The Massachusetts General Hospital did a press release last week about the OHIF viewer and its use in the fight against COVID 19. MGH is the original and largest teaching affiliate of Harvard Medical School, Boston, MA, USA. They support the OHIF foundation, and OHIF and its members are developing and contributing to libraries and tools like Cornerstone which power many medical image viewers including the Nextcloud DICOM viewer.
The use of OHIF/Cornerstone imaging technology as a web viewer for the Nextcloud open-source file sharing platform is being made available for free to help save lives during this COVID-19 crisis. This type of integration is exactly the kind of use of open source software that we envision to benefit the medical sector and it is our main motivation behind building open, easy access technology and imaging platforms for medical data.
— Gordon J. Harris, Professor of Radiology at Harvard Medical School, Director of 3D Imaging at the Massachusetts General Hospital and President of the Open Health Imaging Foundation
The DICOM viewer was developed by Aysel Afsar and we wrote about this when the app was initially released and did again in an update some time later. The usage of the app is rather wide spread, as Aysel figured out when she received a thank-you email for her work from Dr. Nelson A. Gody, chief radiologist in a hospital in the city of São Paulo, southeastern Brazil.
I come to wish you my gratitude for the Nextcloud Dicom Viewer app. In such a delicate and difficult moment, DICOM Viewer contributes free, simple, fast and efficient as an early diagnosis tool and report of 122 viral pneumonia exams compatible with COVID-19 in several regions of BRAZIL, in the last 15 days. Thank you very much from the heart.
It is absolutely great to see open source technology enabling doctors around the world to do their work safely, quickly and without having to hand over personal, medical data from patients to foreign and proprietary tools.
Upcoming in Nextcloud Hub: more advanced HIPAA compliance features
At Nextcloud we are of course supportive of the use of Nextcloud Hub in the medical sector! Several dozen Nextcloud customers in the medical sector have deployed Nextcloud over the last few years. This includes a Ministry of Health in the middle east, more than a dozen medical institutes and hospitals in European countries as well as many the US, UK and Australia. There is also a number of regional Red Cross organizations and several international research organizations active in disease modeling and cancer research.
To support the global fight against COVID, Nextcloud has accelerated the development of a number of security features important in medical settings. The Health Insurance Portability and Accountability Act (HIPAA) requires applications to implement a series of security features. Nextcloud Hub version 19 will support several new capabilities and introduce a compliance app providing an overview of the current compliance status. This will facilitate deployment of Nextcloud Hub in HIPAA compliant settings.
Achieving HIPAA compliance
The HIPAA compliance regulation sets out a range of guidelines around security. In many cases, organizations are allowed to use alternative solutions than what is recommended. Those alternatives have to provide equivalent protection and the organizations have to justify the change. Of course, as requirements and best practices change over time, so should the protections that are employed in real life situations.
As an example of those changes, think of passwords. Once upon a time, we thought the best passwords are inscrutable, hard to remember series of random characters that include lower and upper case characters, numbers and special characters. Passwords had to be changed regularly, often every 30 days. As a well known XKCD comic explains, the real security provided by these measures was limited!
Nextcloud Hub currently offers a wide range of protections for users. Let me highlight a few:
These features are of course part of a process focusing on security in our development processes and complemented with browser and encryption-related security features and more. All of this is backed by our USD 10.000 security bug bounty program!
This gives healthcare organizations a wide range of capabilities to rely on when protecting personal medical data. To enable Nextcloud Hub to fit in the various implementations and local regulatory environments, we are working on a number of additional measures that can allow Nextcloud Hub to fullfill the specific HIPAA requirements that a health care provider has identified and complies with.
The improvements under development include:
The introduction of automatic logout
Password reuse limitations
Automatic account locking in response to failed login attempts
Most of these will come with the upcoming Nextcloud Hub release next month. As compliance is such a specific thing, we have contemplated creating a compliance checking app but this will have to be put together separately for each health care customer if they wish. Often, specific changes have to be made for the internal compliance review, which we help with.
In the end, however, the result is that hospitals and other healthcare providers can benefit from the secure, efficient collaboration and communication Nextcloud offers!
It is exciting to see Nextcloud continuing to make progress in the area of security and privacy, becoming an even more versatile tool for use with private and medical data.
— Aysel Afsar, lead developer on the Nextcloud DICOM viewer
Nextcloud users know the importance of integrating different systems and tools to create a seamless workflow. Nextcloud Enterprise allows you to integrate with Microsoft environments for file storage, user directory, Outlook, Sharepoint, Windows Desktop, MS Office online server, and Teams. And now, we are excited to announce a new addition to our lineup: the Nextcloud […]
6 years ago, Nextcloud was just a file-sync-and-share solution similar to Dropbox. Today, we are a Content Collaboration Platform giving you a complete online productivity platform with integrated features from Talk, Office, Groupware and hundreds of apps. Every day, you choose us to be your Content Collaboration Platform, and every year we provide you with […]
Now that Hub 4 has been released, it’s time to introduce the Nextcloud Ethical AI Rating. Progressively, there are more and more risks associated with computer intelligence, and as a transparent software company we have the responsibility to intervene and protect our users. Recently, Microsoft laid off its entire ethics and society team, the team […]