Paper Number
ICIS2025-2725
Paper Type
Complete
Abstract
The link between hospital digitalization and cybersecurity breaches is empirically mixed and under-theorized. We develop a contingency theory of hospital cybersecurity breach risk that specifies how digitalization level, geographic context (urban vs. rural), and organizational mission (religious vs. secular) condition the digitalization–breach relationship. Using a panel of 5,345 U.S. hospitals (2009–2017), including 486 with at least one breach, we find a curvilinear relationship: breach likelihood rises at low-to-moderate digitalization, flattens at intermediate digitalization level, and declines at high digitalization level. Context moderates this relationship to shift the curve: urban and secular hospitals exhibit higher peaks and later turning points, whereas religious mission attenuates the curvature—especially outside urban settings. These results move beyond technology determinism, showing when digital transformation elevates versus reduces breach risks of hospitals, and they offer actionable guidance on sequencing governance and security investments with increasing digital maturity.
Recommended Citation
Lu, Lirong and Tanriverdi, Hüseyin, "Effects of Digitalization on Cybersecurity of U.S Hospitals: The Roles of Urban-Rural Divide and Religious-Secular Mission" (2025). ICIS 2025 Proceedings. 23.
https://aisel.aisnet.org/icis2025/cyb_security/cyb_security/23
Effects of Digitalization on Cybersecurity of U.S Hospitals: The Roles of Urban-Rural Divide and Religious-Secular Mission
The link between hospital digitalization and cybersecurity breaches is empirically mixed and under-theorized. We develop a contingency theory of hospital cybersecurity breach risk that specifies how digitalization level, geographic context (urban vs. rural), and organizational mission (religious vs. secular) condition the digitalization–breach relationship. Using a panel of 5,345 U.S. hospitals (2009–2017), including 486 with at least one breach, we find a curvilinear relationship: breach likelihood rises at low-to-moderate digitalization, flattens at intermediate digitalization level, and declines at high digitalization level. Context moderates this relationship to shift the curve: urban and secular hospitals exhibit higher peaks and later turning points, whereas religious mission attenuates the curvature—especially outside urban settings. These results move beyond technology determinism, showing when digital transformation elevates versus reduces breach risks of hospitals, and they offer actionable guidance on sequencing governance and security investments with increasing digital maturity.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
09-Cybersecurity