Why do Healthcare Organizations Choose to Violate Information Technology Privacy Regulations? Proposing the Selective Information Privacy Violations in Healthcare Organizations Model (SIPVHOM)

Authors

Paul Benjamin Lowry, City University of Hong KongFollow
Jeffrey D. Wall, University of North Carolina-GreensboroFollow
James Selfridge, Brigham Young UniversityFollow

Affiliated Organization

Proceedings of JAIS Theory Development Workshop

Abstract

Privacy concerns about protected healthcare information (PHI) are rampant because of the ease of access to PHI from the advent of Healthcare IT (HIT) and its exploding use. Continual negative cases in the popular attest to the fact that current privacy regulations are failing to keep PHI sufficiently secure in the climate of increate HIT use. To address these issues, this paper proposes a theoretical model with testable hypotheses to explain and predict organizational IT privacy violations in the healthcare industry. Our model, the Selective Information Privacy Violations in Healthcare Organizations Model (SIPVHOM), explains how organizational structures and processes and characteristics of regulatory environments alter perceptions of risk and thereby the likelihood of rule violations. Finally, based on SIPVHOM, we offer recommendations for the structuring of regulatory environments and organizational structures to decrease abuse of PHI.

Volume

11

Issue

138

Recommended Citation

Lowry, Paul Benjamin; Wall, Jeffrey D.; and Selfridge, James, " Why do Healthcare Organizations Choose to Violate Information Technology Privacy Regulations? Proposing the Selective Information Privacy Violations in Healthcare Organizations Model (SIPVHOM)" (2011). All Sprouts Content. 453.
https://aisel.aisnet.org/sprouts_all/453