De-identify radiology and imaging reports including DICOM metadata – CCPA/HIPAA-compliant de-identification per 45 CFR §164.514(b)(2)
Radiology reports and DICOM image files embed Safe Harbor identifiers in both narrative text and machine-readable DICOM header tags — patient name, MRN, date of birth, and acquisition dates appear across dozens of image frames per study. anonym.legal removes all 18 §164.514(b)(2) identifiers from report text and DICOM header attributes, producing de-identified studies for teleradiology, second-opinion networks, and medical education.
When this applies
Use this workflow when radiology reports or DICOM studies are shared with external radiologists for second-opinion review, included in medicolegal disclosures, or prepared as case-study materials for educational use, and patient identity must be removed under the Safe Harbor standard.
How anonym.legal handles it
- Upload the radiology report (PDF or DOCX) and/or export the DICOM study; the engine processes both document text and DICOM header tag format.
- For DICOM files, the engine reads all standard patient-identifiable tags (PatientName [0010,0010], PatientID [0010,0020], PatientBirthDate [0010,0030], StudyDate [0008,0020], AccessionNumber [0008,0050], InstitutionName [0008,0080]) and applies Safe Harbor transformations.
- All 18 Safe Harbor identifier categories are removed from the DICOM headers; synthetic UIDs are generated for StudyInstanceUID and SeriesInstanceUID to preserve multi-series study coherence.
- Report narrative text is processed separately: patient name, MRN, referring physician name, date of service, and institution address are detected and removed.
- Diagnostic findings, imaging measurements, Hounsfield unit values, and radiologist impressions are preserved in full.
- A de-identified DICOM export and a de-identified report PDF are produced with a combined compliance certificate.
What you provide
- DICOM study export or radiology report PDF/DOCX
- Accession number list (to verify study completeness)
- Confirmation of whether burned-in pixel annotations are present in the DICOM series
Limitations & cautions
- DICOM pixel data with burned-in patient annotations (overlaid patient name on the image pixels themselves) requires additional image-processing redaction beyond header tag removal; confirm whether your DICOM series contains burned-in PHI before relying solely on header de-identification.
- Highly specialized imaging studies — for example, a single-institution case of a very rare tumor — may retain re-identification risk from the clinical presentation itself even after identifier removal.
- DICOM de-identification is applied to tag-level data; custom private DICOM tags introduced by specific imaging vendors may require additional configuration to ensure complete PHI removal.
FAQ
Does DICOM tag-level de-identification satisfy HIPAA Safe Harbor?
Yes, provided all 18 identifier categories are addressed. DICOM tags such as PatientName, PatientID, PatientBirthDate, AccessionNumber, and InstitutionName correspond directly to Safe Harbor identifier categories and must be removed or generalized. The engine maps DICOM standard tags to Safe Harbor categories and processes them accordingly.
Are study instance UIDs replaced with new UIDs or removed entirely?
The engine replaces StudyInstanceUID, SeriesInstanceUID, and SOPInstanceUID with newly generated compliant UIDs. Full removal would break multi-series study coherence; replacement with synthetic UIDs preserves the structural relationship between images while eliminating the original patient-linked identifiers.
Can de-identified DICOM studies be uploaded to a public teaching case library?
Once de-identified under the Safe Harbor standard, the DICOM study is no longer PHI. However, clinical information in the imaging findings — a distinctive anatomical variant or a rare pathology — may make the case recognizable to treating clinicians. Review the clinical content before public release and consider Expert Determination for unusual cases.