谈医院信息系统的安全管理

Security Management of the Hospital Information System

目的实现医院信息系统安全运行,保证医院信息准确、可靠。方法采取技术与管理相结合的方法,重点做好服务器系统、数据库系统、网络系统、工作站主机系统等方面的安全管理。在技术方面,核心服务器采用群集技术,实现双机热备份模式;数据库存储系统选用稳定、可靠的磁盘阵列,并建立完善的数据库备份体系;主干网络采用双链路冗余结构设计;采用交换机堆叠技术、划分VLAN、部署硬件防火墙等技术做好接入层和边界网络安全;采取安装桌面管理系统、防病毒软件等措施,保障用户终端桌面安全。在管理方面,制定严格的安全制度,提高技术人员安全意识和业务水平。结果医院信息系统运行平稳,没有发生大的安全故障。结论只要高度重视,加大投入,医院信息系统安全就有保障。

Objective To realize the safe operation of hospital information system, hospital information accurate, reliable guarantee. Methods The combination of the technology and management methods was adopted;the server system, database system, network system, the workstation host systems and other aspects of the safety management were focused on. On the technical side, the cluster technology was used on core server, double-machine hot backup mode was realized. Database storage system processed with stable, reliable disk array, and a complete database backup system was established. The dual-link redundant structural design was adopted in backbone network. The security of accessing layer and the boundary of network was ensured by switch stacking technology, division of VLAN and deployment hardware firewall technology. To protect the user terminal desktop security, desktop management system was installed and anti-virus software measures were taken. In the management, strict security system was established toimprove the technical staff safety awareness and business level. Results The hospital information system ras smoothly, no major fault in safety occurred. Conclusion As long as it was taken seriously, and with the increase investment, the hospital information system security had safeguard.