پیاورد سلامت (Jan 2023)
Determining Information Security Requirements in the Telemedicine Network from the Point of View of Managers and Employees of the Information Technology Unit of Birjand University of Medical Sciences and Teaching Hospitals
Abstract
Background and Aim: Today along with information technology development, telemedicine technology has expanded dramatically. Sinse telemedicine technology relies on data transmission, it is essential to pay attention to issues such as network security, confidentiality, and privacy of patients. Therefore, the aim of this study was to determine the importance of information security requirements in telemedicine networks based on managers and employees of the information technology unit of the University and teaching hospitals of Birjand city Materials and Methods: This descriptive cross-sectional study was conducted in year 2021. The research population was The managers and employees of the information technology unit of the university and teaching hospitals of Birjand city (40 people), who were surveyed by the census. The study tool was a researcher-made questionnaire that confirmed its validity by faculty members and experts, and its reliability was calculated with Cronbach’s alpha (0.83). After collecting the data, they were entered into the SPSS software and were analyzed using descriptive statistics. Results: The results showed that the security requirement related to information transportation is more important than other requirements. Also in the field of human resources, providing detailed documentation and training guides for users of the systems was with an average of (4.47). In the medical diagnosis equipment field, telemedicine network systems are equipped with emergency power was with an average of (4.72). In the storage and access to information context, installing antiviruses and anti-malware on all systems was with an average of (4.75), and also in the field of information transfer, encryption of important and sensitive files and information was with an average of (4.69) were the most important security needs. Conclusions: As the results showed, security requirements related to information transfer have more importance than other requirements; Initially, information security can be guaranteed by creating security policies, updating and monitoring their implementation, as well as training employees. However, in order to transfer sensitive medical information, encryption and qualification verification methods, secure information transfer protocols, virtual and private networks (VPN) and other new technologies can be used in this field. Of course, necessary preparations should be made to create appropriate technical infrastructure for the implementation of security policies in information transmission.