Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2025 May 18:18:100450.
doi: 10.1016/j.jpi.2025.100450. eCollection 2025 Aug.

Wearing a fur coat in the summertime: Should digital pathology redefine medical imaging?

Affiliations

Wearing a fur coat in the summertime: Should digital pathology redefine medical imaging?

Peter Gershkovich. J Pathol Inform. .

Abstract

Slides are data. Once digitized, they function like any enterprise asset: accessible anywhere, ready for AI, and integrated into cloud workflows. But in pathology, they enter a realm of clinical complexity-demanding systems that handle nuance, integrate diverse data streams, scale effectively, enable computational exploration, and enforce rigorous security. Although the Digital Imaging and Communications in Medicine (DICOM) standard revolutionized radiology, it is imperative to explore its adequacy in addressing modern digital pathology's orchestration needs. Designed more than 30 years ago, DICOM reflects assumptions and architectural choices that predate modular software, cloud computing, and AI-driven workflows. This article shows that by embedding metadata, annotations, and communication protocols into a unified container, DICOM limits interoperability and exposes architectural vulnerabilities. The article begins by examining these innate design risks, then challenges DICOM's interoperability claims, and ultimately presents a modular, standards-aligned alternative. The article argues that separating image data from orchestration logic improves scalability, security, and performance. Standards such as HL7 FHIR (Health Level Seven Fast Healthcare Interoperability Resources) and modern databases manage clinical metadata; formats like Scalable Vector Graphics handle annotations; and fast, cloud-native file transfer protocols, and microservices support tile-level image access. This separation of concerns allows each component to evolve independently, optimizes performance across the system, and better adapts to emerging AI-driven workflows-capabilities that are inherently constrained in monolithic architectures where these elements are tightly coupled. It further shows that security requirements should not be embedded within the DICOM standard itself. Instead, security must be addressed through a layered, format-independent framework that spans systems, networks, applications, and data governance. Security is not a discrete feature but an overarching discipline-defined by its own evolving set of standards and best practices. Overlays such as those outlined in the National Institute of Standards and Technology SP 800-53 support modern Transport Layer Security, single sign-on, cryptographic hashing, and other controls that protect data streams without imposing architectural constraints or restricting technological choices. Pathology stands at a rare inflection point. Unlike radiology, where DICOM is deeply entrenched, pathology workflows still operate in polyglot environments-leveraging proprietary formats, hybrid standards, and emerging cloud-native tools. This diversity, often seen as a limitation, offers a clean slate: an opportunity to architect a modern, modular infrastructure free from legacy constraints. While a full departure from DICOM is unnecessary, pathology is uniquely positioned to prototype the future-to define a more flexible, secure, and interoperable model that other domains in medical imaging may one day follow. With support from forward-looking DICOM advocates, pathology can help reshape not just its own infrastructure, but the trajectory of medical imaging itself.

Keywords: AI-driven diagnostics; DICOM; Digital pathology; HL7 FHIR; Healthcare cybersecurity; Interoperability; Modular design; Pathology informatics; Workflow orchestration.

PubMed Disclaimer

Conflict of interest statement

The authors declare the following financial interests/personal relationships which may be considered as potential competing interests: Peter Gershkovich reports a relationship with Applikate Inc. that includes: consulting or advisory. If there are other authors, they declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this article.

Figures

Fig. 1
Fig. 1
OCR - reported healthcare provider data breaches by location and impact in the past 3 years.
Box 1
Box 1
NIST definition of modularity Source: NIST SP 800-160 Vol 1 – Systems Security Engineering
Fig. 2
Fig. 2
Side-by-side comparison of the monolithic DICOM stack (left) and a modular, cloud-native architecture (right). In the monolithic model, pixel data, metadata, annotations, communication protocols, and security controls are bound together inside a single DICOM envelope, creating tight coupling and limiting scalability. The modular stack separates these concerns into discrete services: pixel data stored in cloud-optimized file formats (e.g., OME-TIFF, Zarr), metadata exposed through HL7 FHIR APIs, and annotations exchanged as GeoJSON/SVG. A NIST SP 800-53 security overlay spans all layers, while an API/micro-service tier enables AI inference engines and cloud storage to interact with each component independently, reducing vendor lock-in and lowering migration costs. *The architecture is format-agnostic: additional pixel formats (e.g., BigTIFF, DZI), databases (SQL or NoSQL), or annotation standards can be substituted as they mature, allowing each layer to evolve independently and supporting rapid adoption of future standards.

References

    1. Eichelberg M., Kleber K., Kämmerer M. Cybersecurity in PACS and medical imaging: an overview. J Digit Imaging. 2020;33(6):1527–1542. doi: 10.1007/s10278-020-00393-3. - DOI - PMC - PubMed
    1. Larobina M. Thirty years of the DICOM standard. Tomography. 2023;9(5):1829–1838. doi: 10.3390/tomography9050145. - DOI - PMC - PubMed
    1. PV24 Agenda. DPA. https://digitalpathologyassociation.org/pv24-agenda Accessed December 12, 2024.
    1. Azure Health Data Services DICOM Conformance Statement version 2 for Azure Health Data Services. April 22, 2024. https://learn.microsoft.com/en-us/azure/healthcare-apis/dicom/dicom-serv... Accessed December 3, 2024.
    1. Hipp J.D., Fernandez A., Compton C.C., Balis U.J. Why a pathology image should not be considered as a radiology image. J Pathol Inform. 2011;2:26. doi: 10.4103/2153-3539.82051. - DOI - PMC - PubMed

LinkOut - more resources