2017-2018 年報 Annual Report

資訊科技的管治

Information Technology Governance

Revisiting IT Services Needed for TWGHs Disaster Recovery

Plan and Drill

To ensure the continued validity of the current TWGHs Disaster Recovery Plan (DRP),

the Branch conducted an annual DRP drill for specific critical application systems

in October 2017. As the current DRP service contract will expire in early 2018, the

Branch has been reviewing the overall demand for IT services, taking into account

current changes and development of IT hardware and software infrastructure, as

well as the related service terms and the criticality of the current IT application

systems in TWGHs. The review will help the Branch in preparing specifications for

new service contracts and appointing a capable contractor to provide proper and

adequate IT facilities for the DRP in TWGHs.

Reviewing Current Guidelines on Information and Personal

Data Confidentiality and IT System and Internet Security

Following a regular practice, the Branch conducted risk assessment on IT security by

reviewing the current Guidelines on Information and Personal Data Confidentiality

and IT System and Internet Security to ensure that they are valid and up-to-date.

The review covered ISO initiatives, the latest IT security measures, and related

ordinances and laws, such as Personal Data (Privacy) (Amendment) Ordinance

(Cap. 486) and Electronic Health Record Sharing System Ordinance (Cap. 625). The

reviewed and updated guidelines were then communicated by the Branch to staff

members so that they would be well aware of the importance of IT security and

contribute to the proper protection of TWGHs’ confidential information.

檢討東華三院資訊科技應用系統災難

復原計劃及所需的服務

為確保本院現有資訊科技應用系統的災難復原

計劃的效能，資訊科技處於2017年10月為相

關應用系統進行年度演習。由於現時的服務供

應商服務合約將於2018年初完結，該處正積

極檢視資訊技術硬件和軟件的最新發展以及相

關的服務條款，以重新擬定新服務合約的條款

和規格，並尋找有能力的服務供應商為本院提

供適切的系統災難復原設施和服務。

檢討現行個人資料保密和互聯網安全

指引

資訊科技處定期進行資訊科技安全風險評估，

檢視現行個人資料保密和互聯網安全指引，包

括國際標準認證的措施、最新的資訊科技保

安措施，以及相關法例如個人資料（私隱）

（修訂）條文（第486章）和電子健康紀錄互

通系統條例（第625章）等。該處已修訂現行

的安全指引及通報員工，確保他們了解資訊科

技安全的重要性及相關指引，從而適當地保護

本院的機密資料。

2017/2018年度為各科/處提供系統支援服務

System Support Services Provided for Various Divisions/Branches in the Year 2017/2018

醫務科

Medical Division

教育科

Education Division

社會服務科

Community Services

Division

行政總部

Administration

Headquarters

電腦支援數目

Number of Personal Computers Supported

351

348

2,451

627

資訊科技伺服器支援數目

Number of IT Servers Supported

網絡及互聯網絡服務支援數目

Number of Local Area Networks and Internet Services Supported

不包括置於中、小學及東華學院作教學用途的電腦及網絡。

All computers and IT networks installed at the primary schools, secondary schools and Tung Wah College for teaching purpose are excluded.

不包括非資訊科技處直接管理的網絡及互聯網絡服務。

The network and internet services which are not directly administered by the Information Technology Branch are excluded.

電腦支援數目

Number of Personal

Computers Supported

資訊科技伺服器支援數目

Number of IT Servers

Supported

網絡及互聯網絡服務支援數目

Number of Local Area Networks

and Internet Services Supported

84.21%

10.53%

5.26%

9.76%

53.66%

36.58%

348

9.22%

2,451

64.89%

627

16.60%

351

9.29%

資訊科技

Information Technology

186

合計

Total: 3,777 sets

合計

Total: 82 sets

合計

Total: 19 sets

醫務科

Medical Division

社會服務科

Community Services Division

教育科

Education Division

行政總部

Administration Headquarters