Design And Implementation Of ISMS Based Information Security Management System For Hospital Health Examination Center

As society developing continuingly, information technology march quickly on its way. At the same time, civilian life quality improved, so the peoples’ healthcare concept have badly changed. Health examination centers are coming out one after one quickly to meet civilians’requirement. Because of the rapid development of information technology, medical and health information in the field of equipment, facilities, information systems, software with frequent upgrades, old device is not compatible with the new system, the new devices are not configured, leaving many security risks. With the popularization of Internet, computers, smart phones and other devices, people do have access to more information, may also be bothered by this information, incitement or abetting, that tragedy.Although China’s macro-control measures have been made use of, and there is related administration code in this industry, these pities still cannot be put an end. This paper took the ISMS for Healthcare Examination Center of Xuzhou Central Hospital for example, trying to find countermeasures to ensure that the healthcare examination center of central hospital would run normally, efficiently and steady. This paper referenced with the International Organization for Standardization definitions and descriptions of the information security management system, based on a risk assessment analysis of present situation of the information systems of healthcare examination center in the central hospital, as well as the security problem of information system, security requirements are summed. Based on detailed design and implementation of the information security technology and information security management, configuratted the techniques components and management component of the information security management system for healthcare examination center in central hospital. In hopes of establishing a safe, reliable, stable, and efficient information security management systems for healthcare examination center, and update itself by using PDCA model.Due to the limited size of the Medical Center, therefore, instead of fully copying the ISO information security management system item by item, part of items that does not fit referenced by the International Organization for Standardization document, finally established a concise and practical information security management structure to fit the hospital healthcare examination center.