Evaluation of Hospital Information Systems Security
| Autor: | Zahra Meidani, Mohammad Amin Assari, Seyed Gholamabbas Moosavi, Ali Ataei-Andezag |
|---|---|
| Jazyk: | perština |
| Rok vydání: | 2017 |
| Předmět: | |
| Zdroj: | مدیریت اطلاعات سلامت, Vol 14, Iss 5, Pp 187-193 (2017) |
| Druh dokumentu: | article |
| ISSN: | 1735-7853 1735-9813 |
| Popis: | Introduction: System security includes a set of security protections related to software, hardware, personnel and enterprise policies that protect Information Systems (IS) against internal and external threats. The present study aimed to define a comprehensive security model and then, assess hospital information systems (HIS) security in three areas of administrative, physical and technical safeguards. Methods: This was a qualitative-descriptive study. The study population included 4 public educational hospitals from different regions of the country, each with a different HIS. The data collection tool was a checklist of 134 questions. In order to design a checklist, first, the security criteria were identified from the security standards. Then, HIS security requirements were determined in three areas of administrative, physical and technical safeguards through modified Delphi method. The answers to the questions of the checklist were defined as Yes “1” or No “0”. HIS security level was identified in a five-level scale ranging from very low (0%) to very high (100%). Data were analyzed by descriptive statistics such as frequency and percentage. Results: Administrative safeguards of HIS in studied hospitals with 31.8 % and physical safeguards with 25% had a low level of security. Moreover, technical safeguards of HIS in hospitals were observed to be a medium level of security with 42.6%. Conclusion: The findings of this study expose HIS security weaknesses thus providing a good basis for managers of health information management and information technology departments in hospitals to implement appropriate corrective actions in policy formulation, user training, access control and risk management, and other dimensions of managerial and physical standards. |
| Databáze: | Directory of Open Access Journals |
| Externí odkaz: |
|