The study looked at how medical institutions handle information security, comparing public and private hospitals. They used a survey based on ISO 27001 to see how well information security is managed in these institutions. The goal is to improve the security of information systems in medical units. The results can help medical staff understand why information security is important and make better decisions.