Track: Technology Management

Abstract

Background : Information security in Hospital Information System (HIS) become main issue in protected the patient privacy data due to it can be online accessed and susceptible attacked by malware- Misc-Activity. Therefore, the main objective of this study to investigate the capability level of information security in HIS.   Method and Result: Quantitative method was performed in this study by questionnaire analysis in 86 respondents who apply HIS on the system. This study was conducted in selected hospital in Bandung, Indonesia which is Soreang Hospital and the information security in HIS was evaluated by COBIT 5. Evaluation results show that the capability level in the Soreang hospital is at level 1 for DSS05 domains with L (Largely achieved) criteria and level 0 domains for APO13 domains with L (Largely achieved) criteria. The improvement of information security in HIS required to achieve the expected Capability level which is fully achieved criteria.

Keywords : Information security, Hospital Information System, COBIT 5