Abstract
<jats:p>The aim of this research is to design a model of an automated medical data processing system considering information security. To achieve this goal, the paper formulates the main objectives of an automated medical data processing system; proposes a design principle for an automated system considering information security; presents the architecture of an automated medical data processing system, and presents a methodology for analysing the vulnerabilities of an automated medical data processing system using the FSTEC RF and MITRE databases. The novelty of this work lies in the proposed creative concept of dividing the automated system architecture into the presentation, processing, and storage levels of medical data. The article also proposes definitions of subjects and objects of information security threats. The research results include a model of an automated medical data processing system, as well as a vulnerability analysis methodology based on the FSTEC Russian Federation vulnerability database and the MITRE database.</jats:p>