In recent years, the form of medical records already slowly changed from paper form to electronic form. The new information science and technology makes the transmission of information easier and convenient. On the other hand, the exposedness of individual privacy and information secret would be too difficult to keep and the use of new science and technology has increased the risk of information leakiness.
The information security problem appears slowly in the electronic medical record. People that are indiscreet and negligent could cause improper damage to the information management. For this reason, the security guidelines could help healthcare institutions to improve insider and outsider security problem. The security guidelines should refer to BS7799 and HIPAA that we would take many advantages. Finally, we must estimate the benefit from purchase, integration, management, operations, maintenance, time lost, clumsy interfaces and procedures etc. These may spend a lot memory and time, so we should evaluate the cost and risk of BS7799 and HIPAA in each item; it could help us to guide how to select low cost, low risk and high benefits standard item to create the security guidelines.
Chen, Chao-Ming, "Information Security Guidelines for Healthcare Institutions" (2005). ICEB 2005 Proceedings. 74.