医院数据资产安全治理体系的建设研究  

作　　者：吴震天 夏逸舜 莫远明[1] 乔思奇 张子通 王哲 刘翰腾[1] 龙思哲[1,3] WU Zhentian;XIA Yishun;MO Yuanming;QIAO Siqi;ZHANG Zitong;WANG Zhe;LIU Hanteng;LONG Sizhe(The First Affiliated Hospital of Sun Yat-sen University,Guangzhou 510080,Guangdong Province,China;Shenzhen Elingke Information Technology Co.,Ltd.;Zhongshan School of Medicine,Sun Yat-sen University)

机构地区：[1]中山大学附属第一医院,广州510080 [2]深圳市易聆科信息技术股份有限公司 [3]中山大学中山医学院

出　　处：《中国数字医学》2025年第4期21-28,共8页China Digital Medicine

基　　金：国家重点研发项目-智慧医养康服务一体化技术与应用研究(2022YFC3601600)。

摘　　要：随着大数据、云计算、人工智能等新技术的不断发展与应用,数据要素已成为推动医疗健康领域变革和数智化转型的关键力量,将医疗数据转化为数据资产的需求日益迫切,但同时也面临着严峻的数据安全挑战。因此,提高数据资产安全保障能力成为医院高质量发展过程中的重要任务。某三级甲等医院遵循国家相关法律法规和行业标准,参照数据安全能力评价模型,通过优化组织架构、完善管理制度、资产梳理与分类分级、风险评估、强化技术防护、提升运营管控以及人才培养等一系列举措,构建管理-技术-运营一体化的数据安全治理体系,实现医院对数据全生命周期的安全管理,提升了数据安全防护能力,为医院依法合规开展数据资产的应用与共享、挖掘数据要素价值提供有力保障。With the continuous development and application of new technologies such as big data,cloud computing,and artificial intelligence,data elements have become a key force to promote the transformation of the medical and health field and the transformation of data intelligence.The demand for converting medical data into data assets is increasingly urgent,but it is also facing severe data security challenges.Therefore,enhancing the security support capability of data assets has become an important task in the process of high-quality development of hospitals.In accordance with relevant national laws and regulations and industry standards,and with reference to the data security capability evaluation model,a tertiary Grade-A hospital built a management-technology-operation integrated data security governance and management system through a series of measures such as optimizing organizational structure,improving management system,asset sorting and classification,risk assessment,strengthening technical protection,improving operation management and control,and personnel training.This system enables the hospital to manage the security of data throughout its entire life cycle,enhances its data security protection capability,and provides a strong guarantee for the hospital to apply and share data assets and explore the value of data elements in compliance with laws and regulations.

关 键 词：数据资产 安全治理 安全能力评估 数据分类分级 

分 类 号：R574.6[医药卫生—消化系统] TP181[医药卫生—内科学]