DICOM PS3.17 2024c - Explanatory Information

YYYY.5.2 Safety Backup

Functions critical to the healthcare mission of an organization, such as access to archived images, should be designed to minimize single points of failure, such that there are multiple paths to accomplish the function under failure or emergency situations. Such reliable access to the images is a key element of patient safety, ensuring timely access to information needed for clinical decisions and treatments.

While the database management systems used byimage management systems typically have fault tolerant designs, such as redundant online storage and offline backups, the data is in a proprietary format and dependent on the DBMS software for effective use. The DBMS itself therefore becomes a single point of failure, and can become inoperable, for instance, if a license key expires, or if it is subject to a malware attack.


Malware, and in particular ransomware attacks, may initially seek to disable known DBMS backup mechanisms before attacking the main target, thus preventing alternate recovery mechanisms. DICOM Inventory objects may be sequestered in an off-line system not accessible to attack.

The Inventory SOP Instances can be used as a DBMS-independent replica of the critical data content of the database for the DICOM SOP Instances it manages. Further, if the repository instances are in DICOM File Format and referenced in the Inventory, there is the possibility of a complete alternate path to access the images in the event of an image management system failure (although certainly not as efficiently as if the system were operational).

There are many ways such a regular safety backup Inventory could be organized, using combinations of complete checkpoint Inventories, incremental date range update Inventories, partition-based Inventories, patient-based Inventories, and more. The appropriate approach will vary by the particular needs and workflow of each organization.

DICOM PS3.17 2024c - Explanatory Information