Google Cloud Healthcare
The Google Cloud Healthcare API is a powerful option for storing medical imaging data in the cloud.
An alternative to deploying your own PACS is to use a software-as-a-service provider such as Google Cloud. The Cloud Healthcare API promises to be a scalable, secure, cost effective image storage solution for those willing to store their data in the cloud. It offers an almost-entirely complete DICOMWeb API which requires tokens generated via the OAuth 2.0 Sign In flow. Images can even be transcoded on the fly if this is desired.
Setup a Google Cloud Healthcare Project
Create a Google Cloud account
Create a project in Google Cloud
A project in Google Cloud can be created by clicking the projects drop down box.
And then clicking the
NEW PROJECTbutton in the top-right corner of the dialogue that is displayed.
Enable the Cloud Healthcare API for your projecttip
An API can be enabled through the
APIs & Services > Enabled APIs & Servicesconsole and clicking the
+ ENABLE APIS AND SERVICESbutton.tip
The principal (i.e. account) that is enabling the Cloud Healthcare API will require the following roles that can be set in the
IAM & Admin > IAMconsole for the desired project.
- Service Usage Viewer
- Service Usage Admin
Roles can be added to a principal in the
IAM & Admin > IAMconsole by clicking the
Edit principal(i.e. pencil) icon to the right of a principal or by clicking the
GRANT ACCESSbutton at the top of the list of principals. The
GRANT ACCESSbutton is particularly useful if the
Edit principalicon is disabled.
(Optional): Create a Dataset and DICOM Data Store for storing your DICOM datatip
To both list existing datasets as well as create a new dataset for your project, the principal (i.e. account) must have the following roles enabled in the
IAM & Admin > IAMconsole.
Enable the Cloud Resource Manager API for your project.
Note: If you are having trouble finding the APIs, use the search box at the top of the Cloud console.
Go to APIs & Services > OAuth Consent Screen to create an OAuth Consent screen and fill in your application details.
Run through the three step process of adding an OAuth Consent Screen, clicking
SAVE AND CONTINUEat the end of each step.
For the Scopes step, for Google APIs, click the
ADD OR REMOVE SCOPESbutton.
Update selected scopesdialogue that flies in from the right, add the following scopes to the
Manually add scopestext box.
ADD TO TABLEand then click
Go to APIs & Services > Credentials to create a new set of credentials:
+ CREATE CREDENTIALSand from the drop down select
OAuth Client ID. See OAuth 2.0 Client ID for more information.
Choose the "Web Application" type
Add your domain (e.g.
Add your domain, plus
http://localhost:3000/callback) to the Authorized Redirect URIs.
Save your Client ID for later.
(Optional): Create a bucket containing DICOM files and import it into a Data Store
When importing a bucket into a Data Store, the following warning might be displayed indicating that the Cloud Healthcare Service Agent service account associated with the project does not have the
Storage Object Viewerrole.
The Cloud Healthcare Service Agent service account can be displayed in the
IAM & Admin > IAMconsole by checking the
Include Google-provided role grantscheckbox. The
Storage Object Viewerrole can then be granted to the Cloud Healthcare Service Agent service account.
More information regarding the Cloud Healthcare Service Agent service account can be found at https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products
(Optional): Enable Public Datasets that are being hosted by Google: https://cloud.google.com/healthcare/docs/resources/public-datasets/
Run the viewer with your OAuth Client ID
- Open the
config/google.jsfile and change
YOURCLIENTIDto your Client ID value.
- Run the OHIF Viewer using the config/google.js configuration file
APP_CONFIG=config/google.js yarn run dev