With the constant innovation and progress of information technology, the development of medical information system has been paid more attention to day by day. The industry of medical service also follows the trend to adopt digital products as assistants, such as electronic anamnesis system, radio frequency identification (RFID), off-site monitoring, short message system (SMS) of PHS, etc. All these related techniques are now widely applied to the procedures of medical service. Therefore, almost all medical institutions nowadays keep introducing new information techniques. However, medical industry and information science are two quite different knowledge domains with different focus issues. Medical service is an industry that requires both mental and physical efforts to take care of patients. In addition, in order to pursue up-to-date medical knowledge, most medical staffs cannot take too much time to look after the development and application of information technology, therefore, they may ignore the updated status about information security. On the other hand, as to the recruitment of workers of IT department in medical institutions, we must notice that the turnover rate is usually very high due to heavy loading in the department. This may result in the concern of information insecurity. Therefore, this research is aimed to explore those factors that threaten the security of medical information system. The research is a case study based on the interviews of medical staffs, observation on field, documental analysis, and the testing of medical information system of a large public hospital in Taiwan. The author finally proposed some recommendations for further improvement of medical information security.