Indirect effect of management support on users’ compliance behaviour towards information security policies
| Autor: | Norshima Humaidi, Vimala Balakrishnan |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Adult
Male Information management Leadership and Management Internet privacy Data security 02 engineering and technology Hospital Administrators Computer security computer.software_genre Health informatics Information protection policy Information security management Surveys and Questionnaires 020204 information systems 0502 economics and business Health care Medical Staff Hospital 0202 electrical engineering electronic engineering information engineering Humans Computer Security Self-efficacy Hospitals Public business.industry Health Policy 05 social sciences Malaysia Information security Middle Aged Organizational Policy Hospital Information Systems Female Guideline Adherence business computer 050203 business & management |
| Zdroj: | Health Information Management Journal. 47:17-27 |
| ISSN: | 1833-3575 1833-3583 |
| Popis: | Background: Health information systems are innovative products designed to improve the delivery of effective healthcare, but they are also vulnerable to breaches of information security, including unauthorised access, use, disclosure, disruption, modification or destruction, and duplication of passwords. Greater openness and multi-connectedness between heterogeneous stakeholders within health networks increase the security risk. Objective: The focus of this research was on the indirect effects of management support (MS) on user compliance behaviour (UCB) towards information security policies (ISPs) among health professionals in selected Malaysian public hospitals. The aim was to identify significant factors and provide a clearer understanding of the nature of compliance behaviour in the health sector environment. Method: Using a survey design and stratified random sampling method, self-administered questionnaires were distributed to 454 healthcare professionals in three hospitals. Drawing on theories of planned behaviour, perceived behavioural control (self-efficacy (SE) and MS components) and the trust factor, an information system security policies compliance model was developed to test three related constructs (MS, SE and perceived trust (PT)) and their relationship to UCB towards ISPs. Results: Results showed a 52.8% variation in UCB through significant factors. Partial least squares structural equation modelling demonstrated that all factors were significant and that MS had an indirect effect on UCB through both PT and SE among respondents to this study. Conclusion: The research model based on the theory of planned behaviour in combination with other human and organisational factors has made a useful contribution towards explaining compliance behaviour in relation to organisational ISPs, with trust being the most significant factor. In adopting a multidimensional approach to management–user interactions via multidisciplinary concepts and theories to evaluate the association between the integrated management–user values and the nature of compliance towards ISPs among selected health professionals, this study has made a unique contribution to the literature. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|