摘要
基于新的网络安全形势,在分析疾病预防控制领域信息技术外包服务存在的安全风险基础上,以网络安全相关的法律法规为标准,梳理各个环节的安全风险控制点,进而基于底线风险思维,提出信息技术外包服务网络安全的管理模型,以供卫生健康相关部门在实际工作中不断完善制度并督促持续改进,有侧重地对信息技术外包活动实施安全管控,降低网络安全风险,共享外包收益。
By analyzing the security risks of information technology outsourcing services in the disease control industry under the new network security situation,taking the network security related laws and regulations as standards,combining the security risk control points of each link,and based on the bottom line risk thinking,this paper push forward the network security management model of information technology outsourcing services.In the actual work,we should constantly improve the system and urge the continuous improvement,guide the health departments at different levels to implement the security management requirements for IT outsourcing activities,reduce the network security risk,and share the outsourcing income.
作者
傅罡
张英杰
宋庆华
赵梓辰
FU Gang;ZHANG Yingjie;SONG Qinghua;ZHAO Zichen(Chinese Center for Disease Control and Prevention,Beijing 102206,China)
出处
《中国卫生信息管理杂志》
2021年第4期476-480,共5页
Chinese Journal of Health Informatics and Management
基金
“十三五”国家科技重大专项“艾滋病和病毒性肺炎等重大传染病防治”课题《基于海量多元大数据的突发急性传染病时空尺度预测预警模型与应用示范的构建》(课题编号:2018Z X10201002)子课题《基于多元网络和大数据网络安全态势模型建立应用及态势感知平台建设》。
关键词
疾病预防控制
信息技术
网络安全
外包服务
disease prevention and control
information technology
network security
outsourcing service
