Korea Journal of Hospital Management (한국병원경영학회지)
- Volume 10 Issue 4
- /
- Pages.98-112
- /
- 2005
- /
- 1226-6299(pISSN)
A Development of the Model for Evaluating the Security of Information Systems in Health Care Organizations
의료기관의 정보보안 수준 측정을 위한 평가모형 개발
- Ahn, Sun-Ju (Dong Eui Medical Center) ;
- Kwon, Soon-Man (Graduate School of Public Health, Seoul National University)
- Published : 2005.12.30
Abstract
The purpose of this study is to develop a framework for evaluating security levels in hospitals. We classify security indicators into administrative, technical and physical safeguards. The security evaluation model for hospital information systems was applied to three general hospitals. The analysis of the results showed a low security level in information systems. In particular, requirements for administrative and physical safeguards were very low. Hospitals need strict security policies more than other organizations because their information systems contain patients' highly confidential data. The evaluation model developed in this study can be used for guidelines and as a checklist for hospitals. The security evaluation in hospital informational systems needs to be an essential element of hospital evaluation.