英文摘要 |
With the advancement and development of computer information technology era , in the use of daily life of Chinese medicine treatment industry in many different information systems , medical institutes to conduct data exchange between them is already a trend of the times , medical and health institutions continuously use the computer and network success to increase the performance of the work , in order to reduce paperwork and human costs of waste , but also relatively to medical institutions increased by a lot of information security issues, so information security management becomes relevant units are an important issue , and information systems are often affected survival and competitiveness of an organization , how to build a good , appropriate hospital information system (Hospital Information System, HIS) to improve service efficiency and quality of care hospitals , medical institutions at all levels must face. NHI response to e-government push to build NHI IC cards and electronic medical records exchange technology , supplemented by information security training hospital personnel seeds provide ISO 27001:2005 international standards for information security management certification services by 2013 February 8 date the country has 93 verified. Establishing information security management system ( referred to as : ISMS) is a set of standards, which details the establishment , implementation and maintenance of information security management system requirements, the 27K series expands the scope of information security , not only contains the privacy , confidentiality and information technology level, but also includes many aspects , including legal , personnel management, materials management , etc., so that it can be suitable for the organization of various sizes . Its ultimate aim is to establish the need for enterprise information security management system. Therefore, this integration of ISO 27001 & 27002,27799 international standards such as ISO , ISMS management security measures be discussed , is expected to provide a multiplier effect for the medical information. |