Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in eHealth )

11
Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in eHealth) Hadi Syahrial (Health IT Security Forum) www.healthitsecurity.org

description

Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in eHealth ). Hadi Syahrial (Health IT Security Forum) www.healthitsecurity.org. eHealth. - PowerPoint PPT Presentation

Transcript of Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in eHealth )

Page 1: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

Ancaman-ancaman Terhadap Keamanan Informasi

Pada eHealth(Security Threats in eHealth)

Hadi Syahrial(Health IT Security Forum)www.healthitsecurity.org

Page 2: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

eHealth• eHealth is the use of emerging information and communication technology,

especially the Internet, to improve or enable health and health care.

• The term "eHealth" has evolved into the dominant term used by the Information Technology (IT) industry and mass media to describe this area. It was derived from the term "electronic commerce" ("eCommerce"), which was coined in the mid-1990s to reflect the expanding commercial use of the Internet.

• In addition to eHealth, other terms have been widely used in the past several years to describe the application of information, computer, or communication technology to some aspect of health or health care. These terms include medical informatics, consumer health informatics, public health informatics, telemedicine, telehealth, and interactive health communication.

Page 3: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

eHealth http://www.who.int/trade/glossary/story021/en/

E-health is the transfer of health resources and health care by electronic means. It encompasses three main areas:

The delivery of health information, for health professionals and health consumers, through the Internet and telecommunications.

Using the power of IT and e-commerce to improve public health services, e.g. through the education and training of health workers.

The use of e-commerce and e-business practices in health systems management.

Page 4: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

Data Breaches by Sector in 2012

Symantec: Internet Security Threat Report 2013 :: Volume 18

Page 5: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

Ancaman-ancaman (threats)

• Pihak manajemen rumah sakit (CEO) tidak sepenuhnya mengerti tentang resiko keamanan informasi dan cara mengelola dan menanganinya.

• Sulit mencari professional yang berbakat di bidang keamanan informasi.

• Orang dalam (insiders) yang sengaja atau tidak sengaja membocorkan informasi personal dan rahasia.

Page 6: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

• Hacktivists• Crime as a Service (CaaS)• Kebocoran informasi (Information leaks)• BYOD (bring your own device)• BYOC (bring your own cloud)• Regulasi (regulation) dari pemerintah tentang

keamanan informasi rumah sakit• Big Data

Ancaman-ancaman (threats) - lanjutan

Page 7: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

Impact

• Pasien • Keluarga• Reputasi (reputation) rumah sakit

Page 8: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

Solusi (rekomendasi)

• Teknologi (technology)• Proses (process)• Orang (people)• Kepatuhan (compliance)• Resiko (risk)• Tata kelola keamanan informasi (information

security governance)

Page 9: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

Pentingnya MelakukanSecurity Review

• Security requirement analysis• Threat modeling• IT infrastructure architecture analysis• Code review• Penetration testing• Compliance audit• Security maturity

Page 10: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

Kesimpulan

• Penting menerapkan Cyber Hygiene untuk semua karyawan dan operasional rumah sakit.

Page 11: Ancaman-ancaman Terhadap Keamanan Informasi Pada eHealth (Security Threats in  eHealth )

Terimakasih

• Q&A