Health-Care Security Strategies for Data Protection and Regulatory Compliance
This study identifies how security performance and compliance influence each other and how security resources contribute to two security outcomes: data protection and regulatory compliance. Using simultaneous equation models and data from 243 hospitals, we find that the effects of security resources vary for data breaches and perceived compliance and that security operational maturity plays an important role in the outcomes. In operationally mature organizations, breach occurrences hurt compliance, but, surprisingly, compliance does not affect actual security. In operationally immature organizations, breach occurrences do not affect compliance, whereas compliance significantly improves actual security. The results imply that operationally mature organizations are more likely to be motivated by actual security than compliance, whereas operationally immature organizations are more likely to be motivated by compliance than actual security. Our findings provide policy insights on effective security programs in complex health-care environments.
- Publisher
- ROUTLEDGE JOURNALS
- Issue Date
- 2013
- Language
- English
- Article Type
- Article
- Keywords
INFORMATION-SYSTEMS SECURITY; RESOURCE-BASED VIEW; COMPETITIVE ADVANTAGE; RISK-MANAGEMENT; EMPIRICAL-EXAMINATION; MULTIBUSINESS FIRMS; PERFORMANCE; TECHNOLOGY; GOVERNANCE; ASSETS
- Citation
JOURNAL OF MANAGEMENT INFORMATION SYSTEMS, v.30, no.2, pp.41 - 65
- ISSN
- 0742-1222
- Appears in Collection
- MT-Journal Papers(저널논문)
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 41 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.