A Survey on Isfahan’s Hospital Information Systems Security

Introduction: The aim of this study is to identify the security status of information on the managerial, technical, and physical dimensions in the information systems of the hospitals affiliated to Isfahan University of Medical Sciences. Methods: This is an applied descriptive study conducted in 2017-2018. The study population consisted of 35 Information Technology Department Managers (ITDM). The instrument for data collection was adopted and adapted from Mehrayin; this questionnaire consisted of three dimensions, namely managerial, technological, and physical, formatted into a Likert scale. The data were collected by ITDM census sampling and then by mean analysis using SPSS version 22. Results: From the viewpoint of ITDM, the information security at the hospital information systems was unsatisfactory, with the mean values of 1.37, 1.28, and 1.218 on managerial, technological, and physical dimensions respectively at the hospital information systems. Conclusion: In order to improve the physical security for this purpose, hospitals need to take measures to physically control the resources, create security policies for areas containing such information as the server room, use physical protection to counter human damages and natural disasters such as power cuts. To improve technological security, it is recommended that technological arrangements should be made to verify the person requesting access to electronic information prior to its application.