Ejigu, Dejene(PhD)Hadush, Selemawit2018-06-252023-11-042018-06-252023-11-042015-04http://etd.aau.edu.et/handle/123456789/3105Security is a vital part of daily life to healthcare organizations that need to ensure the information is adequately secured. The existing infrastructure lacks the structural security and privacy elements needed to support the evolving IT infrastructure, emerging legislative regulations, and ever increasing threats. The problem, then, is how we can maintain the availability of the right information at the right time and at the same time maintain the security and privacy of patient information. This research took a broad approach into existing information security and privacy of healthcare domain with practical focus on Black Lion Hospital and Korean Hospital. The main theme of this thesis is that such major paradigm shifts or using/adopting new technologies demand a rethinking of the security and privacy aspects and solutions. The desire is to engage all parties, including the clinicians and patients, and understand what is acceptable and desirable before the coming generation of healthcare systems is deployed. There will certainly be tension between security and usability, between patient privacy and the clinician convenience. The point here is, therefore, to hit the balance between the two and come up with a system that satisfies both. Thus, to overcome the limitations and enable the complete protection of sensitive information this study reviews existing information security and privacy of health information system and the available open source software that can be enhanced with such service and used to improve the HIS. We proposed and implemented a prototype that enhances information security and privacy of HIS using OpenMRS. The prototype’s main security and privacy features includes confidentiality on the server side that is ensured by a carefully placed access control mechanism, encryption that protects the confidentiality during transfer of the data and at storage, anonymization of patient medical record and the use of log files. The proposed prototype meets all of our objectives. Finally, the prototype is tested using OpenMRS demo data and evaluated by health professionals in Black Lion Hospital and Korean Hospital. The result is encouraging and full deployment can be thought of. Keywords: Information Security, Privacy, Health Information System, Electronic Medical Record, OpenMRSenInformation SecurityPrivacyHealth Information SystemElectronic Medical RecordOpenmrsThesis