<![CDATA[Bali Mandara Regional Hospital integrates information technology into its healthcare services, but ransomware attacks pose significant risks to data security. In accordance with the 2016 Indonesian Ministry of Communication and Informatics regulation, Electronic System Operators (PSE) are required to ensure information security, emphasizing confidentiality, integrity, and availability. To support this, the National Cyber and Crypto Agency introduced the Index KAMI, an evaluation tool aligned with ISO/IEC 27001 standards. This study evaluates the hospital’s information security using Index KAMI 5.0, yielding a score of 177, which classifies its readiness as “Not Eligible” for ISO 27001 compliance. Recommendations for improvement include establishing clear governance policies, implementing systematic risk management, enhancing asset management with integrated inventories, and strengthening data protection through access control and encryption. Additional measures involve improving physical security with surveillance systems and fostering stronger vendor relationships through binding SLA agreements. By adopting these measures, Bali Mandara Regional Hospital can enhance its security system, protect patient data, and achieve compliance with international standards.]]>
Copyrights © 2024
