Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds

서순원; 박우성; 손승식; 이미정; 김신효; 최은미; 방지언; 김예은; 김옥남

추천

검색

자료유형: 학술저널

저자정보: 서순원 박우성 손승식 이미정 김신효 최은미 방지언 김예은 김옥남

저널정보: 대한의료정보학회 Healthcare Informatics Research Healthcare Informatics Research 제16권 제2호

발행연도: 2010.1

수록면: 89 - 99 (11page)

이용수

📌

연구주제

📖

연구배경

🔬

연구방법

🏆

연구결과

초록· 키워드

오류제보하기

Objectives: The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. Methods: The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital’s current system. Results: With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. Conclusions: The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS.

#Information Security Management System #Information Security #Personal Health Information Protection #Security Requirements

참고문헌 (10)

참고문헌 신청

Center for Interoperable EHR / 2009 / Report of development of information protection and security system / Center for Interoperable EHR

International Organization for Standardization / 2005 / ISO/IEC 17799: Information technology--security techniques--code of practice for information security management / International

International Organization for Standardization / 2005 / ISO/IEC 27001: Information technology--security techniques--information security management system-- requirements, international

Japanese Industrial Standards Committee / 2006 / JIS Q 15001: Personal information protection management systems: requirements / Japanese Standards Association

Jung BJ / / Present situation and problems of U-healthcare service

함께 읽어보면 좋을 논문

논문 유사도에 따라 DBpia 가 추천하는 논문입니다. 함께 보면 좋을 연관 논문을 확인해보세요!