Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities

OBJECTIVES: The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. METHODS: The study of the security requirements for a mobile EMR system is divided...

Descripción completa

Detalles Bibliográficos
Autores principales: Yeo, Kiho, Lee, Keehyuck, Kim, Jong-Min, Kim, Tae-Hun, Choi, Yong-Hoon, Jeong, Woo-Jin, Hwang, Hee, Baek, Rong Min, Yoo, Sooyoung
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Korean Society of Medical Informatics 2012
Materias:
Original Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3402555/
https://www.ncbi.nlm.nih.gov/pubmed/22844648
http://dx.doi.org/10.4258/hir.2012.18.2.125
_version_ 1782238771915259904
author Yeo, Kiho
Lee, Keehyuck
Kim, Jong-Min
Kim, Tae-Hun
Choi, Yong-Hoon
Jeong, Woo-Jin
Hwang, Hee
Baek, Rong Min
Yoo, Sooyoung
author_facet Yeo, Kiho
Lee, Keehyuck
Kim, Jong-Min
Kim, Tae-Hun
Choi, Yong-Hoon
Jeong, Woo-Jin
Hwang, Hee
Baek, Rong Min
Yoo, Sooyoung
author_sort Yeo, Kiho
collection PubMed
description OBJECTIVES: The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. METHODS: The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. RESULTS: From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. CONCLUSIONS: This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another.
format Online
Article
Text
id pubmed-3402555
institution National Center for Biotechnology Information
language English
publishDate 2012
publisher Korean Society of Medical Informatics
record_format MEDLINE/PubMed
spelling pubmed-34025552012-07-27 Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities Yeo, Kiho Lee, Keehyuck Kim, Jong-Min Kim, Tae-Hun Choi, Yong-Hoon Jeong, Woo-Jin Hwang, Hee Baek, Rong Min Yoo, Sooyoung Healthc Inform Res Original Article OBJECTIVES: The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. METHODS: The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. RESULTS: From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. CONCLUSIONS: This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another. Korean Society of Medical Informatics 2012-06 2012-06-30 /pmc/articles/PMC3402555/ /pubmed/22844648 http://dx.doi.org/10.4258/hir.2012.18.2.125 Text en © 2012 The Korean Society of Medical Informatics http://creativecommons.org/licenses/by-nc/3.0/ This is an Open Access article distributed under the terms of the Creative Commons Attribution Non-Commercial License (http://creativecommons.org/licenses/by-nc/3.0/) which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited.
spellingShingle Original Article
Yeo, Kiho
Lee, Keehyuck
Kim, Jong-Min
Kim, Tae-Hun
Choi, Yong-Hoon
Jeong, Woo-Jin
Hwang, Hee
Baek, Rong Min
Yoo, Sooyoung
Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities
title Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities
title_full Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities
title_fullStr Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities
title_full_unstemmed Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities
title_short Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities
title_sort pitfalls and security measures for the mobile emr system in medical facilities
topic Original Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3402555/
https://www.ncbi.nlm.nih.gov/pubmed/22844648
http://dx.doi.org/10.4258/hir.2012.18.2.125
work_keys_str_mv AT yeokiho pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities
AT leekeehyuck pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities
AT kimjongmin pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities
AT kimtaehun pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities
AT choiyonghoon pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities
AT jeongwoojin pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities
AT hwanghee pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities
AT baekrongmin pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities
AT yoosooyoung pitfallsandsecuritymeasuresforthemobileemrsysteminmedicalfacilities

Ejemplares similares