In picture archiving and communication systems (PACS) [H.K. Huang, PACS: Basic Principles and Application, 1st ed., Wiley-Liss (1998); K.J. Dreyer, A. Mehta, J.H. Thrall, PACS: A Guide to the Digital Revolution, I st ed., Springer Verlag (200 1)], digital image data were stored and retrieved centrally. Clinicians and radiologists have the convenience of instant and simultaneous access to images and reports from multiple locations. In a filmless hospital [E.L. Siegel, R.M. Kolodner, Filmless Radiology, Reprint ed., Springer Verlag (2001)], with the availability of image servers, integrity of data and security of the system were the most important tasks during the design of a PACS. However, there is no single solution for the security of PACS. A comprehensive information security management system (ISMS) is required for the monitoring of the security of PACS. In this paper, the security of PACS is presented as a mechanism by which organization can manage and protect all information assets by ensuring data confidentiality, integrity and accessibility according to ISO17799 and BS7799 standards. Implementation of the ISMS involved system redesign, change of workflow, staff retraining, communication, social engineering and documentation control. (C) 2003 Elsevier Science B.V. and CARS. All rights reserved.
