Security Policy of Hospital Information System

Source: Internet
Author: User

With the development of IT information technology and the popularization of network, the modern medical environment has also changed rapidly. Information systems have been well applied in all walks of life, and they have also been greatly developed in medicine. The information system has become a key factor to ensure normal operation of hospitals. The safe and reliable hospital information system becomes more and more important for normal operation of hospitals.

The hospital information security assurance system is the most basic. Based on the actual situation of the hospital, we will first discuss the construction of the hospital information security assurance system and analyze relevant countermeasures. From the perspective of information system security, many of the technologies and techniques involved in the information security system are implemented on all aspects of the network. Without the network, the security of the information system becomes meaningless. Information System Security includes security mechanisms and security services. Security mechanisms can be understood as providing certain security services and leveraging various security technologies and techniques, a relatively complete structure system is formed. Security Services are the security service support that is provided to the information application system at all layers of the network. With the expansion of the network layer by layer, the security connotation is also more abundant, and has achieved authentication, complete permissions, encryption and undeniable five elements. Judging from the current development status of Hospital Information Systems and the security requirements for medical information system data, in hospitals, how can we ensure the confidentiality, integrity, and availability of various information in the IT system at the physical, network, system host, and application levels, improve overall protection capabilities, and standardize security management processes, ensuring the smooth operation of information systems is the key to the security of hospital information systems. However, it is unrealistic to implement a comprehensive hospital information security system in terms of the current hospital information system development status and fund investment. Since it is unrealistic to implement a comprehensive information security system, we must first focus on the main contradictions and first implement the information security system in the key links of the hospital information system. Which key links should be included in the hospital information security system and what strategies should be taken in each link? This article focuses on this.

The key aspect of the hospital information security system is hardware and software.

Hardware factors affecting Hospital Information Security

Hardware factors include the quality of the Central Data Center, servers, network equipment, lines, and maintenance personnel, which are the basis of the hospital information security assurance system.

1. Security of central data centers and servers

As the heart of the hospital information system, the central data center of the hospital should be safe and stable, including stable power supply, dedicated air conditioning equipment, Safe Lightning Protection and anti-static measures, and a sensitive monitoring and alarm system, secure firewalls. The Central Data Center of the hospital should adopt security policies in terms of temperature, humidity, electromagnetic, noise, dust, static electricity, and vibration. The temperature fluctuation should be controlled between 24 ± 1 ~ Within 2 ℃, the relative humidity fluctuation is controlled within 50% ± 5% RH. In each litre of air, the size of particles greater than or equal to 18,000 um should be less than, and the ventilation Frequency/h> 30, the pressure difference between the central data center and other rooms and corridors should not be less than 4.9, And the outdoor static pressure difference should not be less than 9.8. The data room should have an alarm system and the function of sending SMS alarms. The central data center shall provide dual-circuit power supply, with UPS equipment meeting requirements, and provide lightning protection measures.

2. network devices and their connection lines

The core switches in network equipment are like the blood supply hubs of the human body. The switches at all levels are like transfer stations. The Network cables connecting various hospital information equipment are like blood vessels leading to various places. Their importance is self-evident. Network equipment should carry out regular maintenance and inspection on hardware based on the importance of the equipment, and the software should be regularly upgraded. network equipment should be divided into security domains according to specific business needs, the connection lines of network devices should be clearly marked so that they can be accurately and timely located in case of system problems.

3. Maintenance Personnel

In the key aspect of hospital information system security, human factors are the most important, because the main risk in information system security should be that human factors account for a large proportion. Misoperations by maintenance personnel often cause huge losses to the information system.

The rapid development and updates of information systems make it possible for people engaged in information technology to keep up with the constant updates of computer technology, therefore, regular training is required for people engaged in information technology. It is best to have professional information security knowledge, and regular training is required for users of business systems to have the necessary security knowledge.

Strengthen the professional ethics training for information practitioners. The Professional Ethics of information workers plays an important role in the security of information systems, A large part of information system security problems are caused by internal personnel, which is directly related to the professional ethics of internal personnel, therefore, information technology practitioners should strengthen their professional ethics training and enhance their sense of responsibility.

