Penilaian Keamanan Informasi Di Rumah Sakit Panti Wilasa Citarum Berdasar Indeks KAMI 5.0

Arif Kurniadi, Alpha Reandra Permana, Agung Wardoyo

Abstract


Regulation Number 24 of 2022 by the Minister of Health of the Republic of Indonesia addresses Data Security and Protection. The Panti Wilasa Citarum Hospital follows Hospital Accreditation Commision quality standards, particularly regarding MRMIK 13 which covers information technology regulations. The hospital assesses its information security readiness using the KAMI Index from BSSN, aligned with ISO/IEC 27001 standards, to evaluate the level of information security as it implements Electronic Medical Records.  The study involved a questionnaire from four respondents and interviews with the IT head. Results showed the following scores: electronic system category received 20 points (High), Governance 41 points (Maturity Level I plus), Risk Management 35 points (Level II), Information Security Framework 61 points (Level I plus), Asset Management 176 points (Level II), Information Security Technology 131 points (Level II), Personal Data Protection 60 points (Level II), and Third Party Security at 53%. The overall score was 504 points, reflecting a "Basic Framework Compliance" at Maturity Level II, which did not meet KAMI Index requirements. The hospital must enhance information security through training, awareness, and periodic assessments.

Keywords


Information Security, Data Protection, KAMI Index, ISO/IEC 27001

References


Amran, Rika, Apriyani, Anisah, Dewi, and Purnama Nadia, “Peran Penting Kelengkapan Rekam Medik di Rumah Sakit,” Baiturrahmah Med. J., vol. 1, no. 1, pp. 69–76, Sep. 2021.

Kesehatan Kementerian, Permenkes Nomor 24 Tahun 2022. Indonesia, 2022. [Online]. Available: www.peraturan.go.id

Kementerian Kesehatan RI, “Situasi dan Tantangan Kesehatan Digital Indonesia 1 CETAK BIRU STRATEGI TRANSFORMASI DIGITAL KESEHATAN 2024,” 2021. [Online]. Available: https://www.kemkes.go.id/

M. Amin et al., “Implementasi Rekam Medik Elektronik: Sebuah Studi Kualitatif,” vol. 8, no. 1, pp. 430–442, 2021, [Online]. Available: http://jurnal.mdp.ac.id

M. K. dan I. RI, PERLINDUNGAN DATA PRIBADI DALAM SISTEM ELEKTRONIK. 2016.

E. Tri Ardianto, L. Nurjanah, P. Studi Manajemen Informasi Kesehatan, J. Kesehatan, and P. Negeri Jember, “ANALISIS ASPEK KEAMANAN DATA PASIEN DALAM IMPLEMENTASI REKAM MEDIS ELEKTRONIK DI RUMAH SAKIT X,” vol. 3, no. 2, pp. 2829–4777, 2024, doi: 10.47134/rammik.v3i2.54.

L. R. Rimbun, E. L. D. Marisi, and T. Hidayati, “Tantangan Keamanan Data dalam Telemedicine Implikasi Terhadap Privasi Pasien dan Kepercayaan dalam Layanan Kesehatan Digital: Systematic Review,” MAHESA Malahayati Heal. Student J., vol. 4, no. 10, pp. 4398–4415, 2024, doi: 10.33024/mahesa.v4i10.15391.

BBC News, “Data eHAC milik 1,3 juta penggunanya dilaporkan bocor, ‘keamanan data tidak prioritas,’” 2021. https://www.bbc.com/indonesia/indonesia-58393345

Tempo, “Data Pasien Bocor, Ahli Siber Ajari Berlindung dari Ransomware dan Extortionware,” 2022. https://www.tempo.co/digital/data-pasien-bocor-ahl

Diva Rizky Amanda Tiorentap and Hosizah, “Aspek Keamanan Informasi dalam Penerapan Rekam Medis Elektronikdi Klinik Medical Check-Up MP,” Pros. 4 SENWODIPA, pp. 53–66, Nov. 2020.

C. Chazar, “STANDAR MANAJEMEN KEAMANAN SISTEM INFORMASI BERBASIS ISO/IEC 27001:2005,” J. Inf., vol. VII, no. 1, pp. 58–82, 2015, [Online]. Available: https://informasi.stmik-im.ac.id/wp-content/uploads/2016/05/03-Haryoso-Wicaksono.pdf

Haeruddin and A. Kurniadi, “Analisis Keamanan Jaringan WPA2-PSK Menggunakan Metode Penetration Testing (Studi Kasus : TP-Link Archer A6),” Conf. Manag. Business, Innov. Educ. Soc. Sci., vol. 1, no. 1, pp. 508–515, Feb. 2021, [Online]. Available: https://journal.uib.ac.id/index.php/combines

Bagaskara, “ISO 27001:2022 – Sistem Manajemen Keamanan Informasi.” https://mutucertification.com/sertifikasi-iso-27001-2022/

I. G. P. K. Juliharta, T. K. Werthi, and L. P. N. S. P. A. Astawa, “PENILAIAN KEAMANAN INFORMASI E-GOVERNMENT MENGGUNAKAN INDEX KEAMANAN INFORMASI (KAMI) 4.0,” J. Teknol. Inf. dan Komput., vol. 6, no. 2, pp. 238–244, Jan. 2020, [Online]. Available: https://bssn.go.id/mengenali-serangan-siber-

Sugiyono, Metodelogi Penelitian Kuantitatif dan Kualitatif Dan R&D. Bandung: Alfabeta, 2019.

Badan Siber dan Sandi Negara, KERANGKA KERJA PELINDUNGAN INFRASTRUKTUR INFORMASI VITAL. 2023.

Bizplus, “TRANSISI ISO 27001:2013 MENUJU ISO 27001:2022.” https://bizplus.id/Transisi-Iso-27001-2013-Menuju-Iso-27001-2022/

A. Bakhtiar and F. Salsabila Hidayat, “EVALUASI SISTEM MANAJEMEN KEAMANAN INFORMASI BERDASARKAN PENILAIAN INDEKS KAMI v.4.2 PADA DINAS XYZ PROVINSI JAWA TENGAH,” 2023.

Komisi Akreditasi RS, Instrumen Survei Akreditasi KARS sesuai Standar Akreditasi RS Kemkes RI 2022. Jakarta, 2022.

K. RI, “Cetak Biru Situasi dan Tantangan Kesehatan Digital Kesehatan 2024,” 2021.




DOI: https://doi.org/10.26877/jiu.v12i1.27316

Refbacks

  • There are currently no refbacks.


Copyright (c) 2026 Arif Kurniadi

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.