Processing of the personal data
  • 2015 № 1 Modeling of the system of information security management of medical organizations.

    The article deals with modeling the system of information security management of the medical organization in accordance with the requirements of international standard ISO/IEC 27001:2005. Presents and describes the model of the system of information security management, its structure and stages of implementation in the medical organization.

    Authors: Knyazuk N. F. [1] Kitsul. I. S. [1]

    Tags: information security3 information system3 management2 process2 risk management1 system1

    Read more >

  • 2018 № itm One method decomposition for securing personal data in medical information systems

    Ensuring the security of information in medical information systems is essential to protect patients and medical personnel from unlawful harmful effects on them when unauthorized access to information. We propose a method of de-identification on the basis of anonymization of personal data pseudonymisation in IIAs. The method of decomposition based on the division of personal data into parts and the storage of these parts in different repositories is studied. this data security is achieved due to the complexity of the process of matching data from different repositories, since the placement of personal data in different repositories is carried out in different ways. In addition to the initial anonymisation of personal data, has the possibility of geometrician anonymized data that requires additional processing. To improve the objectivity of the findings of the survey it is proposed to store in the archive of the information system the results of processing the data at all stages. It will allow to restore results at malicious penetration into MIS, to carry out additional processing with application of different methods, to compare results of different patients at different stages of processing

    Authors: Burkov S. M. [1] Kosykh N. E. [1] Levkova E. A. [1] Savin S. Z. [1] Sviridov N. M. [1]

    Tags: anonymization1 data protection1 decomposition1 information security3 medical information system (mis)1 personal data depersonalization1 pseudonymization1

    Read more >

  • Actual problems of the development of information resources
  • 2016 № 5 About the definition of the classes of Cybersecurity of Medical devices.

    The paper discusses problems of Cybersecurity (CS) digital medical devices (MD). Lists the main threats associated with unauthorized external cybervandalism (CV) MD for patient safety. The classification of MD depending on the level of initial security from CV. The rules identify classes of CS medical devices.

    Authors: Stolbov. A. P. [5]

    Tags: classification of risks of the use of medical devices1 information security3 medical devices1 the classes of cybersecurity medical devices1

    Read more >