<![CDATA[Information is part of an information system that is important to be protected in terms of confidentiality, integrity and availability, in order to increase its reliability. Moreover, information containing personal and health data is definitely available in the clinical laboratory. This becomes a consideration for clinical laboratory management to prepare for the development of its service system in digital transformation. This study aims to assess the information security risks that still arise in a clinical laboratory accredited to ISO 15189 and certified to ISO 9001, as a preparation for digital-based services. By using the ISO 27001 approach which is embedded in the qualitative method in this study, risk assessment is carried out by identification, analysis and evaluation through interviews with process owners at clinical laboratories in Jakarta. As a result, it was found that the Busdev&IT Department had the most information security risks (35 risks out of 384 total risks), which required further treatment based on the established risk appetite. Therefore, vigilance on the use of information systems in the laboratory needs to be improved in terms of information security.]]>
Copyrights © 2023
