Medical data are important because health care information can influence decisions about an individual``s access to credit, admission to educational institutions, and his or her ability to secure employment and obtain insurance. Research objectives for network security of hospital information systems are as following. (1) Risk analysis for network security of hospital information system. (2) Establishing of secure hospital information system network through risk management. (3) Embodiment of countermeasures for secure hospital information system network. This thesis analyzes secure hospital information system network management for computerized medical information and individual privacy using CRAMM S/W. Processing of Risk Management classified risk analysis and risk management [Tompkins, 1995 etc.]. Traditionally, information security has been considered to have three fundamental objectives, that is, confidentiality, integrity, availability. Countermeasure of network security studied through tool of risk analysis, CRAMM. This thesis suggested countermeasures of minimization for impact from threat of computerized medical information, using CRAMM (Risk analysis software).