摘要
从网络安全等级保护制度1.0标准(等保1.0)到网络安全等级保护制度2.0标准(等保2.0),等保标准的名称、分类结构和安全要求都发生了很大变化。等保2.0安全通用要求中的技术部分和管理部分,细节上也有不少增强的地方。医院需要对标2.0,分析医院现有信息安全管理和等保2.0标准存在差异的地方,尽早规划和改造,以便符合等保2.0的测评标准。如果医院有云计算、物联网、移动互联网等相关的应用,还需要考虑等保2.0安全扩展要求中的测评标准,从而提升医院的信息安全水平,确保医院安全稳定运转。
From Network security level protection system 1.0 standard(Information security protection of 1.0)to Network security level protection system 2.0 standard(Information security protection of 2.0),many changes have taken place in the name,classification structure and safety requirements.The technical part and the management part of the general requirements of 2.0 also have many en hancements in details.The hospital needs to check the standard 2.0,and analyze the differences between the existing information secu rity management and 2.0 standard in order to plan and reform as soon as possible and meet 2.0 security standard.If the hospital has cloud computing,Internet of things,mobile Internet and other related applications,we also need to consider the evaluation criteria in the requirement of 2.0 security expansion,in order to improve the level of hospital information security and ensure the safe and stable operation of the hospital.
作者
李先锋
曹亮
刘熠斐
吴飞
施建文
Li Xianfeng;Cao Liang;Liu Yifei;Wu Fei;Shi Jianwen(The information department of Xinhua Hospital affiliated to the medical college of Shanghai Communication University,Shanghai 200092;The information department of Xinhua Hospital chongming branch affiliated to the medical college of Shanghai Communication University,Shanghai 200092)
出处
《江苏卫生事业管理》
2020年第3期344-347,共4页
Jiangsu Health System Management
基金
上海市卫健委2019年政策研究课题(2019HP51)。
关键词
等保1.0
等保2.0
医院信息安全管理新要求
Information security protection of 1.0
Information security protection of 2.0
Hospital information security management New requirements
