Burned-in annotation is human-readable text or graphical information—such as a patient's name, medical record number, or date of birth—that has been irreversibly fused into the pixel matrix of a medical image by the acquisition modality. Unlike metadata stored in DICOM tags, this data is part of the image itself and cannot be removed by simply stripping header fields, requiring specialized computer vision techniques for detection.
Glossary
Burned-in Annotation

What is Burned-in Annotation?
Burned-in annotation refers to patient-identifying text or graphics permanently rendered into the pixel data of a medical image, which must be recognized and removed during the de-identification process.
During the DICOM de-identification process, burned-in annotations represent a critical risk for re-identification if not addressed. Automated systems must employ optical character recognition (OCR) and region-of-interest analysis to locate and redact these burned-in elements, often by overwriting the affected pixel regions with a black box or neutral value, ensuring compliance with HIPAA Safe Harbor and DICOM Part 15 confidentiality profiles.
Key Characteristics
The defining traits of patient-identifying information permanently fused into pixel data, and the technical challenges it poses for medical image de-identification.
Permanent Pixel-Level Integration
Burned-in annotations are text or graphics rasterized directly into the image's pixel matrix, not stored as a separate overlay layer. This means the identifying data is an inseparable part of the image content itself. Unlike DICOM header tags, which can be modified with a simple metadata edit, removing a burned-in annotation requires destructive image processing such as cropping, inpainting, or pixel redaction. This permanence is the core challenge for de-identification, as standard DICOM anonymization tools that scrub headers are completely ineffective against this data.
Common Sources in Clinical Workflows
Burned-in annotations typically originate from modality workstations and secondary capture devices that render patient demographics directly onto the image for visual confirmation. Common sources include:
- Ultrasound machines that overlay patient name and ID on each frame
- Ophthalmology fundus cameras that burn-in MRN and exam date
- Endoscopy video processors that stamp demographics on captured stills
- Secondary Capture SOP Class conversions from non-DICOM formats, where a screen capture includes visible PHI
- Legacy film digitizers that scan physical films with embedded text labels
De-Identification Techniques
Removing burned-in annotations requires computer vision-based detection followed by pixel manipulation. The standard workflow involves:
- Optical Character Recognition (OCR) to locate text regions within the image
- Bounding box detection using object detection models trained on annotation patterns
- Inpainting algorithms that fill redacted regions with contextually plausible pixel data
- Black-box redaction as a simpler but more destructive alternative
Modern approaches leverage deep learning-based text detection (e.g., CRAFT, EAST) combined with generative inpainting models to minimize image quality loss while ensuring irreversible removal.
DICOM Part 15 Compliance Requirements
The DICOM Standard Part 15 (Security and System Management Profiles) explicitly addresses burned-in annotations under the Clean Pixel Data Option. To comply with the Basic Application Level Confidentiality Profile, any Protected Health Information (PHI) rendered in pixel data must be removed. The standard recognizes that this is fundamentally different from header de-identification and requires:
- Visual confirmation that no PHI remains in the image area
- Documentation of the redaction method in the de-identification audit trail
- Preservation of clinical image content outside the annotation region
- Modification of the Burned In Annotation tag (0028,0301) to 'YES' if annotations remain, or removal of the tag if successfully cleaned
Re-Identification Risk Vectors
Burned-in annotations present unique re-identification risks beyond the obvious visible text:
- Partial redaction failures where OCR misses text due to unusual fonts or low contrast
- Multi-frame DICOM objects where annotations appear on only a subset of frames
- Compression artifacts that leave ghost traces of redacted text in JPEG-compressed images
- Private tags that may contain a secondary copy of the burned-in data
- Structured overlay planes that exist alongside burned-in data and require separate processing
A robust de-identification pipeline must validate all frames and account for these edge cases to prevent inadvertent PHI leakage.
Burned In Annotation Tag (0028,0301)
DICOM defines the Burned In Annotation attribute (0028,0301) as a critical flag for de-identification workflows. This tag indicates whether the image contains patient information burned into the pixel data:
- 'YES': The image contains burned-in annotations that must be addressed before sharing
- 'NO': The pixel data is free of identifying text or graphics
However, this tag is often unreliable or absent in real-world data. Many modalities fail to populate it correctly, requiring de-identification systems to perform independent visual analysis rather than trusting the metadata flag. Automated detection of burned-in annotations is therefore a necessary safeguard in any production de-identification pipeline.
Frequently Asked Questions
Common questions about the detection, removal, and regulatory implications of patient-identifying text permanently rendered into medical image pixel data.
A burned-in annotation is patient-identifying text or graphics that has been permanently rendered into the pixel data of a medical image, rather than stored as separate metadata in the DICOM header. This typically occurs when a modality or post-processing workstation overlays information such as patient name, medical record number, date of birth, or institution name directly onto the image bitmap during acquisition or screen capture. Unlike DICOM header tags, which can be easily modified or removed, burned-in annotations require optical character recognition (OCR) and inpainting techniques to identify and redact. The presence of burned-in annotations is a critical concern during the de-identification process, as failing to remove them constitutes a breach of protected health information (PHI) under HIPAA and similar global privacy regulations. The DICOM standard explicitly tracks this risk through the Burned In Annotation attribute (0028,0301), which flags whether the image contains such permanently embedded text.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Burned-in annotation removal is one component of a comprehensive de-identification strategy. These related concepts form the complete workflow for protecting patient privacy in medical imaging.
DICOM Anonymization
The irreversible process of removing all identifying information from a DICOM data set, including:
- Burned-in annotations rendered into pixel data
- Private tags that may contain vendor-specific PHI
- Unique Identifiers (UIDs) that could enable re-identification
- Structured report content with embedded names or dates
Unlike pseudonymization, true anonymization breaks all links to the original patient identity, making re-identification impossible. This is critical for creating compliant research datasets under HIPAA Safe Harbor rules.
DICOM Pseudonymization
The process of replacing identifying DICOM data elements with artificial identifiers or pseudonyms rather than removing them entirely. Key characteristics:
- Preserves longitudinal data linkage across multiple studies
- Maintains a mapping table between real and pseudonymous IDs
- Allows re-identification under controlled, authorized conditions
- Requires burned-in annotation removal to prevent visual re-identification
Pseudonymization is preferred for clinical trials where tracking patient outcomes over time is essential while still protecting privacy during analysis.
Protected Health Information (PHI)
Under HIPAA, 18 specific identifiers must be removed from medical data to achieve de-identification. In the DICOM context, PHI includes:
- Patient Name (Tag 0010,0010) and Patient ID (0010,0020)
- Study Date (0008,0020) and Institution Name (0008,0080)
- Burned-in annotations showing names, dates, or medical record numbers
- Private tags that vendors may use to store identifying information
A single missed PHI element—especially in pixel data—can invalidate an entire de-identification effort and create regulatory liability.
Secondary Capture
A DICOM SOP Class for images converted from non-DICOM formats or captured from video signals. These images are particularly problematic for de-identification because:
- They often contain extensive burned-in annotations from legacy systems
- They lack the structured header metadata of native DICOM objects
- Text may be non-standard in position, font, and format
- Optical Character Recognition (OCR) may be required for detection
Secondary capture images from ultrasound or endoscopy frequently require specialized burned-in annotation detection algorithms.
DICOM Structured Report
A DICOM information object that encodes clinical observations as structured, machine-readable text with coded concepts. De-identification challenges include:
- Content items may contain embedded patient names or dates
- Coded concepts can inadvertently reveal rare conditions that enable re-identification
- Relationships between content items must be preserved during cleaning
- Burned-in annotations in referenced images must also be addressed
Structured reports require both header-level and content-level de-identification to achieve full compliance.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us