Vol. 11 No. 6 (2025): June
Open Access
Peer Reviewed

Analysis of Electronic Medical Records Data Security: Case Study in Citra Husada Sigli Hospital

Authors

Juliana , Alamsyah , Susanna Halim

DOI:

10.29303/jppipa.v11i6.11081

Published:

2025-06-30

Downloads

PDF

Abstract

In health services, electronic medical record (E-MR) stands as tool to accelerate the provision of services to patients. However, patient’s medical record data must be kept secure, especially because it is easily hacked by unauthorized parties. This study aims to analyze the security of E-MR data at Citra Husada Hospital and identify risks that can occur. This study uses a qualitative survey with a case study design with 10 respondents that were selected by purposive sampling. The aspects of patient’s E-MR data security studied were confidentiality, integrity, authentication, availability, access control and non-repudiation. The security of E-RM data is generally good in confidentiality, authentication, availability, access control, and non-repudiation. However, some areas need improvement. While login requires a username and password, the password complexity is weak. Integrity is inadequate due to the lack of an SOP for data changes. Authentication includes digital signature related to encrypted username and password but lacks a certified electronic signature. The system is accessible only within the hospital’s intranet, ensuring availability. Access rights are well-structured. A track record ensures non-repudiation. The highest risk is unauthorized changes to patient data, highlighting the need for stronger risk management measures.

Keywords:

Data Security Aspects Electronic Medical Records Hospital

References

Ardianto, E. T., & Nurjanah, L. (2024). Analisis Aspek Keamanan Data Pasien Dalam Implementasi Rekam Medis Elektronik Di Rumah Sakit X. Jurnal Rekam Medik Dan Manajemen Informasi Kesehatan, 3(2), 18–30.

Hidayah, E. N. (2023). Analisis Aspek Keamanan Data Pada Hospital Information System (His) Dalam Penerapan Rekam Medis Elektronik Di Rsup Nasional Dr. Cipto Mangunkusumo Jakarta.

Menteri Kesehatan. (2022). Peraturan Menteri Kesehatan RI No 24 tahun 2022 tentang Rekam Medis. Peraturan Menteri Kesehatan Republik Indonesia Nomor 24 Tahun 2022, 151(2), 1–19.

Nugraheni, N. (2018). Aspek Hukum Rekam Medis Elektronik di RSUD Dr Moewardi. Prosiding Seminar Nasional Unimus, 1, 92–97.

Pahlevi, A. R., Wardhana, E. S., & Agustin, E. D. (2021). Electronic Medical Record At Rsigm Sultan Agung Semarang Reviewed From the Completeness and the Safety Format System. Jurnal Medali, 3(1), 20. https://doi.org/10.30659/medali.v3i1.16892

Peraturan Pemerintah Republik Indonesia Nomor 71 Tahun 2019 Tentang Penyelenggaraan Sistem Dan Transaksi Elektronik, 7 Media Hukum 70 (2019).

Ramadhanti, A. T. (2022). Analisis Aspek Keamanan Informasi Pasien dalam Penerapan Rekam Medis Elektronik di Rumah Sakit PHC Surabaya.

Sofia, S., Ardianto, E. T., Muna, N., & Sabran, S. (2022). Analisis Aspek Keamanan Informasi Data Pasien Pada Penerapan RME di Fasilitas Kesehatan. Jurnal Rekam Medik & Manajemen Informasi Kesehatan, 1(2), 94–103. https://doi.org/10.47134/rmik.v1i2.29

Undang-Undang Republik Indonesia Nomor 11 Tahun 2008 Tentang Informasi Dan Transaksi Elektronik, Bi.Go.Id 1 (2008). https://peraturan.bpk.go.id/Home/Details/37589/uu-no-11-tahun-2008

Waisantoro, Rohmadi, & Mulyono, S. (2014). Tinjauan Penerapan Otentifikasi Keamanan Sistem Informasi Managemen Rumah Sakit Umum Daerah Surakarta. Rekam Medis, VIII(1), 29–35.

Author Biographies

Juliana, Department of Hospital Management, Citra Husada General Hospital, Sigli

Author Origin : Indonesia

Alamsyah, Department of Business Management, HealthCare and Hospital Management, Portman College

Author Origin : Malaysia

Susanna Halim, University of Prima

Author Origin : Indonesia

License

Copyright (c) 2025 Juliana, Alamsyah, Susanna Halim

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with Jurnal Penelitian Pendidikan IPA, agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution 4.0 International License (CC-BY License). This license allows authors to use all articles, data sets, graphics, and appendices in data mining applications, search engines, web sites, blogs, and other platforms by providing an appropriate reference. The journal allows the author(s) to hold the copyright without restrictions and will retain publishing rights without restrictions.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in Jurnal Penelitian Pendidikan IPA.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

Downloads

Download data is not yet available.

How to Cite

Juliana, J., Alamsyah, A., & Halim, S. (2025). Analysis of Electronic Medical Records Data Security: Case Study in Citra Husada Sigli Hospital. Jurnal Penelitian Pendidikan IPA, 11(6), 773–782. https://doi.org/10.29303/jppipa.v11i6.11081