De-identified Cases

Plan feature

De-identified Cases are part of the Research and Teaching subscriptions, or as an add-on to other services.

Aurabox allows you to create and manage Cases, which are de-identified patient records. Once a Case has been created, you can upload, store, and view medical imaging while maintaining patient privacy. These Cases are particularly useful for research, teaching, and second opinions where full patient details are not required.

Understanding Cases in Aurabox

Cases are anonymised records designed to protect patient privacy. When you create a Case, the associated imaging is automatically de-identified upon upload. You can share these Cases with other professionals, ensuring that the focus remains on the medical data, not on patient identities.

Note

Unlike standard patient profiles, Cases are de-identified and do not include any personal patient details. This makes them ideal for research and education, where maintaining anonymity is crucial.

How to Add a Case

1. From your Aurabox dashboard, select “Add Case.”
2. Enter any relevant information about the Case.
3. Once the Case is created, you can begin uploading imaging. All medical imaging added to the Case will be automatically de-identified upon upload.

Existing Cases

If you are working with an existing Case:

• Search for the Case using the relevant identifier or description.
• Once located, you can view or update the imaging and share the Case with other healthcare professionals as needed.

New Cases

When creating a new Case:

1. Provide a description and any relevant clinical information that would help in identifying the case’s purpose (e.g., diagnosis, research focus, teaching case).
2. Upload the necessary medical imaging. As part of Aurabox’s automatic de-identification process, the imaging will be stripped of any personally identifiable information, ensuring compliance with privacy standards.

How de-identification works

Aurabox automatically de-identifies all medical imaging uploaded to a Case. This process removes any personally identifiable information (PII) from the imaging files, ensuring that patient privacy is maintained.

The configuration applies a de-identification process to the DICOM tags. Sensitive information contained within the tags is de-identified while maintaining the structural integrity of the DICOM file.

This does the following:

1. Retains all tags but de-identifies PII data in the tags
2. Searches for and redacts burnt-in PII in images.
3. Replaces key tags with the Case data.

Specific DICOM tags, such as StudyDescription, Modality, BodyPartExamined, and others, are retained to ensure that essential medical information is preserved. These tags are necessary for proper interpretation of the images and clinical context while de-identifying other sensitive data.

• StudyDescription
• Modality
• BodyPartExamined
• Laterality
• SeriesDescription
• SeriesDescriptionCodeSequence
• PatientPosition

Primary identifiers, such as patient IDs, are regenerated. This provides a new unique identifier for the data, preventing any link back to the original patient information while maintaining the ability to track and reference images for medical purposes.

Caveats

Aurabox’s de-identification process is designed to be thorough and effective, but it’s important to note that it may not always remove all possible identifiers. While the process is designed to be robust, it’s not infallible.

• The retained tags include StudyDescription, Modality, BodyPartExamined, Laterality, SeriesDescription, SeriesDescriptionCodeSequence, and PatientPosition. While these fields are medically relevant, some might contain PII if they are populated with identifiable information (e.g., StudyDescription or SeriesDescription that might include patient names or other identifiers).
• The configuration redacts sensitive burned-in text. However, it may not cover all possible scenarios where PII could be embedded in the image itself. Burned-in text, particularly in older imaging systems or customized workflows, can still pose a risk.
• The configuration regenerates primary identifiers, which is good practice to prevent linking back to the original patient records. However, if the source data stores identifiers in unexpected ways, this could still pose a risk.
• If custom metadata or annotations are added to the DICOM files by the imaging systems or during post-processing, these could potentially contain PII.
• Some fields in DICOM are user-defined and may not fall under standard de-identification protocols. This includes non-standard or private tags that could contain PII.