医院网络安全治理的实施路径--从《医院信息互联互通标准化成熟度测评方案(2020年版)》看医院网络安全治理

An implementation path of hospital cybersecurity governance:a view of hospital cybersecurity governance from the hospital information interconnection standard maturity evaluation plan(2020 Edition)

目的指导医院对标开展网络安全治理,完善网络安全防护体系,提升网络安全防护能力。方法通过研究《医院信息互联互通标准化成熟度测评方案(2020年版)》指标体系,从硬件基础设施、网络安全、环境安全、应用安全、数据安全、隐私保护、管理安全7个维度开展分析,对36家参评医院的网络安全治理实施效果开展调研分析。结果医院按照互联互通测评指标要求开展网络安全治理,对医院加强网络安全等级保护工作,提升网络安全防护能力具有促进作用。结论从《医院信息互联互通标准化成熟度测评方案(2020年版)》指标体系可形成一种有效的医院网络安全治理实施路径,该实施路径对医院开展网络安全治理具有重要指导和借鉴意义。

Objective To further guide the hospital to carry out the activities of cybersecurity governance,perfect the cybersecurity protection system and improve the capacity of cybersecurity protection.Methods The index system of Hospital Information Interconnection Standard Maturity Evaluation Plan(2020 Edition)was researched,and an analysis was conducted from seven dimensions including hardware infrastructure,network security,environment security,application security,data security,privacy protection,and management security in addition to investigating and analyzing the implementation effect of cybersecurity governance in 36 hospitals who participated in Hospital Information Interconnection Standard Maturity Evaluation.Results The hospital carries out the activities of cybersecurity governance in accordance with the index system of Hospital Information Interconnection Standard Maturity Evaluation Plan(2020 Edition),which plays a promoting role in strengthening the work of classified protection of cybersecurity and improving the cybersecurity protection ability of the hospital.Conclusion An effective implementation path of hospital cybersecurity governance can be formed from the index system of Hospital Information Interconnection Standard Maturity Evaluation Plan(2020 Edition).This implementation path has important guidance and reference significance for the hospital to carry out the activities of cybersecurity governance.