Dissertation/Thesis Abstract

A Prudent Access Control Behavioral Intention Model for the Healthcare Domain
by Mussa, Constance C., Ph.D., Nova Southeastern University, 2011, 247; 3474092
Abstract (Summary)

In recent years, many health care organizations have begun to take advantage of computerized information systems to facilitate more effective and efficient management and processing of information. However, commensurate with the vastly innovative enhancements that computer technology has contributed to traditional paper-based health care information systems, are security vulnerabilities that have potentially devastating effects on these systems. To ensure the confidentiality, integrity, and availability of information and to ensure compliance with the Security Rule of the Health Insurance Portability and Accountability Act (HIPAA), health care organizations have implemented a number of security controls. Although the objectives of these controls are understood and acknowledged by users of computerized patient care information management systems, the controls are sometimes circumvented or ignored.

The purpose of this study was the development of an instrument that measures key determinants of healthcare professionals’ prudent access control behavior. The study examined healthcare professionals’ prudent access control behavior using a model that integrates the Theory of Planned Behavior (TPB) and the Health Belief Model (HBM). Two additional variables - information security awareness and perceived information security responsibility were incorporated into the model. Rather than focusing on a single behavior or a few specific behaviors, a category of behaviors was proposed. Results of the study indicate that the HBM and TPB constructs as well as the two additional constructs included in the model are indeed key determinants of healthcare professionals’ intention to engage in prudent access control behavior that mitigate security threats. Additionally, results of the study provide support for the partial mediating effects of perceived benefits and perceived responsibility for information security on attitude, information security awareness, subjective norm, perceived behavioral control, and perceived severity. The study contributes to the IS knowledge domain by providing theoretically grounded explanations for a subset of prudent information security behaviors of healthcare professionals.

Indexing (document details)
Advisor: Cohen, Maxine S.
Commitee: Stout, Glenn A., Terrell, Steven R.
School: Nova Southeastern University
Department: Information Systems (DISS)
School Location: United States -- Florida
Source: DAI-B 72/12, Dissertation Abstracts International
Source Type: DISSERTATION
Subjects: Information Technology
Keywords: Access control, Confidentiality, Healthcare domain, Information security, Security threats, Theory of planned behavior
Publication Number: 3474092
ISBN: 9781124894294
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest