In this paper, we will present an increased-security concept for systems administering patient-data and DICOM (digital imaging and communication in medicine) images. The system presented here is an intranet/internet-based PACS and has been developed at the institute of telematics (IT) [Hlu99]. The PACS is based on standard network-protocols and has been created using DICOM standard. See [Nem94] and [Rad99] for more information. The system components have been designed in JAVA and have been distributed onto three different computers. Two computers - equipped with several relational databases administered by JAVA servers - were assigned to the intranet-component while the third computer is located on the internet and is equipped with an user interface. The concept for increased security developed at the IT aims at protecting the intranet against the internet. Interaction between the components on the internet and within the intranet should take place via a secure connection. Patient data can either be sent encoded along with images or can be sent separately from the raw image data. System users are entered into and administered by an user database. A standard "registry" will act as the user database, allowing users to access data.