System software architecture can defend against viruses

Software factors include defense against external viruses, protection against illegal intrusion, protection of hospital information system data, real-time monitoring of hospital information systems, and establishment of excellent hospital information systems. software Architecture.

Computer viruses and illegal intrusions are common in computer networks. Viruses spread fast and damaged in computer networks, which may paralyze the entire computer network. Therefore, protection against computer viruses is very important. Install the network-based antivirus software on the computer network of the hospital. The professional personnel regularly upgrade the software to isolate viruses in time and install the OfficeScan at the network exit. Using network management software, the client host is prohibited from connecting to any USB storage device, minimizing the possibility of computer network virus infection, patch the client host and server on the network in a timely manner to reduce server vulnerabilities and reduce the possibility of illegal intrusion.

Hospital Information System data is the most important part of the hospital information system. All the hospital financial data and patient diagnosis and treatment information are included. Once the hospital information system data is damaged, the loss caused by the data will be incalculable.

Centralized data management

Hospital Information System data can be centrally managed, including storage management. Storage management refers to the centralized management of various LAN data by means of Unified Storage on the integrated media by the network administrator.

In hospitals, centralized data management is used to facilitate data storage, recovery, saving computer resources, and improving network operation speed. It implements a series of functions through centralized storage devices (Disk Arrays) and storage management software. Storage Management Software mainly includes storage resource management (storage media, volumes, file management), data backup and data migration, remote backup, cluster system, disaster recovery, and storage virtualization. Storage Management and dual-server application improve resource utilization and efficiency, improve system availability, improve system performance, improve I/O performance, and assign access priority, restrict access permissions to facilitate data transfer, and reduce the possibility of data access interruption or application system downtime due to various reasons.

The Network Architecture of centralized data management adopts the SAN (Storage Area Networking) Storage LAN, which is a cable, switch, and hub based on the fiber Channel technology, connect many storage devices to a network composed of many different servers and manage them in multi-point/multi-point mode. SAN can also directly connect storage devices to storage devices, making it possible to integrate multiple servers with multiple tape library disk arrays. This technology enables the storage device to truly be detached from the server, forming a total data center, connected to other computers on the network in a multi-point to multi-point manner. SAN has the advantages of high scalability, high performance, high availability, high manageability, and high reliability.

Backup of Hospital Information System data is also very important. Backup is the last line of defense to protect data availability. An excellent backup solution can minimize the loss in the event of an unexpected accident, or develop a backup solution based on the size of the hospital information system data. For example, a full backup is performed every month, a level-1 Incremental backup is performed every week, a level-2 Incremental backup is performed every day, and an archive log backup is performed every hour. In this way, data loss is also very small in the event of an accident. If conditions are met, you can also perform a remote backup to ensure the security of the backup data.

Real-time Monitoring of hospital information systems can promptly detect faults in information systems. Through some network management software, you can monitor the servers, network devices, and network lines in the network in real time, and notify the network management personnel in a timely manner, so as to promptly detect and resolve faults.

An excellent information system software architecture can effectively defend against DDoS attacks and hacker attacks on core servers of the network, improving server efficiency. The hospital information system should adopt a three-tier architecture (client-Application Server-Data Server). In this way, the client only accesses the application server, and the application server sends client requests to the data server, and send the data server feedback to the client. The client blocks the data server and cannot access it. This reduces the virus and illegal intrusion on the data server and protects the most important data in the hospital information system.

Summary

Digital hospital network security is a system engineering, and security management has become a hot topic of attention. Only the information security of digital hospitals is highly valued, taking the security management of hospital information systems as an arduous and long-term task, network administrators are required to examine network security vulnerabilities and vulnerabilities in an all-round and multi-angle manner based on the actual situation of hospitals, following the overall security principles, a reasonable network security architecture should be developed and a series of security management measures should be implemented to ensure the security of the entire system, in order to ensure the safe, healthy, stable and efficient operation of a large digital hospital system.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.