Journal of Society for e-Business Studies

In this paper, the security characteristics of healthcare institutions were derived through analysis of previous research, and the characteristics and status of small and medium sized healthcare institutions were surveyed through field surveys of small and medium sized healthcare institutions. The security management evaluation model for small and medium sized healthcare institutions was designed and verified based on the security characteristics of small and medium healthcare institutions. For the design, we compared and analyzed existing security management system and evaluation certification system of healthcare institutions. We also confirmed the proposed security management evaluation model and the degree of sharing. In addition, we conducted validation for the statistical verification of the proposed security management evaluation model for small and medium sized healthcare institutions, and we performed the relative priority analysis through AHP analysis to derive the weight for each item. The result of this study is expected to be used as a standard of security management evaluation model that can be practiced in small and medium sized healthcare institutions.

Bae, J.-M., Kim, S. G., and Chang, H. B., “A Study on Design Direction of Industry- Centric Security Level Evaluation Model through Analysis of Security Management System,” Society for e-Business Studies, Vol. 20, No. 4, pp. 177-191, 2015.

Choi, Y.-S., Moon, S.-Y., Kang, H.-J., and Jun, H.-J., “A Study on t-he Development of a Model to Measure the Knowledge Based Information Utilization Level in Architectural Design Work Environment,” Journal of the Architectural Institute of Korea, Vol. 29, No. 4, pp. 59-70, 2013.

ETNews, [cited 2018 Jan 26], Available from: URL: http://www.etnews.com/2017 0728000514.

ISO 27799 Annex A Threats to health information security, 2016.

ISO/IEC 27001:2013, Information Technology Security Techniques Information security management systems requirements, 2013.

Korean Hospital Association, Personal Information Protection Self-Checklist, 2016.