<![CDATA[EMR access in one of health centers in Yogyakarta City are given to all health service officers using username and password. In registration, there are 2 username while 5 registration officers use them. This can pose a risk of data and patient information leakage. This study aims to evaluate 6 aspects of information security in EMR in health center. This type of research is qualitative. The population is 51 EMR users and sample is 7 users. Privacy, on access rights, login process to EMR uses a username and password, automatic log out feature does not yet exist. Integrity, on accuracy data and timeliness in filling out forms, accuracy of data is accurate but timeliness in filling is sometimes less timely due to system downtime in form of network problems and power outages, edit and delete features are already available but not all users can use these features. Authentication, on electronic signatures has not been implemented but manual signatures that are carried out can still guarantee authentication from users, on application of signatures to guarantee validity of users made using electronic certification provider services has not been implemented. Availability, data transfer to the health office is not done at health center, as health office can retrieve the necessary data using a superadmin user. Access control, access are set using a username and password, in accordance with user access settings, duties, and authorities. Non-repudiation, a history of access and edits is maintained for users using EMR]]>
