Back to Basics: Anonymization Rules

Medical imaging, specifically DICOM imaging, has storage, transmission, and security needs unlike other imaging types due to its ability to collect and store patient information within the file format. For example, an X-ray of a body part not only contains the radiologic image but also data points such as the patient’s name and date of birth stored in the image’s DICOM tags. But what happens when a workflow requires that personal information be removed or replaced? At Ambra, we use anonymization rules to replace DICOM tags with null or pre-assigned values. Anonymization rules can be applied anywhere that studies enter Ambra, whether that is on a Gateway or at the location level, account level, or most commonly the group (site) level. 

To set anonymization rules at the group level, users can follow the Administration tab to the Groups (also sometimes labeled as the “Sites”) section to utilize the “Edit” function. The dropdown on the left will allow users to choose from a list of common PHI-holding DICOM tags to edit, and the corresponding box on the right will allow users to enter a regex that corresponds with the function they would like, whether that’s clearing the DICOM tag (s/^.*$/ /g) or overwriting a value such as Date of Birth to give every study the same DOB value.

In this example, studies uploaded to the Green Site would have Patient Name, Patient Sex, and Patient Birth Date cleared from the DICOM tags. DICOM tags containing information such as Patient Accession Number and Referring Physician were not chosen to be anonymized and would remain intact upon upload to this group. 

Note: Users editing Groups must have the role permission “Groups: view” and “Groups: add, edit, delete” enabled.