Analysis of information security management systems at 5 domestic hospitals with more than 500 beds

Healthcare Informatics Research

Volumn 16, Issue 2, 2010, Pages 89-99

  Park, Woo Sung ^a   Seo, Sun Won ^a   Son, Seung Sik ^b   Lee, Mee Jeong ^a   Kim, Shin Hyo ^c   Choi, Eun Mi ^d   Bang, Ji Eon ^a   Kim, Yea Eun ^a   Kim, Ok Nam ^e  

^a Dankook University   (South Korea)

^b Hyundai Information Technology Co Ltd   (South Korea)

^c Electronics and Telecommunications Research Institute (ETRI)   (South Korea)

^d Catholic Kwandong University   (South Korea)

^e The Catholic University of Korea College of Medicine   (South Korea)

Author keywords

Information security; Information security management system; Personal health information protection; Security requirements

Indexed keywords

EID: 84877101940     PISSN: 20933681     EISSN: 2093369X     Source Type: Journal    
DOI: 10.4258/hir.2010.16.2.89     Document Type: Article

References (10)

1. Jung BJ. Present situation and problems of U-health-care service (Ubiquitous Society Research Series 10) [Internet]. Seoul: National Information Security Agency; 2005 [cited at 2010 May 4]. Available from: http://old.nia.or.kr/open_content/board/boardView.jspid=28795&tn=CV_0000224.
2. Kim HE, Kim JH. A survey on the attitude of social groups toward security, privacy, and confidentiality of health information: an original paper authors and affiliations. J Korean Soc Med Inform 1999; 5: 63-76.
3. Kim ON. Registration of medical information and effective data collecting of information for survey and personal information protection methods, registration of medical data and information control for survey. In: Proceedings of Korea Medical Record Association An-nual Fall Conference; 2003 September 26-27; Gyeongju. Seoul: Korea Medical Record Association; 2003. p32-35.
4. International Organization for Standardization. ISO/IEC 17799: Information technology--security techniques--code of practice for information security management. Geneva: International Organization for Standardization; 2005.
5. International Organization for Standardization. ISO/IEC 27001: Information technology--security techniques--information security management system--require-ments, international standard. Geneva: International Organization for Standardization; 2005.
6. Japanese Industrial Standards Committee. JIS Q 15001: Personal information protection management systems: requirements. Tokyo: Japanese Standards Association; 2006.
7. Korea Internet & Security Agency. ISMS certification inspection standards. Seoul: Korea Internet & Security Agency; 2008.
8. Center for Interoperable EHR. Report of development of information protection and security system. Seoul: Center for Interoperable EHR; 2009.
9. Korea Health Industry Development Institute. Guidance for hospital evaluation program. Seoul: Korea Health Industry Development Institute; 2007.
10. Lee EJ, Kim SY, Chae YM. Legislation direction for health information privacy in the telemedicine era. J Korean Soc Med Inform 2009; 15: 361-371.