Paper Type
Complete
Paper Number
1481
Description
We investigate the determinants of healthcare professionals’ information security (ISec) behavior when there is poor ISec policy. We surveyed 177 Health Information System (HIS) users and interviewed 23 HIS users and 22 managers for in-depth understanding of the survey results. We found although HIS users’ awareness of general national policy influences perceived severity of ISec incidents, it does not affect desirable ISec behavior. This is because ISec incidents have greater impact to healthcare organization than healthcare professional as there is no clear sanction for the healthcare professionals. We also found, in contrast to previous research, high workload situation strengthens the effect of perceived ISec benefits on desirable ISec behavior. This is due to the way the healthcare professionals are paid, which is based on medical treatments data in HIS. A desirable ISec behavior include exercising care when sharing password to delegate data input. Implications to research and practice are discussed.
Recommended Citation
Sari, Puspita Kencana; Sutanto, Juliana; Handayani, Putu Wuri; and Hidayanto, Achmad Nizar, "Information Security Behavior of Healthcare Professionals when There is Poor Health Information Security Policy" (2024). PACIS 2024 Proceedings. 7.
https://aisel.aisnet.org/pacis2024/track07_secprivacy/track07_secprivacy/7
Information Security Behavior of Healthcare Professionals when There is Poor Health Information Security Policy
We investigate the determinants of healthcare professionals’ information security (ISec) behavior when there is poor ISec policy. We surveyed 177 Health Information System (HIS) users and interviewed 23 HIS users and 22 managers for in-depth understanding of the survey results. We found although HIS users’ awareness of general national policy influences perceived severity of ISec incidents, it does not affect desirable ISec behavior. This is because ISec incidents have greater impact to healthcare organization than healthcare professional as there is no clear sanction for the healthcare professionals. We also found, in contrast to previous research, high workload situation strengthens the effect of perceived ISec benefits on desirable ISec behavior. This is due to the way the healthcare professionals are paid, which is based on medical treatments data in HIS. A desirable ISec behavior include exercising care when sharing password to delegate data input. Implications to research and practice are discussed.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
Security