<![CDATA[This study aims to analyse risk management in hospital medical records information systems using the ISO 31000:2018 framework. Electronic medical records play a critical role in storing and managing sensitive patient data, requiring a structured risk management approach to identify, evaluate, and control potential threats. The research method used was a descriptive qualitative approach, using observation and interviews with information technology staff and medical records managers. The results revealed 11 key risks, divided into three categories: high, medium, and low. High risks were primarily related to the lack of system protection against cyber threats. This study concluded that implementing ISO 31000:2018 can help hospitals develop more effective risk mitigation strategies, thereby supporting the security, integrity, and availability of patient data.]]>
Copyrights © 2025
