Anonymize Data on Retrieve - dcm4che/dcm4chee-arc-light GitHub Wiki

Overview

Depending on your application requirements, anonymize DICOM dataset attribute values based on Supported De-identification Profiles when DICOM objects are stored from the archive to external systems.

The anonymized values of attributes in DICOM dataset is only present in the database. It is not coerced in the DICOM files stored on the storage system.

This howto will provide configuration, test and verification steps for :

See Important Notes.

Test and verify anonymization of data on retrieving the objects from archive, using either :

Additionally, refer Where to configure Archive Attribute Coercion rules

Configuration

Using archive UI

Using Apache LDAP Directory Studio / ldif scripts

Create an LDIF file for following coercion

version: 1

dn: cn=coerce-c-store-rq - vna2all - anonymizeOnRetrieve - new,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
changetype: add
objectClass: dcmArchiveAttributeCoercion2
cn: coerce-c-store-rq - vna2all - anonymizeOnRetrieve - new
dcmDIMSE: C_STORE_RQ
dcmURI: deidentify:RetainDeviceIdentityOption,RetainUIDsOption
dicomTransferRole: SCP
dcmProperty: ReceivingApplicationEntityTitle=STORESCP|DCM4CHEE2
dcmProperty: SendingApplicationEntityTitle=DCM4CHEE_NEW
dcmRulePriority: 1

dn: cn=dicomAETitle=DCM4CHEE,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org
changetype: modify
add: dcmOtherAETitle
dcmOtherAETitle: DCM4CHEE_NEW

and import it into LDAP using ldapmodify command line utility

ldapmodify -xW -Dcn=admin,dc=dcm4che,dc=org -f config.ldif

Test & Verification using storescp and dcmdump tools

  • Send test study to archive using storescu tool.

    storescu -c DCM4CHEE@localhost:11112 ~/work/testdata/DICOM/modality/CT/CT2
    

  • Configure STORESCP as Remote Application Entity

  • Start storescp tool to start receiving DICOM files sent by archive.

    storescp -b STORESCP@localhost:11115
    
  • Export stored study to STORESCP destination.

  • Use dcmdump tool to view attributes of DICOM file received by STORESCP.

  • Verify in archive server log at $WILDFLY_HOME/standalone/log/server.log

    09:52:24,077 INFO  [org.dcm4chee.arc.export.rs.ExporterRS] (default task-2) Process POST /dcm4chee-arc/aets/DCM4CHEE_NEW/rs/studies/1.3.12.2.1107.5.8.1.12345678.199508041416590859569/export/dicom:STORESCP from [email protected]
    09:52:24,137 INFO  [org.dcm4che3.net.Connection] (default task-2) Initiate connection from /0.0.0.0:0 to localhost:11115
    09:52:24,138 INFO  [org.dcm4che3.net.Connection] (default task-2) Established connection Socket[addr=localhost/127.0.0.1,port=11115,localport=49735]
    09:52:24,140 INFO  [org.dcm4che3.net.Association] (default task-2) DCM4CHEE_NEW->STORESCP(2) << A-ASSOCIATE-RQ
    09:52:24,171 INFO  [org.dcm4che3.net.Association] (EE-ManagedExecutorService-default-Thread-12) DCM4CHEE_NEW->STORESCP(2) >> A-ASSOCIATE-AC
    09:52:24,174 INFO  [org.dcm4che3.net.Dimse] (default task-2) DCM4CHEE_NEW->STORESCP(2) << 1:C-STORE-RQ[pcid=1, prior=0
      cuid=1.2.840.10008.5.1.4.1.1.2 - CT Image Storage
      iuid=1.3.12.2.1107.5.8.1.12345678.199508041416590861483 - ?
      tsuid=1.2.840.10008.1.2 - Implicit VR Little Endian]
    09:52:24,177 INFO  [org.dcm4chee.arc.coerce.impl.DeIdentificationCoercionProcessor] (default task-2) Deidentified attributes by coercion ArchiveAttributeCoercion2[cn=coerce-c-store-rq - vna2all - anonymizeOnRetrieve - new, priority=1, DIMSE=C_STORE_RQ, role=SCP, cuids=[], conditions={ReceivingApplicationEntityTitle=STORESCP|DCM4CHEE2, SendingApplicationEntityTitle=DCM4CHEE_NEW}, uri=deidentify:RetainDeviceIdentityOption,RetainUIDsOption, description=null, onFailure=RETHROW, sufficient=false, attributeUpdatePolicy=MERGE, mergeAttributes=[], deviceCoercionParam=null, otherCoercionParams={}]
    09:52:24,184 INFO  [org.dcm4chee.arc.coerce.impl.XSLTCoercionProcessor] (default task-2) Coerced attributes from stylesheet by coercion ArchiveAttributeCoercion2[cn=testWADOMetadata, priority=0, DIMSE=C_STORE_RQ, role=SCP, cuids=[], conditions={}, uri=xslt:${jboss.server.temp.url}/dcm4chee-arc/predecessorDocSeq.xsl, description=null, onFailure=RETHROW, sufficient=false, attributeUpdatePolicy=MERGE, mergeAttributes=[], deviceCoercionParam=null, otherCoercionParams={xsl-no-keyword=true}]
    09:52:24,262 INFO  [org.dcm4che3.net.Dimse] (EE-ManagedExecutorService-default-Thread-12) DCM4CHEE_NEW->STORESCP(2) >> 1:C-STORE-RSP[pcid=1, status=0H
      cuid=1.2.840.10008.5.1.4.1.1.2 - CT Image Storage
      iuid=1.3.12.2.1107.5.8.1.12345678.199508041416590861483 - ?
      tsuid=1.2.840.10008.1.2 - Implicit VR Little Endian]
    09:52:24,262 INFO  [org.dcm4che3.net.Association] (default task-2) DCM4CHEE_NEW->STORESCP(2) << A-RELEASE-RQ
    09:52:24,264 INFO  [org.dcm4che3.net.Association] (EE-ManagedExecutorService-default-Thread-12) DCM4CHEE_NEW->STORESCP(2) >> A-RELEASE-RP
    09:52:24,264 INFO  [org.dcm4che3.net.Association] (EE-ManagedExecutorService-default-Thread-12) DCM4CHEE_NEW->STORESCP(2): close Socket[addr=localhost/127.0.0.1,port=11115,localport=49735]
    09:52:31,435 INFO  [org.dcm4chee.arc.delete.impl.PurgeStorageScheduler] (EE-ManagedScheduledExecutorService-default-Thread-3) start PurgeStorageScheduler.execute()
    
