Medical imaging lifecycle management, part 2: The story continues…
Share this page
Tony Turner
"ILM" stands for information lifecycle management, but in enterprise imaging it stands for image lifecycle management. As we discussed in part 1 of this series, it’s a data retention efficiency tool that’s used to manage an imaging study over its lifespan. ILM involves moving older imaging studies to a cheaper tier of storage to keep the cost of managing the studies as low as possible. What is not commonly talked about in ILM discussions is the protection and management throughout the entire life of the study.
Because enterprise imaging makes up the bulk of the data stored within a hospital organization, it’s a prime target for ransomware attacks. We’ve all read in the news about how rampant ransomware attacks are, daily costing healthcare organizations millions of dollars. Each day, the threat landscape becomes more sophisticated and increasingly dangerous for IT environments. IT departments are expected to manage and maintain data securely throughout its lifecycle.
Medical image lifecycle “protection” and management
Protecting any electronic data isn’t an easy task these days. But for medical images, safeguarding protected health information (PHI) for multiyear retention periods regulated by each state can be especially daunting. How do you control who can access the data? How do you monitor the data to know whether anyone has tampered with it? What happens if the data becomes corrupted or affected by ransomware? You need to consider and address each of these questions when dealing with PHI data, not just imaging data.
An easier way to lay out an ILM strategy is to define layers. Layers are individual and distinct but should work together as a system. This approach creates an environment that minimizes risk and allows you to execute recovery procedures more efficiently and consistently. Data layers consist of the following:
- Infrastructure layer
- Backup and retention layer
- Compliance and classification layer
- Control and access layer
- Monitoring layer
- Data expiration and removal layer
In the next post in this series, “Medical imaging lifecycle management, part 3: The rest of the story…,” we’ll dive deeper into each of these layers.
Learn more
ILM techniques can be super-valuable to organizations that are struggling to manage mounds of medical imaging data, especially in very large environments. To be successful, you need to understand the technology and limitations of the imaging vendor, all aspects of the imaging department’s workflows, and business objectives. Careful planning and involvement of key stakeholders across the organization is also important. Often overlooked is the data protection and security needed to manage the imaging data over the lifetime of the image.
To learn more, check out these resources:
- Datasheet: Security Features in ONTAP 9
- Technical Report: The NetApp Solution for Ransomware
- Technical Report: Security Hardening Guide for NetApp® ONTAP® 9
Tony Turner
Tony has 29 years of medical imaging and healthcare IT experience. At NetApp, he manages several medical imaging vendors and provides industry thought leadership and education to NetApp’s healthcare business. His career began clinically as a registered radiology technologist (RT). He earned his bachelor of science degree in telecommunications with a minor in management while working nights as an RT. Over the years, he has served in several different roles designing, selling, and implementing multiple enterprise imaging solutions.
