Abstract

The possibility of a large quantity of information outflow has been growing since patients' private and medical information is being transmitted to inside and outside of the hospital because of the country's medical record computerization system. Accordingly, it has been threatening patient's privacy and the duty of confidentiality of medical people, and the introduction of security policy is needed which is required for patient information protection. We evaluated medical treatment facilities of diagnostic information security management by conducting questionnaire survey of medical documentation office about their standard of medical information security management, range of medical information access sanction to inside users, outside users' request for information and it's purpose. In the data of medical information user identification and authentication, about the grant of the ID and Password to official in charge, "All have it" has the most high percentaged as 60.0%, "Officer who's most needful have it" is the second as 15.7%, "one's post share it" is the third as 12.9%, but treatment facilities all show similar distribution. About the request for information by patients, All medical institution opened the information on occasion that patients themselves visited the institute and asked information, but in case of telephone inquiry, the only score 0.08 of the institutes accepted. This research, I hope, could be utilized for basic materials for medical recorder who control medical information to manage medical information security and to evaluate operation, and for individual hospital to manage the bound of opening to public and authority to access considering specificity of medical information, and supervisor. Also, the Goverment should set up a definite legal support about the political and technological plan to protect private information in the medical record.