摘要
随着医疗卫生行业信息化建设水平不断推进,医疗卫生业务管理逻辑与价值体系对于信息系统依赖程度不断提升,信息安全隐患不断显露,信息安全保障盲点也日渐凸现,保障信息安全已经从一个宏观论调转化为新医改工程建设工作中不可规避的基础内容。本文通过对医院的重要信息系统的技术层面及管理层面进行全面评估,整理出高风险的安全需求,并结合实际业务要求,对医院整体信息系统的安全工作进行规划和设计,并逐步完成安全建设,以满足医院的信息安全目标及国家相关政策和标准的要求,同时为医疗行业内其他兄弟医院的信息安全建设提供参考依据。
Along with the continuous improvement of the information construction level of the medical and health industry, the management logic and value system of medical and health services have become increasingly dependent on information system. At the same time, with the constant exposure of the hidden danger of information security, the blind spots of information security guarantee are also increasingly prominent. Ensuring information security has changed from a macroscopic view to an unavoidable basis in the construction of the new medical reform project. The security construction of the hospital information system was used to meet the information security goals of hospitals and the requirements of relevant national policies and standards in the present study. Firstly, comprehensively evaluation was performed on the technical level and management level of the important information system in the hospital. Then, the high-risk security requirements was sorted out, and the security work of the overall information system of the hospital was planned and designed according to the actual business requirements. It might provide references for the information security construction of other brotherhood hospitals in the medical industry.
作者
汤斌
黄玉成
TANG Bin;HUANG Yucheng(Network Information Center,Xiangya Hospital Central South University(Hospital Management Institute of Central South University),Changsha Hunan 410008,China)
出处
《中国医疗设备》
2018年第9期136-140,共5页
China Medical Devices
关键词
三级等保
网络优化
信息安全
防火墙
安全管理体系
tertiary level protection
network optimization
information security
frewall
security management system
