HIPAA Act and the PACS Term Paper

Excerpt from Term Paper :

They each get on the phone, pull up the image on computer and discuss the image and the results and what the results indicate.

One recent study measured the productivity benefits of using PACS and the participants, all radiologists estimated there was a 100% increase in productivity for CT scans, MRIs and ultrasounds (Kywi, 2005).

Overall PACS has provided a new and innovative method for physicians to utilize medical imaging to their highest potential.


While the PACS system is undeniably important in the world of medical care because of the advantages that it provides. It creates a speedy, accurate and instant result to tests which doctors can pull up at their desk and view almost as soon as the procedure is over with. With the new abilities the system allows it has revolutionized the medical imaging field as well as many aspects of total health care.

With the decision to implement HIPAA laws the government placed mandates on health care professionals that threatened to stretch the very fabric of its boundaries. Many areas of health care had to make some significant changes in order to comply with the HIPAA regulations. The field of medical imaging was revolutionized with the implementation of PACS however, there was concern about the ability to comply with HIPAA while still using PACS to its fullest advantage.

Experts agree that only using PACS some of the time and still depending on paper and film would greatly reduce the effectiveness of PACS on productivity and health care ability in the area of medical imaging.

One of the very benefits of PACS threatens the core process of HIPAA. PACS is a field wide ability to produce medical imaging results to physicians faster than ever before in history. It allows the instant transmission of data to parties at the other end of the connection (Gater, 2004).

HIPAA provides mandates that protect the identity and many other aspects of a health care consumers life with regards to their medical needs.

On the surface it would appear that HIPAA and PACS are in direct opposition of each other with regards to privacy and security.

And if it could be found that HIPAA and PACS collide in their ability to deliver services with security then legally PACS would have to be modified or dismantled all together which would put the field of medical imaging back many years.

While there are concerns about PACS and its ability to maintain the health privacy and security standards set up by the government with HIPAA it is possible for measures to be taken that will insure PACS can continue being used while at the same time maintaining compliance with HIPAA.

The biggest concern when it comes to the use of PACS with regard to the compliance with HIPAA is the security and privacy issue. Those who are concerned believe that the instant transmission of data over a computer connection presents a risk that information will be provided to those who have not been given permission to access the information by the consumer. This leads to concerns of liability for the health care providers and anyone who was involved with the transmission of that information.

If PACS had not become an accepted standard of medical imaging delivery than there would be little concern about the ability to comply with HIPAA standards of laws as the entire medical imaging report and test result would be confined to one area. The patient would have an authorize the sharing of that information with certain entities and provide the name and address of those who would be allowed to see the results. The medical imaging department would then send by courier the results that had been released and they would be signed for at the receiving physician's office.

This would be a safe guarded method that would insure that HIPAA laws were being complied with. However, in light of PACS and the revolutionized abilities that it has provided to the medical community, few if any health care workers would volunteer to give it up to go back to the pervious methods of waiting for days to have results delivered to them through a courier or the mail.

With the advances that PACS has provided for the medical imaging field as well as those that depend on the field for their medical needs it would be a significant disservice to society to stop its use at this point in history. Instead it is important to maintain its use and continued improvement as technology avails itself to such advantage.

The laws of HIPAA are federally mandated therefore PACS is bound by them as well as anyone who uses the PACS system for the storage, retrieval and transmission of medical imaging procedures that have been performed on patients.

When one examines the true scope and depth of the PACS system however one will see that it is indeed a system that coincides with the expectations and mandates of the HIPAA laws.

The first indicator that PACS dovetails with HIPAA is the need for passwords and various codes to get into the system and maneuver around its components. When PACS is first installed there is a training period in which those who will be working with the medical imaging department will be trained in how to use passwords and codes to open and enter the system. In addition, many hospitals and other medical facilities have opted to change and rotate passwords on a frequent basis thereby reducing even further the chance that the information contained within the storage area of the system will be accessible by a hacker.

The second indicator of the fact that PACS and HIPAA actually coincide is the voice recognition ability that PACS has installed. With voice recognition it is virtually impossible for someone other than the intended participant to gain access to the information held within that file or folder.

One of the chief concerns about PACS complying with the HIPAA laws is the concern of human error. Human error creates a possible breach in security if a health care worker forgets to log off or accidentally leaves the screen up and walks away from the area and someone not authorized to access the medical imaging information approaches the computer.

While this is a valid concern it is not a different concern than would be valid if film and paper reports were used. Someone could also leave those open on a desk and walk away while someone who was not authorized to have the informati0on approached the desk and accessed that information,.

Proper training about shutting down the system and logging off when finished with it can help to prevent such errors.

The final concern about HIPAA and PACS is the fact that someone on the other end is receiving private medical information about a patient.

This is a concern because the person who is sending the information could easily type in a wrong email address or other code.

This problem has been easily resolved by PACS use of encryption. Encrypted information is setup in a way that the receiving party has to have an exact code or set of codes in order to open the information.

If the sender accidentally sends it to the wrong party it will not create a liability issue for the receiver or the sender as both of them have to be able to use the encrypted code both to send it and to open it on the receiving end.

This use of encryption helps to insure that the proper parties receive the information. In addition to the wrong place receiving it the encryption also protects the information when it reaches the correct physician office but has many people working in that office. For instance a receptionist, a medical assistant and a bookkeeper may all work in the office but the patient has not released permission for those people to see the records nor is there any reason for those people to see records. The encryption allows only those within the office that need to have access to the medical imaging results and tests to have that access by requiring that they enter an encryption code to open it and read it.


While HIPAA produced some issues of stress for many areas of the health care field it didn't cause PACS to have to make any additional adjustments. PACS already has several standards in place that dictate the privacy and security of the information and the patient be maintained.

Through the use of encryptions and passwords PACS coincides with the privacy mandates that the government set out with the recent HIPAA laws.

The need for further study is inherent to any system that uses technology today. With the developing abilities of hacking as well as the continued advancement of the medical imaging field it will be important to continue monitoring the abilities of the system against the mandates of HIPAA. Issues including patient release of…

Cite This Term Paper:

"HIPAA Act And The PACS" (2006, October 22) Retrieved January 22, 2018, from

"HIPAA Act And The PACS" 22 October 2006. Web.22 January. 2018. <

"HIPAA Act And The PACS", 22 October 2006, Accessed.22 January. 2018,