Today, an individual's health is being monitored for diagnosis and treatment of diseases upon analyzing various medical data such as images and signals. Modifications of this medical data when it is transferred over an open communication channel or network leads to deviations in diagnosis and creates a serious health issue for any individual. Digital watermarking techniques are one of the solutions for providing protection to multimedia contents. This chapter gives requirements and various techniques for the security of medical data using watermarking. This chapter also demonstrates a novel hybrid watermarking technique based on fast discrete curvelet transform (FDCuT), redundant discrete wavelet transform (RDWT), and discrete cosine transform (DCT). This watermarking technique can be used for securing medical various types of medical images and ECG signals over an open communication channel.
Top1. Introduction
In recent days, treatment and diagnosis of the patient are being solved by various types of medical data which is in the form of images or signals such as Magnetic Resonance Imaging (MRI), X-RAY, Computerized Tomography (CT) and Ultrasound (US), ECG signals and EEG signals. This medical data of the patient is transferred from one doctor to another doctor for better health solution and treatment. Transferring medical data over a transmission medium is known as telemedicine and is defined by The American Hospital Association (AHA) as:
the use of medical data exchanged from one site to another via electronic communications to improve a patient’s clinical health status, including an increasing variety of applications and services using two-way video, email, smart phones, wireless tools and other forms of telecommunications technology (American Hospital Association, 2015; Yassin, 2015).
The telemedicine or Teleradiology application includes emergency treatment, home monitor, military applications and medical education (Yassin, 2015) and ehealth, where the security and privacy of medical data are always associated with them. Hence, there is a need for development of methodologies or techniques that can fulfill the security requirement of the application.
Since last decade, various researchers and different agencies are working on to design of various techniques, rules, and standards for security and privacy requirements of medical information in teleradiology application. The first international standard for security of medical data is developed by International Standard Organization in 2008 and whose name is ISO 27799:2008 (ISO 27799:2016, 2016). In 2016, this standard is revised and is used for security management of medical data. This standard defined different security and quality parameters for various types of medical data like medical images, medical videos, and medical signals. Also, some countries defined their own standard for security of medical data. For example, USA has used the standard Health Insurance Portability and Accountability (HIPAA) (HIPAA, 1996) and Code of Federal Regulations numbers 45 (CFR 45) (CFR 45, 2010). Also, in 1983, American College of Radiology (ACR) and the National Electrical Manufacturers Association (NEMA) has made one agency by name Digital Imaging and Communication in Medicine (DICOM) (DICOM, 2009) for developing a standard database for medical data and rules for security of medical data.
To design and implement security mechanisms based on available standards for privacy and security of medical data, various teleradiology models are designed by the researchers. Ruotsalainen (Ruotsalainen, 2010) developed a standard model for online transmission and for offline transmission. The online transmission of medical data is done via the internet and offline transmission of medical data is done via hard copy, hard disk or floppy. He also pointed out various security requirements for models used in teleradiology applications. In any standard teleradiology model, privacy and security of medical data are affected at mainly three points which are indicated in Figure 1.
Figure 1. Standard teleradiology model
Security is needed in the following cases: 1. When medical data is stored at system database of hospital or data is transferred from one doctor to another doctor within a hospital. 2. When medical data is transferred from one hospital to another hospital or remote treatment house via online transmission or offline transmission. 3. The security of medical data at the remote treatment house. In all these cases, the corruption or modification of medical data is possible, which may lead to wrong diagnosis and treatment of the patient. When designing any model for teleradiology applications, the model must fulfill the various security requirements which are mentioned below (Ruotsalainen, 2010; Baur, Engelmann, Saurbier, Schroter, Baur, & Menizer, 1997):