Evaluasi Keamanan Informasi di Lingkungan Rumah Sakit: Pendekatan Audit ISO 27001 di RS Rahman Rahim Sidoarjo
Kata Kunci:
Audit, ISO 27001, Uji KematanganAbstrak
The development of technology and information systems has now grown rapidly and has penetrated various aspects of human life. Starting from education, government, health, to trade, technology has been implemented to help their business processes. One area that is important to protect from these risks is the health sector. The institutions responsible in this field are hospitals that provide health services to the community. Rahman Rahim Hospital is a type D general hospital located in Kebonagung Village, Sukodono District, Sidoarjo Regency. Rahman Rahim Hospital has implemented a Hospital Management Information System (SIMRS). This needs to receive more attention, considering that health assets are a vital component for maintaining the smooth operational processes of hospitals. Serious and continuous action in protecting health assets can increase the security of health assets in order to protect patient rights and maintain the integrity of hospitals. Information system audits are carried out using the ISO/IEC 27001 framework. Implementation of ISO/IEC 27001 protects all aspects of information security, namely confidentiality, integrity and availability. This results in a maturity level index of 2.46 which is at the Planned and Tracked level. The gap obtained from the average objective control calculation is 2.5.
