Understanding Nuances of Privacy and Security in the Context of Information Systems

The concepts of privacy and security are interrelated but the underlying meanings behind them may vary across different contexts. As information technology is becoming integrated in our lives, emerging information privacy and security issues have been catching both scholars’ and practitioners’ attention with the aim to address these issues. Examples of such issues include users’ role in information security breaches, online information disclosure and its impact on information privacy, and the collection and use of electronic data for surveillance. These issues are associated with and can be explained by various disciplines, such as psychology, law, business, economics, and information systems. This diversity of disciplines leads to an inclusive approach that subsumes interrelated constructs, such as security, anonymity, and surveillance, as a part of privacy in the current literature. However, privacy and security are distinct concepts. In this paper, we argue that to better understand the role of human factors in the context of information privacy and security, these two concepts need to be examined independently. We examine the two concepts and systematically present various nuances of information privacy and security

A Phenomenological Investigation of Information and Communications Technology at a Public Sector Enterprise in India

This paper applies the method of “phenomenology” to a comprehensive study of information and communications technology (ICT) deployment at one of the largest government sector banks in India. The efficacy of the phenomenological approach for academic investigation of global ICT issues is argued in this paper. The study finds that the emerging architecture of ICT strategy in this corporation contains five dimensions. In declining order of their importance, these dimensions are (1) organizational ICT culture, (2) organizational politics, (3) organizational sociology (4) economics of ICT, and (5) ICT infrastructure. The significance of these findings is discussed in the paper and an extended note on the methodology of phenomenology is included. The ranking of ICT strategy dimensions and demystification of phenomenology are the contributions of this research to the Information Systems discipline

The Role of Espoused National Cultural Values in Cross-National Cultural IS Studies

Hofstede’s work on national culture has been extensively used in cross-national studies in the information systems discipline. In particular, many cross-national cultural researchers have used Hofstede’s cultural index. This study argues that espoused national cultural values should be measured when the unit of analysis of the cross-national cultural study is the individual. This study reviews cross-national studies published in eight IS journals and examines both cross-national studies and cross-national cultural studies. After that, this work provides rationales of why espoused national cultural values should be measured. Finally, we conclude that espoused national culture is more appropriate for individual behavior research

Factors driving employee participation in corporate BYOD programs: A cross-national comparison from the perspective of future employees

As individuals all around the world increasingly use mobile devices in their daily life, their desire to use the same devices in the workplace continuously grows. In response, organizations are more and more allowing their employees to use their own devices for both business and private purposes and offer so called ‘Bring-your-own-Device’ (BYOD) programs. For organizations with global operations there is a need to examine the drivers of BYOD demand across different national cultures to assess how to develop a successful BYOD program. Based on recent literature on BYOD, we examine how different factors contribute to employees’ behavioural intention to participate in a BYOD program across different national cultures. The model was examined by surveying students from China, Germany and U.S. in their final term. The results show significant cross-cultural differences, particularly regarding the 'Perceived Threats'. Overall this study offers novel insights for cross cultural BYOD implementations

From General Technology Familiarity to Anti-Spyware Program Adoption: Comparison between the U.S. and South Korea

A thesis presented to the faculty of the College of Business at Morehead State University in partial fulfillment of the requirements for the Degree of Master of Science by Dong-Heon Kwak on April 7, 2009

Understanding the effects of user participation in information security risk management : a comparative study of South Africa and Malawi

Includes bibliographical references.The purpose of this study was to understand how user participation in Information Security Risk Management (ISRM) practices contributes to the efficient management of information security. The study also aimed at understanding how different cultures influence user participation in ISRM. To achieve these objectives, the study employed a mixed methods research approach to comparatively collect, analyse, and interpret data from South Africa and Malawi

An Investigation of Factors that Affect HIPAA Security Compliance in Academic Medical Centers

HIPAA security compliance in academic medical centers is a central concern of researchers, academicians, and practitioners. Increased numbers of data security breaches and information technology implementations have caused concern over the confidentiality, integrity, and availability of electronic personal health information. The federal government has implemented stringent HIPAA security compliance reviews and significantly extended the scope and enforcement of the HIPAA Security Rule. However, academic medical centers have shown limited compliance with the HIPAA Security Rule. Therefore, the goal of this study was to investigate the factors that may affect HIPAA security compliance in academic medical centers. Based on a review of the literature of technology acceptance and security effectiveness, this study proposed a theoretical model that uses management support, security awareness, security culture, and computer self-efficacy to predict security behavior and security effectiveness and thus HIPAA security compliance in academic medical centers. To empirically assess the effect of the above-noted variables on HIPAA security compliance in academic medical centers, a Web-based survey was developed. The survey instrument was designed as a multi-line measure that used Likert-type scales. Previous validated scales were adapted and used in the survey. The sample for this investigation was health care information technology professionals who are members of the Group on Information Resources within the Association of American Medical Colleges. Two statistical methods were used to derive and validate predictive models: multiple linear regression and correlation analysis. The results of the investigation demonstrated that security awareness, management support, and security culture were significant predictors of both security effectiveness and security behavior. Security awareness was the most significant predictor of security effectiveness and security behavior. Due to the presence of collinearity, Pearson correlation analysis was used to develop a composite factor, consisting of management support and security culture, for the final multiple linear regression model. By enhancing the understanding of HIPAA security compliance in academic medical centers, the outcomes of this study will contribute to the body of knowledge of security compliance. The empirical results of this research also will provide guidance for individuals and organizations involved with HIPAA security compliance initiatives in health care

Structural model of effects of cultural factors on escalation of commitment through antecedents, agency, and negative framing effects

The purpose of this study was to identify and measure the effects of Hofstede‟s cultural factors on escalation of commitment for hospitality managers among American and Chinese managers. Typical cultural factors include power distance, uncertainty avoidance, individualism and collectivism, masculinity and femininity, and orientation. Escalation of commitment refers to making decisions in risky circumstances. First, the effect of cultural factors on escalation of commitment was measured through antecedents (mediator variables). Second, the first effect of antecedents on escalation of commitment was measured through agency and negative framing effects. Structural equation modeling (SEM) found significant relationships between cultural factors and mediator variables, mediator variables and escalation of commitment and cultural factors and escalation of commitment. The comparisons between American and Chinese managers showed that some of the cultural factors and antecedents (mediator variables) were found to have different significant impacts on escalation of commitment. Implication and discussion were discussed in terms of employee training, job assigning, and close monitoring based on employee tendency for escalation of commitment. Limitations and recommendations for future research were also discussed in terms of unsatisfactory level of measurement reliability and variance explained by the research model