Abstract: With the rapid development of information industry, the medical service and informatization of hospitals are increasingly closely combined, which makes the security problem of hospital information management system itself more and more prominent. At present, illegal queries on the database such as "unified prescription" for commercial purposes have seriously affected the public image of the hospital and seriously damaged the interests of patients. Therefore, this paper discusses the prevention strategy of hospital information system from the technical point of view, and reduces the prevention probability through various measures such as prior authority management, real-time monitoring and audit tracking, so as to promote the healthy and rapid development of medical services.

Keywords: hospital information system; Anti-unification party; sensitive data

The "unified prescription" for commercial purposes is an important part of establishing the black chain of medical kickbacks, and it is an important social focus issue concerned by the state and the media, which not only seriously affects the public image of hospitals, but also seriously harms the interests of patients. In order to meet the requirements of the Ministry of Health on further deepening the control of commercial bribery in the field of medicine purchase and sale, and promote the healthy and rapid development of medical services, this paper discusses the unified prevention strategy of hospital information system from the technical point of view.

1 Security Risks of Hospital Information System

1. 1 Incomplete host protection.

The system host lacks protection mechanism, and there is no protection device at the front end. Even if the protection device is installed, it can only protect the IP address/port, and can't identify the information of the data layer, which will also affect the response time of the whole system. There are hidden dangers in the operating system or application software itself, especially it is difficult to prevent various security loopholes in the application system and middleware.

1.2 system superuser management is lax.

The management of administrator account and super user account/password is not strict, or data operation is carried out beyond authority, and there is no corresponding supervision and record.

1.3 The secrecy system exists in name only.

Even if a strict management system is formulated, there is no effective means of implementation.

1.4 lacks effective data supervision.

If there is no effective data audit mechanism, there will be a general lack of security policies in sensitive data management.

1.5 sensitive data flows from the inside.

Software suppliers, service outsourcing, data maintenance personnel or hospital personnel use software backdoors or take advantage of their positions to obtain sensitive data, and there is no complete and effective technical means to protect them.

2 to prevent a unified technical strategy

By introducing the third-party software "anti-unification" to monitor the means and data accessing the hospital information system, and adopting the means of prior authority management, real-time monitoring and alarm, audit tracking, etc., the probability of illegal unification can be effectively reduced, thus meeting the multi-pronged management requirements of "education first, system first and technology second" in hospitals.

2. 1 deployment of unified prevention system

The hospital unified defense system adopts bypass deployment mode, which only needs to connect to the data mirror port of the hospital network core switch, and does not change the original network configuration of the hospital, and records and monitors the Telnet, FTP, SSH and other access behaviors of the host in detail; Access control is implemented for specific applications and client hosts to prohibit them from accessing sensitive resources, thus protecting hospital HIS system and electronic medical record system.

2.2 Precautions for Prior Authority Management

In order to strengthen the statistical function management of drugs and consumables in the hospital information system, the information department takes effective measures such as authorization, encryption and control of terminal information collection scope, and implements hierarchical management of the authority of various departments to query hospital information through computer networks. Without authorization and filing, no department or individual may call the drug-related function menu of the hospital information system.

2.3 Real-time monitoring alarm and audit trail

According to the common statements and behaviors of unified operation, the corresponding identification rules are formulated, and the massive disorderly data in hospital application systems are sorted and analyzed to restore the operations of all staff, including business access, system maintenance and strategy configuration. At the same time, a set of user access behavior model of HIS system (hospital information system) database is established, including thousands of dynamic elements such as account number, IP address, client tools, SQL statements and returned results. Combined with the administrator's settings, the unified behavior is filtered and recorded, and the suspicious unified behavior is warned at the first time, and reminded and warned by SMS, email, flash, webpage and other forms. Let managers know who (who) used what tools (methods) and what data (what) they took from the database at the first time. Under certain conditions, the security system can block system access according to the source/destination IP address, source/destination MAC address, access time, access content and other conditions, thus controlling the client's access to unauthorized application systems.

3. The effectiveness of anti-uniform prescription application

By taking technical measures to prevent the unified party system from stopping the unified party behavior in the hospital, it not only realizes the audit of the operation behavior of administrators at all levels, effectively prevents the abuse of the administrator's authority, but also ensures the traceability of the unified party behavior and reduces the security risk of system maintenance personnel; It not only completely records and analyzes the operations of querying, changing and deleting sensitive data, but also protects the security of important data, and also controls the access of illegal terminals to the system to ensure the continuity of business.

4 conclusion

Hospital information security construction is an important part of hospital informatization construction, and the protection of important data such as patient privacy, doctors' medication information and financial information is the guarantee for the safe operation of the hospital. Protecting hospital information through various management systems and technical means, especially tracing the records of the unified party after preventing the unified party system and audit mechanism, is an important content of hospital information security construction.

refer to

Lai Wei, Xin, Wu Ruming, et al. Research on data auditing of regional medical information sharing platform [J]. Journal of Medical Informatics, 20 10/0,31(12):14-65438.

[2] Lumen technology. Operation and Maintenance Security Audit Relocation [J]. Webmaster World, 20 12(24):48-49.

[3] Li Jingcheng. Hospital information security construction [J]. Computer CD-ROM software and application, 2012 (15):14-15.

;