| Title | Design of Electronic Medical Record Security Policy in Hospital Management Information System (SIMRS) in XYZ Hospital |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Avianto, Hana, Ogi, Dion |
| Conference Name | 2019 2nd International Conference on Applied Information Technology and Innovation (ICAITI) |
| Keywords | data privacy, electronic health records, electronic medical record security policy, EMR, EMR management, Health Care, hospital management information system, hospitals, medical computing, medical record management system, NIST, policy-based governance, privacy control mapping, pubcrawl, records management, risk management, Security Control, security of data, security policies, SIMRS, Triangle Policy Analysis |
| Abstract | Electronic Medical Record (EMR) is a medical record management system. EMR contains personal data of patients that is critical. The critical nature of medical records is the reason for the necessity to develop security policies as guidelines for EMR in SIMRS in XZY Hospital. In this study, analysis and risk assessment conducted to EMR management at SIMRS in XZY Hospital. Based on this study, the security of SIMRS in XZY Hospital is categorized as high. Security and Privacy Control mapping based on NIST SP800-53 rev 5 obtained 57 security controls related to privacy aspects as control options to protect EMR in SIMRS in XZY Hospital. The policy designing was done using The Triangle framework for Policy Analysis. The analysis obtained from the policy decisions of the head of XYZ Hospital. The contents of the security policy are provisions on the implementation of security policies of EMR, outlined of 17 controls were selected. |
| DOI | 10.1109/ICAITI48442.2019.8982122 |
| Citation Key | avianto_design_2019 |
Design of Electronic Medical Record Security Policy in Hospital Management Information System (SIMRS) in XYZ Hospital