Since the promulgation and implementation of the Cybersecurity Law of the People's Republic of Chinain 2017，a series of related requirements suchas safety management，emergency incident plan，safety reviews，safety responsibilities，and key infrastructure，have been gradually implemented in concerning by the medical and health industry. Gradually，data security becomes the top priority of the industry. As a result，the safety and privacy protection of residents' health information became a new concern in 2018. At the same time，with the clear requirements for the security regulations of key information infrastructure，the security of medical institutions will become the new topics.