No one can deny the importance of security in medical information management systems given its content having a very substantial value. There are many sides that threaten the security of information among which the exchange of information that allows public to have forbidden data, network resources, and even the specific equipment and here we will classify protection on four levels:

1. The network equipment.
   
2. The level of external communication and international information network "Internet".
   
3. Software systems, including the level of operating systems.
   
4. The level of medical information management system program.
   

 

In addition, we can enter in more detail as follows:

• User protection strategies against external attacks following the connection to the Internet, in particular as regards the use of email.
  
• Strategies regarding the nature of passwords used at different levels (medical information management system - network access system ... etc).
  
• The strategies concerning the copies of the reserve.
  
• Strategies for the alert state plan.
  
• The control strategies of the different instructions that occurred on the network resources.
  
• Security systems that control the inputs and outputs.
  
• Save the events by using the surveillance cameras.
  

 

To develop all these strategies, it is necessary to put a complete vision for the concept of security and during the implementation of these strategies we should keep the following steps:

• Identify the objectives and nature of information security.
  
• Identify the security level of medical information systems.
  
• Identify the access permissions according to each role.
  
• Informing employees about the requirements of security and privacy of users and medical data.
  
• Evaluation of the performance according to following the strategies.
  

 

Our company considers this aspect with interest and offers integrated solutions accordance with the norms; it takes into consideration the specificity of each institution, the nature of its resources, and we apply according to the following:

• Evaluate resource security and examine the gap of safety between data and confidentiality.
  
• Provide an integrated training for all staff, whether it will be included in the system of implementation of the program or in a separate frame.
  
• Start giving solutions after evaluation of existing equipment.
  
• Periodic Control of these strategies.

 

You can also check this

• The basic steps for the implementation of the electronic medical record.
• Properties of the Medical information systems.