Global Remote Incident Prevention
King Abdulaziz Specialist Hospital (KASH) at Taif, is one of the top 10 hospitals in the Ministry of Health in Saudi Arabia. It has been rewarded the JCI certificate (Joint Commission International) in July 2012. The hospital has applied all JCI standers and finally passed the survey successfully. (IT, 2012)
Moreover, KASH provides medical services to patients in the hospital. One of the major services in KASH is Radiology Information System (RIS), and how doctors can diagnose the patient's symptoms after several investigations can be seen through the network. Instead of going to the radiology modalities, having the cassette reader (CR) filmed manually, then prepare the patient report. It is done easily now by a new system. (IT, 2012)
In this project the concentrate will be on the PACS system and its infrastructure, and how incident can be prevented from occurring. The key is joining a response incident team as an outsource support to keep auditing the PACS system.
PACS Cluster Server
KASH has contracted with AGFA Health Care Company (Worldwide, 2013) which provides a great project called Picture Archive Communication System (PACS). PACS is a huge system. It has a cluster server (7 servers see table 1) located in the data center of information technology department at the hospital. Also the PACS has a software called (IMPAX) is installed in every client in the network. IMPAX has also an important database of patient's record. Thus it has a web viewer that each doctor can view the patient's image and report easily.
The main purpose of PACS system is to archive patients' radiology images. Therefore it allows doctors to access patient's images and reports by the time patients have done their radiology examination. It is also keeping the history of patients available in case of reviewing it back for any purpose. (Rouse, 2013)
1 RIS Database
2 PACS Database
3 Connectivity Manager
6 Work Follow Manager
Table 1 PACS Server Cluster
PACS system is a new advanced technology that has been experienced by our medical staff and makes their job goes smoothly without any difficulty. However, being dependant to the technology needs some assurances that this technology will stand whenever they request it.
PACS Cluster Vulnerabilities
According to IT department's down time records, the high rate of interruption of service were documented in the records was referred to PACS denial of service (Stalling, Computer Security : Principles and Practice., 2012) from September until November 2013. The system was down at least once every week. Furthermore, some time the troubleshooting extends one or two days to recover the system.
Fiuger1 Examples of denial of service of PACS (IT, 2012)
Activity Text CSR Team Date Done?
CLOSE Call Close by Semichev Vyacheslav: Repair QStar,...