but one Application Entity should not be able to see the studies sent by the other Application Entities.


    3. Apply Retention Policy :: Based on the policy, studies can be deleted or retained.


    4. Audit Logger:: Log for image saving on devices, Query that is made to the server and images that are retrieved form the server,


    --HM

  • Hi - you are asking a lot,


    1. Not possible. The MAG device is only known after lookup of images. Queries on higher level will not have this information.


    2. Potentially possible if you add calling AE to the different tables.


    3. What policy? Would require adding extra columns to the tables. Who is deleting and with which mechanism


    4. All this information is in the various logs. If you want you can use Lua scripts to write bespoke logs you wanrt.


    Marcel

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!