近年來醫療機構面臨各種競爭,再加上全民健保制度的變革,給醫院管理帶來莫大的衝擊與挑戰。醫療機構為提升醫療服務品質與醫療作業流程簡化,皆透過資訊科技來強化、提昇組織的競爭力。醫療機構實施電子病歷是政府推廣的政策,這也是醫療機構努力資訊化的目標。醫療機構除了運用資訊技術來建構資訊安全防護機制之外,也必須藉由資訊安全管理層面來探討如何增加管理績效。本研究之目的即是藉由平衡計分卡的概念,探討導入資訊安全管理系統的醫院如何建構關鍵績效指標。 本研究根據文獻探討之結果,彙整影響醫院績效之資訊安全衡量指標;並採用專家訪談法,經醫療資訊界、學術界、資訊安全管理顧問,共八位資訊安全管理與績效管理專家,以專家問卷進行意見的表達,並篩選出平衡計分卡四個構面54個資訊安全專家共識的指標。再透過醫院內部問卷進行資料收集,並採用探索性因素分析,取得平衡計分卡四個構面之50個關鍵績效指標以及9項策略主題;再透過多元迴歸分析法找出關聯路徑,以建立資訊安全策略地圖。本研究成果將可以提供醫療機構推行資訊安全績效指標之參考。
In recent years, in addition to face various competition, medical institutions have to adapt the National Health Insurance system change. Hospitals need to face great challenges and impacts in management. In order to improve the quality of medical services and simplify the medical processes, medical institutions must be strengthened through information technology to enhance the competitiveness of the organization. The implementation of electronic medical records is the government's policy, and it is also the goal of medical institutions to promote information technology. In addition to use information technology to construct information security mechanisms, medical institutions must to explore how to increase management performance by way of information security management. The purpose of this study is to explore that a hospital deploying Information Security Management System how to construct key performance indicators based on Balanced Scorecard concept. According to the results of literature review, this study collect the information security indicators which affect hospital's management performance. This study used expert interviews method to interview eight experts of information security management and performance management. The Knowledge areas of these experts include medical information, academia, and information security management. According to the results of expert interviews, we obtain 54 information security indicators which are categorized to four dimensions of Balanced Scorecard. And then, we used questionnaire survey to collect data from hospital staff, and used factor analysis to obtain nine policy themes from 50 key performance indicators based on Balanced Scorecard concept. After that we used multiple regression analysis to find out pathways and construct information security strategy map. The findings of this study would provide an important reference for medical institutions in their future practices of the implementation of information security performance indicators.