期刊
JOURNAL OF MANAGEMENT INFORMATION SYSTEMS
卷 30, 期 2, 页码 41-65出版社
ROUTLEDGE JOURNALS, TAYLOR & FRANCIS LTD
DOI: 10.2753/MIS0742-1222300202
关键词
compliance; data breach; health care; organizational maturity; security
资金
- National Science Foundation under Institute for Security, Technology, and Society (ISTS) [CNS-0910842]
- Direct For Computer & Info Scie & Enginr
- Division Of Computer and Network Systems [0910842] Funding Source: National Science Foundation
This study identifies how security performance and compliance influence each other and how security resources contribute to two security outcomes: data protection and regulatory compliance. Using simultaneous equation models and data from 243 hospitals, we find that the effects of security resources vary for data breaches and perceived compliance and that security operational maturity plays an important role in the outcomes. In operationally mature organizations, breach occurrences hurt compliance, but, surprisingly, compliance does not affect actual security. In operationally immature organizations, breach occurrences do not affect compliance, whereas compliance significantly improves actual security. The results imply that operationally mature organizations are more likely to be motivated by actual security than compliance, whereas operationally immature organizations are more likely to be motivated by compliance than actual security. Our findings provide policy insights on effective security programs in complex health-care environments.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据