Evaluating the Security of Electronic Medical Records in Indonesia’s
SIMPUS Application Using the CIA Framework
Dublin Core
Title
Evaluating the Security of Electronic Medical Records in Indonesia’s
SIMPUS Application Using the CIA Framework
SIMPUS Application Using the CIA Framework
Subject
Electronic Medical Records, Data Security, SIMPUS, Confidentiality, Integrity, Availability, Health Informatics
Description
Ensuring the security of electronic medical records (EMRs) is a critical challenge in the digital transformation of healthcare systems, particularly
in developing countries. This study evaluates the security of Indonesia’s Community Health Center Information System (SIMPUS) based on the
principles of confidentiality, integrity, and availability (CIA). A qualitative descriptive approach was employed, combining interviews and direct
observation of SIMPUS implementation across multiple user roles. The findings reveal that while confidentiality is supported through user
authentication, vulnerabilities remain due to shared account usage and the absence of automatic log-off features. Data integrity is maintained
through restricted editing rights, but the lack of an audit trail limits the system’s ability to detect unauthorized changes. Data availability is
generally sufficient; however, reliance on manual backup processes exposes the system to potential data loss. The study highlights the need for
enhanced audit mechanisms, automated backup solutions, and staff training to strengthen data security compliance with national regulations and
international standards such as ISO 27001 and HIPAA. Strengthening these measures will help ensure that SIMPUS can function as a secure and
reliable platform for managing electronic medical records in Indonesia’s primary healthcare system
in developing countries. This study evaluates the security of Indonesia’s Community Health Center Information System (SIMPUS) based on the
principles of confidentiality, integrity, and availability (CIA). A qualitative descriptive approach was employed, combining interviews and direct
observation of SIMPUS implementation across multiple user roles. The findings reveal that while confidentiality is supported through user
authentication, vulnerabilities remain due to shared account usage and the absence of automatic log-off features. Data integrity is maintained
through restricted editing rights, but the lack of an audit trail limits the system’s ability to detect unauthorized changes. Data availability is
generally sufficient; however, reliance on manual backup processes exposes the system to potential data loss. The study highlights the need for
enhanced audit mechanisms, automated backup solutions, and staff training to strengthen data security compliance with national regulations and
international standards such as ISO 27001 and HIPAA. Strengthening these measures will help ensure that SIMPUS can function as a secure and
reliable platform for managing electronic medical records in Indonesia’s primary healthcare system
Creator
Yusuf Durachman1,*, Abdul Wahab Abdul Rahman2
Source
https://ijiis.org/index.php/IJIIS/article/view/263/165
Publisher
Islamic University Jakarta, Indonesia
Date
september 2025
Contributor
Fajar bagus W
Format
PDF
Language
English
Type
Text
Files
Collection
Citation
Yusuf Durachman1,*, Abdul Wahab Abdul Rahman2, “Evaluating the Security of Electronic Medical Records in Indonesia’s
SIMPUS Application Using the CIA Framework,” Repository Horizon University Indonesia, accessed January 1, 2026, https://repository.horizon.ac.id/items/show/9733.
SIMPUS Application Using the CIA Framework,” Repository Horizon University Indonesia, accessed January 1, 2026, https://repository.horizon.ac.id/items/show/9733.