  • Verify attributes of DICOM file received by storescp tool in dcmdump tool window

Test & Verification using second DCM4CHEE 5 archive

  • Send test study to archive using storescu tool.

    storescu -c DCM4CHEE@localhost:11112 ~/work/testdata/DICOM/modality/CT/CT2
    

  • Start a second DCM4CHEE 5 archive using Run minimum set of archive services on a single host

  • Configure DCM4CHEE2 as Remote Application Entity

  • Export stored study to DCM4CHEE2 destination

  • Verify in archive server log at $WILDFLY_HOME/standalone/log/server.log

    09:50:44,680 INFO  [org.dcm4chee.arc.export.rs.ExporterRS] (default task-1) Process POST /dcm4chee-arc/aets/DCM4CHEE_NEW/rs/studies/1.3.12.2.1107.5.8.1.12345678.199508041416590859569/export/dicom:DCM4CHEE2 from [email protected]
    09:50:44,710 INFO  [org.dcm4che3.net.Connection] (default task-1) Initiate connection from /0.0.0.0:0 to localhost:21112
    09:50:44,711 INFO  [org.dcm4che3.net.Connection] (default task-1) Established connection Socket[addr=localhost/127.0.0.1,port=21112,localport=50839]
    09:50:44,720 INFO  [org.dcm4che3.net.Association] (default task-1) DCM4CHEE_NEW->DCM4CHEE2(1) << A-ASSOCIATE-RQ
    09:50:44,769 INFO  [org.dcm4che3.net.Association] (EE-ManagedExecutorService-default-Thread-15) DCM4CHEE_NEW->DCM4CHEE2(1) >> A-ASSOCIATE-AC
    09:50:44,807 INFO  [org.dcm4che3.net.Dimse] (default task-1) DCM4CHEE_NEW->DCM4CHEE2(1) << 1:C-STORE-RQ[pcid=1, prior=0
      cuid=1.2.840.10008.5.1.4.1.1.2 - CT Image Storage
      iuid=1.3.12.2.1107.5.8.1.12345678.199508041416590861483 - ?
      tsuid=1.2.840.10008.1.2 - Implicit VR Little Endian]
    09:50:44,997 INFO  [org.dcm4chee.arc.coerce.impl.DeIdentificationCoercionProcessor] (default task-1) Deidentified attributes by coercion ArchiveAttributeCoercion2[cn=coerce-c-store-rq - vna2all - anonymizeOnRetrieve - new, priority=1, DIMSE=C_STORE_RQ, role=SCP, cuids=[], conditions={ReceivingApplicationEntityTitle=STORESCP|DCM4CHEE2, SendingApplicationEntityTitle=DCM4CHEE_NEW}, uri=deidentify:RetainDeviceIdentityOption,RetainUIDsOption, description=null, onFailure=RETHROW, sufficient=false, attributeUpdatePolicy=MERGE, mergeAttributes=[], deviceCoercionParam=null, otherCoercionParams={}]
    09:50:45,250 INFO  [org.dcm4chee.arc.coerce.impl.XSLTCoercionProcessor] (default task-1) Coerced attributes from stylesheet by coercion ArchiveAttributeCoercion2[cn=testWADOMetadata, priority=0, DIMSE=C_STORE_RQ, role=SCP, cuids=[], conditions={}, uri=xslt:${jboss.server.temp.url}/dcm4chee-arc/predecessorDocSeq.xsl, description=null, onFailure=RETHROW, sufficient=false, attributeUpdatePolicy=MERGE, mergeAttributes=[], deviceCoercionParam=null, otherCoercionParams={xsl-no-keyword=true}]
    09:50:45,772 INFO  [org.dcm4che3.net.Dimse] (EE-ManagedExecutorService-default-Thread-15) DCM4CHEE_NEW->DCM4CHEE2(1) >> 1:C-STORE-RSP[pcid=1, status=0H
      cuid=1.2.840.10008.5.1.4.1.1.2 - CT Image Storage
      iuid=1.3.12.2.1107.5.8.1.12345678.199508041416590861483 - ?
      tsuid=1.2.840.10008.1.2 - Implicit VR Little Endian]
    09:50:45,774 INFO  [org.dcm4che3.net.Association] (default task-1) DCM4CHEE_NEW->DCM4CHEE2(1) << A-RELEASE-RQ
    09:50:45,777 INFO  [org.dcm4che3.net.Association] (EE-ManagedExecutorService-default-Thread-15) DCM4CHEE_NEW->DCM4CHEE2(1) >> A-RELEASE-RP
    09:50:45,777 INFO  [org.dcm4che3.net.Association] (EE-ManagedExecutorService-default-Thread-15) DCM4CHEE_NEW->DCM4CHEE2(1): close Socket[addr=localhost/127.0.0.1,port=21112,localport=50839]
    
  • Verify in the attributes on the second DCM4CHEE 5 archive

⚠️ **GitHub.com Fallback** ⚠️