Information Security Management System for the Hospital

• Main Authors: Cheng-Chiu Lei, 雷誠久
• Other Authors: Shi-Jim Yen
• Format: Others
• Language: zh-TW
• Published: 2007
• Online Access: http://ndltd.ncl.edu.tw/handle/3fyzjb

碩士 === 國立東華大學 === 資訊工程學系 === 95 === Digitalization jeopardizes information security wherever it is applied, and hospitals are not an exception. The information they possess is very personal, while the trust between the patient and the hospital is one basic factor for quality care. Therefore hospital information security and privacy are major issues that cannot be ignored. This research uses case study methods to observe and understand the information security management system of our research subject. We used a four point scoring survey that was developed on the basis of “ISO/IEC 27001”to develop models that could verify their information security management systems. Our research subject was the first hospital under the jurisdiction of the Department of Health and the first in Taiwan to receive an ISO/IEC 27001:2005 certificate. Therefore, their information security management is very good and can be viewed as a standard for others to follow. We have come up with some extremely constructive suggestions via our extensive research. These suggestions and experience will be presented to our hospital, provided to future researchers, and serve as reference for those that wish to use such a system.