Readiness of Information Security Management Systems (ISMS) Policy on Hospital Staff Using e-Patuh System
Keywords:
Data Centre, Hospital Information Security Management Systems, ISO 27001, 2013, Malaysia,Abstract
ISO 27001:2013 is the best-known standard providing requirements for information security management systems (ISMS). An ISMS is a systematic approach to manage sensitive information through people, processes and IT systems. In a hospital, a patient's individual medical record is highly private and sensitive. This study performed qualitative questionnaire based on the ISO27001:2013 policy. Seven hospitals in Malaysia were involved in this study. This study focus on the Data Center as it contains a high risk server. This study reveals the non-compliance issues among the sampled hospitals in Malaysia. The participation of the hospitals in trainings related to information security awareness and education were still not adequate due to lack of support from the top management. The Malaysian Administrative Modernisation and Management Planning Unit (MAMPU), the Ministry of Health Malaysia and the top management in hospitals in Malaysia play vital roles to educate and ensure the compliance of ISO 27001:2013.Downloads
Published
How to Cite
Issue
Section
License
TRANSFER OF COPYRIGHT AGREEMENT
The manuscript is herewith submitted for publication in the Journal of Telecommunication, Electronic and Computer Engineering (JTEC). It has not been published before, and it is not under consideration for publication in any other journals. It contains no material that is scandalous, obscene, libelous or otherwise contrary to law. When the manuscript is accepted for publication, I, as the author, hereby agree to transfer to JTEC, all rights including those pertaining to electronic forms and transmissions, under existing copyright laws, except for the following, which the author(s) specifically retain(s):
- All proprietary right other than copyright, such as patent rights
- The right to make further copies of all or part of the published article for my use in classroom teaching
- The right to reuse all or part of this manuscript in a compilation of my own works or in a textbook of which I am the author; and
- The right to make copies of the published work for internal distribution within the institution that employs me
I agree that copies made under these circumstances will continue to carry the copyright notice that appears in the original published work. I agree to inform my co-authors, if any, of the above terms. I certify that I have obtained written permission for the use of text, tables, and/or illustrations from any copyrighted source(s), and I agree to supply such written permission(s) to JTEC upon request.