Fuji Synapse Not HIPAA Compliant?

CI writes:

Our group of 7 FTE Radiologists is in an interesting predicament. We have been using Fuji Synapse for over 3 years for in-house PACS and we are filmless for all modalities. We do a total of 140K exams a year. For the last three years our group has been pushing the hospital to provide web access to the referring docs using Synapse and they refused claiming that Synapse, outside of the intranet, is not HIPA compliant. (Synapse uses Internet explorer which can leave copies of the downloaded images on the browsing computer). So, the hospital started looking at Stentor a year and half ago. Initially we were all excited but w found out that Stentor was not able to display the Fuji CR images properly on their system. Stentor was able to fix this for new images comparisons still look pretty bad. Most radiologists also do not like the scrolling in stentor (it is too fast when you hold the mouse down or too slow to scroll one image at a time). Our referring docs are finding it a pain to navigate stentor, and clearly it is not as intuitive as Synapse. The rads want to keep Synapse and the hospital is pushing for Stentor. The rest of the hospitals in our system have gone with Stentor. (interestingly none of them have used Synapse before). Any body out there with any experience with these systems or have any general advice please post…..

This is certainly a new one on me! I replied: Yours is the first complaint of that sort I have ever heard about Synapse. It seems an extreme measure to bring in another (expensive) system to do what Synapse will already accomplish for the cost of connection. Your hospital/IT people have taken a view that is more extreme than any other hospital in the country using any web client. They ALL cache stuff on the home computer in some form. It is possible to clear the cache on any IE set-up, and probably this could be automated with a very simple script, thus saving you literally thousands if not millions of dollars. I’ll be glad to collect 10% for my trouble.

If your IT folks are correct, every last system using a web-client for call isn’t HIPAA compliant, and millions of dollars are out the window. I really don’t think so. Yet another example of IT not totally understanding how something in PACS functions, but shoving their view down our throats anyway. I don’t know about the HIPAA regs that specifically mention cached images. In general, (and I am far from an expert on this), the regs are there to make sure that images only are available to the intended viewing party. Thus, there should be nothing limiting the access of your rads at all. The only question would come if they temporarily installed Synapse on, say, a friend’s computer. In any case, I think your IT department is way, way off base here.

Addendum: I just did a Google search…I couldn’t answer the question specifically, but I came across the instruction sheet to connect to a Synapse system over the web in the manner we are discussing for three separate radiology groups. I am familiar with two of these groups, and I seriously doubt that your IT people have found something these huge groups have neglected. Ask them why they think Stentor is any better in this regard. I am not a fan of the Synapse interface, as I have posted many times before, and in some ways I am a little surprised that you find iSite harder to use. Still, the key to all this may be in the last lines of your first post, “The rest of the hospitals in our system have gone with Stentor.” I’m guessing your IT people would rather have just one platform, and are looking for a way to get the product they know into place. (I’m assuming the same IT people cover all your places…)


4 responses to “Fuji Synapse Not HIPAA Compliant?

  1. If the only reason for the IT depts hesitation is that Synapse would leave information in the IE cache, why don’t they install a cache cleaner software?There are lots of those existing at http://www.download.com for example.

  2. It is important to understand that IE does not store or cache dicom images. It does record pointers to those images. I am assuming you authenticate with SWAT through AD. If that is true, following those pointers requires re authentication. If the person following the pointer is not set up in SWAT, they will not authenticate and will be denied access to the study. Or suppose they are a terminated employee who you neglected to remove from SWAT, surely you removed them from AD right? Well, in that case they would again fail authentication and be denied access to the study. Either way, I dont think this is a HIPPA violation.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s