The evaluation of information security of hospital information system (his) using cobit 5 framework: case study at Soreang Hospital, Indonesia
Based on the Minister of Health Regulation No.82 of 2013 related to HIS, all hospitals are required to have HIS for healthcare. Even though HIS has a lot of benefits, but on the other hand, it also has several issues of the system such as misuses of data and data loss, due to this flaw HIS has been...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English English English |
Published: |
2019
|
Subjects: | |
Online Access: | http://eprints.uthm.edu.my/532/1/24p%20KHILDA%20NISTRINA.pdf http://eprints.uthm.edu.my/532/2/KHILDA%20NISTRINA%20COPYRIGHT%20DECLARATION.pdf http://eprints.uthm.edu.my/532/3/KHILDA%20NISTRINA%20WATERMARK.pdf http://eprints.uthm.edu.my/532/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Tun Hussein Onn Malaysia |
Language: | English English English |
Summary: | Based on the Minister of Health Regulation No.82 of 2013 related to HIS, all hospitals are required to have HIS for healthcare. Even though HIS has a lot of benefits, but on the other hand, it also has several issues of the system such as misuses of data and data loss, due to this flaw HIS has been integrated into several systems in the hospital like administrating the management of patients’ and clinic’s record. In reality, threats do not come only from hackers. The damaged IT systems can be a cause due to developing infrastructures that are not comprehensive yet. Therefore, evaluation is needed to measure the threats and vulnerabilities of the system and also to confirm the effectiveness of current controls. This research proposes to recommend information security strategies based on COBIT 5 to be implemented in HIS. The objectives of the study are to examine the capability level of HIS in term of information security using COBIT 5 framework, to determine the infrastructure of network security which is provided by Soreang hospital and to identify the information security strategies based on COBIT 5 to be implemented in the Hospital Information System. The case study areas are Soreang Hospital, Indonesia. The methodology used is explanatory sequential with two phases in data collection. The first one is quantitative, using a questionnaire. The sampling method used simple random sampling with 89 staff respondents. The second one, is qualitative, using interview, the sampling method used purposive sampling with 3 members of staff. Evaluation results show the capability level in the Soreang Hospital is at level 1 for DSS05 domains with L and level 0 domains for APO13 domains with L The findings demonstrated that HIS system of the Soreang hospital has been used as a firewall to protect the network, filters incoming and outgoing traffic, used an Antivirus, IDS and VN). Recommendations for improvement are prepared to achieve the expected capability level of the target. The research contributes to the knowledge through created recommendation information security and HIS measurement analysis and evaluation using the COBIT 5 framework. |
---|