Hospital Information System Audit Using The ISO 27001 Standard (Case Study In RSU PKU Muhammadiyah Bantul)

Authors

  • Heri Setiawan Department of Informatics Universitas Islam Negeri Sunan Kalijaga Yogyakarta
  • Khurin 'ien Mukhoyyaroh Department of Informatics Universitas Islam Negeri Sunan Kalijaga Yogyakarta
  • Muhammad Dzulfikar Fauzi Department of Informatics Universitas Islam Negeri Sunan Kalijaga Yogyakarta
  • Bambang Sugiantoro UIN Sunan Kalijaga Yogyakarta, http://orcid.org/0000-0002-7548-8122

DOI:

https://doi.org/10.14421/ijid.2014.03105

Keywords:

Audit System, ISO 27001, Medical Record Information System

Abstract

RSU PKU Muhammadiyah Bantul have been using information technology to improve health care in their area. One of the uses of information technology is in medical record information system. The existence of medical record information system will help to manage all medical record data. But with applying information system its data need to be secured, while there still less knowledge and understanding about medical record information system security. Therefore, it’s needed to have an audit using the standard of ISO 27001 to get a convenient security service for a medical record information. The audit of ISO 27001 used because this standard focus at information system security and use as the national standard of Indonesia. This standard contains complete determination to discover information system security. This research managed to give an assessment for medical record information system security of RSU PKU Muhammadiyah Bantul with maturity value of 2,2 (Repeatable but Intuitive). So medical record information system security of RSU PKU Muhammadiyah Bantul is good enough because it’s been followed the information system security procedure. But the hospital management is not paying attention regarding the understanding of their employees about information system security for their medical record information system.

Author Biography

Bambang Sugiantoro, UIN Sunan Kalijaga Yogyakarta,

ORCID ID : https://orcid.org/0000-0002-7548-8122

Scopus  ID / URL : https://www.scopus.com/authid/detail.uri?authorId=49664086100

Google Scholar ID / URL : https://scholar.google.co.id/citations?user=BNiBMBkAAAAJ&hl=id

References

Anonym, ISO/ IEC 27001 Information Security Management. Accessed from https://www.iso.org/isoiec-27001-information-security.html.

Iffano, and Sarno, R., Sistem Manajemen Keamanan Informasi. Surabaya: ITS Press, 2009.

R. A. Kusuma, “Audit Keamanan Sistem Informasi dengan Menggunakan Standar SNI ISO 27001 pada Sistem Informasi Akademik Universitas Islam Negeri Sunan Kalijaga Yogyakarta,” UIN Sunan Kalijaga Yogyakarata, 2013.

R. Unggara, “Audit Sistem E-Learning Fakultas Sains Dan Teknologi Uin Sunan Kalijaga Yogyakarta Menggunakan Framework Cobit 4.1,” Universitas Islam Negeri Sunan Kalijaga Yogyakarta, 2013.

Downloads

Published

2019-08-24

Issue

Section

Articles