Document Type



Information technology has been widely applied in the fields of globally medical care, which makes the service apparently progress in its quality and efficiency. However, medical information that was stored in electronic form really causes the risk of leaking. A good security risk management offers a positive guarantee for hospitals, which highly relying on information technology, while running their organization. While carrying out risk analysis, the value of information assets, existing weakness, and potential threat from outside of this information system must be realized. It is quite important to determine the value of information assets for the security risk management. With information age coming, there is the greater part of asset value not shown from the traditional balance sheets in accounting books. This kind of asset, which can’t be shown on the balance sheet, is intellectual capital. In the study of information asset and intellectual capital, Ross et al. (1996) divided information assets into three kinds of capitals - human asset, technology asset and relationship asset. These play the same tune with the three key elements of intellectual capitals- human capital, structural capital and relational capital. Within numerous assessment methods of intellectual capital, balanced scorecard assesses intellectual capital value from the view of management and efficiency. Hence, this research proposes utilizing the balanced scorecard to find out the assessment index of information assets for domestic medical institutes while carrying on risk management. Hopefully, the results of this research can be regarded as the references of risk management of information security for domestic medical institutes.