For a long time, our hospital has always attached great importance to network and information security in the process of informatization construction, and adopted a set of effective safety management norms and effective safety management measures. 65438109, the hospital carried out self-inspection of network and information security. According to the corresponding characteristics of hospital Internet security and local area network security, check item by item to eliminate potential safety hazards. The information security work in our hospital is reported as follows.
1. Network security management: The network of our hospital is divided into Internet and Intranet, and the two networks are physically separated to ensure the independent, safe and efficient operation of the two networks.
1. Hardware safety, including lightning protection, fire prevention, theft prevention and UPS power connection. The server room of the hospital is built in strict accordance with the standards of the computer room, and the staff insist on daily inspections to eliminate potential safety hazards. HIS, LIS, EMR, PACS and other servers, switches, storage, etc. All of them are protected by UPS power supply, which can ensure the normal operation of the equipment in the case of short-term power failure and prevent the equipment from being damaged due to sudden power failure. In addition, the USB interfaces of all computers in the local area network are completely closed, which effectively avoids poisoning or leakage caused by external media (such as U disk and mobile hard disk).
2. Network security: including network structure, password management, IP management, etc. Network structure includes reasonable network structure, stability of network connection and stability of network equipment (switches, routers, optical fiber transceivers, etc.). ). Our hospital will regularly check the operation of network equipment, and the Information Department has spare parts for network equipment. Once a fault occurs, it can be replaced as soon as possible to ensure the normal operation of hospital business. Each hospital system operator has his own login name and password, and is given the corresponding authority. The account is managed by the system of "who uses, who manages and who is responsible". Internet and LAN in the hospital are divided into five IP segments according to different regions, all of which have fixed IP addresses, which are uniformly distributed and managed by the hospital. Adding new IP without permission is not allowed.
Second, database security management: ORACLE database is the main database running in our hospital at present, which is the basis to ensure the normal operation of various services such as hospital diagnosis, pricing, charging, inquiry and statistics. In order to ensure the normal and efficient operation of various businesses in the hospital, database security management is extremely necessary. The security features of the database system are mainly aimed at the technical protection of data, including data security, concurrency control, fault recovery, database disaster recovery backup and so on. Our hospital takes the following measures for data security: (1) separate the part of the database that needs protection from other parts. (2) Access control methods such as account number, password and authority control are adopted, which optimizes the database and greatly improves the bearing capacity of the number of concurrent connections in the server database. (3) Database disaster recovery backup is an extremely important part of database security management, the last guarantee for effective and safe operation of the database, and also an effective measure to ensure the long-term preservation of database information. The backup type adopted by our hospital is full backup, which backs up the whole database every morning, including all database objects such as user tables, system tables, indexes, views and stored procedures. In the process of data backup, the master and slave servers operate normally, and the business of each client can be carried out normally, that is, hot backup.
Software management: At present, the running software in our hospital is mainly divided into three categories: hospital system, common office software and antivirus software. Hospital system software includes HIS, LIS, EMR, PACS, etc. Among them, HIS system is the most important software in our daily business, and it is the basis to ensure the normal operation of hospital diagnosis and treatment activities. Since the new system was launched on 20 12, it has been running stably, without any major security problems, and has been constantly updated and enriched according to business requirements. Common office software is installed and maintained by the hospital information department. Antivirus software is an effective tool to protect computer systems from viruses, Trojans, tampering, paralysis, attacks and leaks. All computers are equipped with genuine antivirus software (360 enterprise antivirus software and security guards), and the virus database is updated regularly to ensure that the defense capability of antivirus software is always maintained at a high level.
Fourth, website security management: In today's highly developed informationization, the role of online publicity is increasingly prominent, and website security management cannot be ignored. The website background server of our hospital is managed by hosting, which ensures the stability and security of the website background service. Our hospital has a special website administrator who is responsible for daily updating and maintenance, and strictly implements the "Regulations on Website Management". Since the opening of the website, no major security problems have occurred and it is running well.
5. Emergency treatment: The server of HIS system in our hospital runs safely and stably, equipped with large UPS power supply, which can ensure the server to run for several hours in the case of large-scale power failure. Although the hospital. The information system has been running well for a long time. The hospital has formulated an emergency plan and trained the charging operators and medical staff. If there is a large-scale and long-term power outage in the hospital and the HIS system cannot operate normally, manual charging, bookkeeping and medicine distribution will be temporarily started to ensure the normal and orderly diagnosis and treatment activities. When the HIS system returns to normal work, it will make up invoices and charge items.
Generally speaking, our hospital attaches great importance to the work of network and information security, and no major safety accidents have occurred. All systems are running stably, and all businesses can run normally. However, the self-examination also found shortcomings, such as the shortage of hospital information technology personnel and limited information security force; Information security awareness is sufficient, and individual departments lack the initiative and consciousness to maintain information security; Some departments have low computer equipment configuration and long service life. In the future, it is necessary to strengthen the training of information technology personnel and further improve the technical level of information security; Strengthen the information security education of the staff of the whole hospital, and improve the initiative and consciousness of maintaining information security; Increase the investment in hospital informatization construction, upgrade the configuration of computer equipment, and further improve the work efficiency and the safety of system operation.
After a week's self-examination, our hospital fully realized that safety work is a project that needs constant attention, and at the same time, we should constantly innovate and change the old management methods and concepts to meet the needs of safety management under the new situation.