The implementation of information security systems is one of the main components, without which the existence of any modern medical institution is impossible. This question is actual for the healthcare industry. This is confirmed by the presence of large-scale measures that are being implemented as part of the Russian Federation’s healthcare modernization program. But the result of informatization is not always achieved easily and successfully. This process includes the equipment of the technical support of the organization and the fragmentary implementation of information systems to the full informatization of medical institutions with the introduction of full-featured medical information systems. Informatization of healthcare organizations makes it possible to systematize a large amount of information. In turn, this requires the implementation of personal data protection systems, storage, archiving and access to this data. The introduction of these systems into the healthcare industry of the Russian Federation has recently entered a new stage. It has complex tasks to integrate new technologies that provide information security to medicine. So, the most pressing problem of the medical industry is information protection, that is, the creation of an ISMS (information security management system).
Modeling the information security management system (ISMS) of a medical organization