Latar Belakang: Rumah Sakit UGM merupakan salah satu rumah sakit di Provinsi DIY yang telah menggunakan sistem rekam kesehatan elektronik. Namun, dalam pelaksanaan rekam kesehatan elektronik harus memperhatikan beberapa hal agar fungsi utama rekam kesehatan sebagai penyimpan data dan informasi pasien tetap terjaga. Salah satunya yaitu keamanan sistem rekam kesehatan elektronik. Salah satu standar keamanan yaitu menggunakan The Privacy Rule dari HIPAA (Health Insurance Portability and Accountability Act). Maka dari itu peneliti tertarik untuk melakukan penelitian mengenai tinjauan implementasi aspek keamanan RKE berdasarkan standar aturan HIPAA di Rumah Sakit UGM. Tujuan: Mengetahui pengimplementasian aspek keamanan rekam kesehatan elektronik berdasarkan standar aturan keamanan HIPAA di Rumah Sakit UGM, mengetahui kendala yang dihadapi dalam pengimplementasian aspek keamanan rekam kesehatan elektronik berdasarkan standar aturan keamanan HIPAA di Rumah Sakit UGM. Metode Penelitian: Jenis penelitian ini adalah penelitian deskriptif dengan menggunakan pendekatan kualitatif dan rancangan penelitian fenomenologis. Pengumpulan data menggunakan wawancara, studi dokumentasi dan observasi. Sedangkan pengambilan sampel menggunakan teknik purposive sampling Validasi data menggunakan triangulasi sumber dan triangulasi teknik. Hasil: implementasi aspek keamanan rekam kesehatan elektronik berdasarkan standar aturan keamanan HIPAA di Rumah Sakit UGM meliputi standar perlindungan administratif, fisik dan teknis. Ketiga standar sudah dilaksanakan, namun belum ada kebijakan untuk penggantian password secara berkala. Kendala yang dihadapi yaitu setiap petugas yang memiliki password dan username untuk mengakses rekam kesehatan elektronik masih bisa melihat data milik pasien hal ini terkait kerahasiaan informasi milik pasien.

Background: UGM Hospital is one of the hospitals in the Special Region of Yogyakarta that have been using electronic health records system. However, in the implementation of electronic health record must considering several things in order the main function of electronic health record as data storage and patient information is still maintaned. One of those is the security of electronic health record systems. One of the safety standards by using the Privacy Rule of HIPAA (Health Insurance Portability and Accountability Act). Therefore the researcher is interested in conducting research on the implementation review of safety aspects of electronic health records based on the standard rules of HIPAA in UGM Hospital. Objective: to determine the implementation of the safety aspects of electronic health record based on the HIPAA security rule in UGM Hospital and to acknowledge the obstacles in the implementation of security aspects of electronic health record based on the HIPAA security rule in UGM Hospital. Methods: The study was a descriptive study using a qualitative approach and phenomenological research design. Techniques of data collection by interviews, documentation and observation studies. While sampling using purposive sampling data, validation using triangulation sources and triangulation techniques. Results: the implementation of security aspects of electronic health record based on the HIPAA security rule standard in UGM Hospital includes administrative safeguards, physical safeguard and techincal safeguards. Those third standards has been implemented, but there is no policy to change passwords periodically. The obstacle of the implementation of electronic health records is every officer who have password and username to access electronic health record can still see the data that belongs to the patient, it is related to the confidentiality of information of patient.

Kata Kunci : pelaksanaan, rekam kesehatan elektronik, electronic health record, aspek keamanan, HIPAA