Implementation of ISO17799 and BS7799 in picture archiving and communications system: local experience in implementation of BS7799 Standard
暂无分享,去创建一个
Abstract In picture archiving and communication systems (PACS) [H.K. Huang, PACS: Basic Principles and Application, 1st ed., Wiley-Liss (1998); K.J. Dreyer, A. Mehta, J.H. Thrall, PACS: A Guide to the Digital Revolution, 1st ed., Springer Verlag (2001)], digital image data were stored and retrieved centrally. Clinicians and radiologists have the convenience of instant and simultaneous access to images and reports from multiple locations. In a filmless hospital [E.L. Siegel, R.M. Kolodner, Filmless Radiology, Reprint ed., Springer Verlag (2001)], with the availability of image servers, integrity of data and security of the system were the most important tasks during the design of a PACS. However, there is no single solution for the security of PACS. A comprehensive information security management system (ISMS) is required for the monitoring of the security of PACS. In this paper, the security of PACS is presented as a mechanism by which organization can manage and protect all information assets by ensuring data confidentiality, integrity and accessibility according to ISO17799 and BS7799 standards. Implementation of the ISMS involved system redesign, change of workflow, staff retraining, communication, social engineering and documentation control.
[1] 日本規格協会. 情報技術 : 情報セキュリティ管理実施基準 : 国際規格 : ISO/IEC 17799 = Information technology : code of practice for infromation security management : international standard : ISO/IEC 17799 , 2000 .
[2] 日本規格協会. 情報セキュリティマネジメントシステム : 仕様及び利用の手引 : 英国規格 : BS7799-2:2002 = Information security management systems : specification with guidance for use : british standards : BS 7799-2:2002 , 2002 .