One characteristic of the new version of electronic medical records system (EMRS) is that it plays a good role in the whole treatment process. As a matter of fact, electronic medical records system is an integration platform used in the process of integrating with a number of clinical information systems. Obviously, the security analysis of electronic medical records system is very necessary. In medical practice, the implementation of electronic medical records has practical significance. It can not only improve the efficiency of health care workers, but also save patients’ time and money. More importantly, electronic medical records system plays a significant role in hospital transfer and return visit. That’s why we want to talk about the security analysis of electronic medical records system.
Security analysis of electronic medical records system In order to let users know electronic medical records system more clearly, we decide to analyze its security from two aspects: hardware environment security analysis and software environment security analysis.
- Hardware environment security analysis With the implementation and integration of the new version of EMRS, the number of data exchanging between original systems is increasing largely. Therefore, higher requirements are put forward in the hardware casino environment of the whole hospital information system. Speaking of hardware environment security, users should pay attention to the following aspects.
- Stable computer hardware environment: if the performance of client computer hardware is not up to standard, low running speed, long-time no response, data loss, and so on problems are very likely to emerge in uploading or downloading process. In this situation, the working efficiency will be affected terribly.
- Sufficient network bandwidth and performance: After network transformation, the computer network backbone should be upgraded to full Gigabit fiber network; the core switch should be upgraded to high-performance Gigabit switch with three layers. Sufficient network bandwidth makes high-speed and unobstructed network possible and it ensures the security of data transmission.
- High-performance server and complete backup recovery solutions: comprehensive consideration must be made to the backup recovery solutions of each system in order to protect the security of all systems and to make them run concurrently.
- Storage devices with high safety index: storage devices with high safety index are very crucial to hardware environment security. We should adopt network-oriented storage architecture to separate data processing and data storage and eliminate connection barriers among different storage devices and servers. Therefore, the security and access speed of data can be improved greatly.
- Security of login: authentication refers to system’s review process for users’ identity. There are a variety of identity authentication technologies at present. Password authentication and smart card authentication are two popular ones.
- Security of discretionary access control policy: to minimize non-authorized users’ tampering and destruction to database objects and effectively prevent illegal users from accessing database system, different user groups and user password authentication must be built.
- Refined authority control for medical records: we should set access permission, modification permission and deletion permission specifically for different times, different sections and different visitors to optimize software environment security.
Software environment security analysis Although the new version of EMRS itself has relatively complete security features, we still need to pay attention to several aspects when analyzing software environment security.
Control for copying, pasting and modifying traces: originality, authenticity and accuracy are three important factors for EMRS, so no intentional or negligent modification, replacement or deletion behavior is allowed.