<![CDATA[Ensuring the security of electronic medical records (EMRs) is a critical challenge in the digital transformation of healthcare systems, particularly in developing countries. This study evaluates the security of Indonesia’s Community Health Center Information System (SIMPUS) based on the principles of confidentiality, integrity, and availability (CIA). A qualitative descriptive approach was employed, combining interviews and direct observation of SIMPUS implementation across multiple user roles. The findings reveal that while confidentiality is supported through user authentication, vulnerabilities remain due to shared account usage and the absence of automatic log-off features. Data integrity is maintained through restricted editing rights, but the lack of an audit trail limits the system’s ability to detect unauthorized changes. Data availability is generally sufficient; however, reliance on manual backup processes exposes the system to potential data loss. The study highlights the need for enhanced audit mechanisms, automated backup solutions, and staff training to strengthen data security compliance with national regulations and international standards such as ISO 27001 and HIPAA. Strengthening these measures will help ensure that SIMPUS can function as a secure and reliable platform for managing electronic medical records in Indonesia’s primary healthcare system.]]>
