In this paper, it is proposed the security of the information model on process mining of the surgery block to safeguard patient information using data visualization. The proposal has taken ISO 27001 as a standard to identify good practices in the detection of various types of computer attacks aimed at evaluating data, collected in business processes. To do this, the process of improvement in the management of the information security risk of a medical establishment is used. The proposed model is based on the application of a suite of computer attack analysis tools to increase the level of security of the company's processes. The proposal is based on 6 phases: 1. Assess risks, 2. Implement controls, 3. Define a treatment plan, 4. Process mining, 5. Data visualization and 6. Evaluation of results. The proposal was validated through an experimental case of a cyber-attack on a medical establishment in Lima, Peru, which did not have fitting controls and contingency plans within its business processes. Preliminary results show that in the face of the support of the instruments of our model the level of security has increased by 25% with our proposal.
