ISO 27001 Information Security Survey of Medical Service Organizations

Abstract

: The differences between medical institutions in the security management of information systems were investigated by comparing the differences and the means used by personnel in different units in public and private hospitals. Personnel responsible for information security require the protocol of relevant units to solve information security issues. Based on ISO 27001 as a reference standard, a questionnaire survey was conducted to investigate the need for information security management in medical institutions. The information system security in each unit of medical institutions needs to pursue the goal of more perfection for a fully optimized information system. To help medical institution personnel understand the importance of information security and allow appropriate decision making, the results of this study can be used as a reference.