To be honest, I have never participated as an information system administrator. However, I have had experience as an electronic health record in some hospitals. There are two major problems regarding information security, namely to preserve confidentiality and to preserve availability. In the problem of preserving confidentiality, medical students have to use the electronic medical record; however, they have no username to access the information system. Therefore, they must access the system by using their senior username and password. This problem has been solved by asking the information technology department to generate the username and password for individual medical students. Another problem is to preserve availability. The information system has to be closed during regular maintenance, interrupting our healthcare service. The organization should have another server to use during the maintenance of the main server.
Thank you.