Three Research Essays on Propensity to Disclose Medical Information Through Formal and Social Information Technologies

Abstract This dissertation, which is comprised of three essays, examined disclosure propensity of healthcare providers from the US and Thailand and disclosure of personal health problems of healthcare consumers in social media context. Essay 1: A Deterrence Approach in Medical Data Misuse among Healthcare Providers Information and communication technology (ICT) have long been available for use in health care. With the potential to improve the quality, safety, and efficiency of health care, the diffusion of these technologies has steadily increased in the health care industry. With the adoption of electronic health records, personal electronics devices, internet connections and social network connections, comes the increased risk of medical data breaches. Due to the sensitivity of the information involved, and the existence of laws governing the use of this data, the responsibilities of a healthcare provider after a data breach remain a concern. Based on previous breach reports, institutional insiders were among the leading causes of medical data breaches. The causes were related to unawareness of institutional information security policies and system misuse. Thus it has become important to understand how to reduce such behaviors. Previous studies suggested deterrence theory that relies on security countermeasures can deter individuals\u27 misuse behaviors by increasing the perceived threat of punishment. Thus our model posits that security countermeasures decrease medical data misuse through the two mediators; perceived certainty of sanctions and perceived severity of sanctions. This model was tested by 176 healthcare providers from different institutions across the US. The results suggested that perceived severity of sanctions has more effect in reducing medical data misuse than perceived certainty of sanctions. Hospital information security policies and HIPAA has stronger effect on perceived severity of sanctions than perceived certainty of sanctions whereas EHR monitoring and auditing has stronger effect on perceived certainty of sanctions than perceived severity of sanctions. Results of the study and implications for the research are discussed. Essay 2: Propensity to Misuse Medical Data in an International Context - Deterrence and Cultural Values As information abuse by healthcare providers is a problem that is faced around the globe, our study examined the effect of deterrence within two cultures; Asian and American (Thailand and the US). The reason to compare these two countries is because the foundation of the structures of the laws and the hospital policies for medical data protection of these two countries are similar. Thus others confounding factors are minimized. In terms of cultural influences, Hofstede\u27s cultural dimensions that describe the effects of society\u27s culture on the values to its members are considered as factors that can have an interaction effect with deterrence. Four Hofstede\u27s cultural values were used; individualism-collectivism (IDV); uncertainty avoidance (UAI); power distance (PD); and long-term orientation (LTO). Also, social norms and morality were included. This study employed espoused values of Hofstede\u27s cultural values, since all individuals from a country will not have identical values. In this study, we examined 1) the effect of espoused cultural values on deterrence, and 2) the effect of Hofstede\u27s national cultural values on deterrence in two different healthcare cultures. Our model was tested by 613 healthcare providers; 437 from Thailand and 176 from the US. The results suggested that technical countermeasures had stronger effect on certainty and severity perception for both Thai and US cases, whereas procedural countermeasures had uncertain effect on sanctions perception for both cultures. The young generation of Thais was found more individualized and tended to have the same perception on sanctions as the Westerners. Social norms played an important role in reducing medical data misuse for Thai providers, whereas moral beliefs were more important for the US providers. Individuals who espoused different cultural values had different responses on medical data misuse. Results of the study and implications for the research are discussed. Essay 3: Intention to self-disclose personal health information in social media context In recent years social media is quickly becoming a large part of people\u27s everyday lives. With the availability of smartphones and tablets, coupled with a slew of apps for these devices, people now have ubiquitous access to social media. Virtual social media application encourages people to meet, and share information. Health problems represent one aspect that is shared in a social media context. Benefits and risks of self-disclosure are two main factors that determine social media users\u27 intention to share their sensitive information on social network. This paper integrates social exchange theory, a theory that focuses on gains and losses of building a relationship, and the social penetration theory, a theory that explains human\u27s self-disclosure, to construct the model for investigating self-disclosure intention on personal health problems of social medial users. In addition, we included factors that affect self-disclosure intention including ease of use of social media, social influence, and nature of health problems. Through an online survey, we examined factors that determine self-posting in social media account with 374 social media users across the US. The results suggested that individual and social benefits of self- disclosure outweighed the risks and have significant effect on self-disclosure intention on personal health problems. The individual risks and social risks had little negative effect on self-posting about health problems. In addition, social influence, and social networking experiences were factors that encouraged social media users to reveal their personal health problems

Ethics and social responsibility - do HR professionals have the ‘courage to challenge’ or are they set to be permanent ‘bystanders'?

This paper considers the role of HR in ethics and social responsibility and questions why, despite an acceptance of a role in ethical stewardship, the HR profession appears to be reluctant to embrace its responsibilities in this area. The study explores how HR professionals see their role in relation to ethical stewardship of the organisation, and the factors that inhibit its execution. A survey of 113 UK-based HR professionals, working in both domestic and multinational corporations, was conducted to explore their perceptions of the role of HR in maintaining ethical and socially responsible action in their organisations, and to identify features of the organisational environment which might help or hinder this role being effectively carried out. The findings indicate that although there is a clear understanding of the expectations of ethical stewardship, HR professionals often face difficulties in fulfilling this role because of competing tensions and perceptions of their role within their organisations. A way forward is proposed, which draws on the positive individual factors highlighted in this research to explore how approaches to organisational development (through positive deviance) may reduce these tensions to enable the better fulfilment of ethical responsibilities within organisations. The involvement and active modelling of ethical behaviour by senior management, coupled with an open approach to surfacing organisational values and building HR procedures, which support socially responsible action, are crucial to achieving socially responsible organisations. Finally, this paper challenges the HR profession, through professional and academic institutions internationally, to embrace their role in achieving this

Information Security Subcultures in Information Security Management: A Conceptual Framework

The rationale behind an organization’s information system is to provide access to its information resources and services anywhere anytime over networks. This need creates issues of security in the management of the information systems. The information system approach is socio-technical by nature, involving people and processes as well as technologies; hence, the culture and characteristics of the organization are factors in effective information security management. This implies that the concept of information management is multi-dimensional and includes the human, organizational and technological dimensions. Stemming from this information security culture is considered as an important factor in the management of information security in an organization by overcoming the problem with employees’ lack of compliance with information security management initiatives. However the security culture of an organization is based on the different security subcultures of different sections or subsections that have its basis on the training backgrounds of the individuals and or different tasks performed by each of the groups or a combination of both. This paper addresses information security from the management point of view paying close attention to the information security subculture as seen in the organizations and looks into different methods that the security subcultures can be studied in relation to information security management. Keywords: Information security management system, organizational culture, information security culture, information security subculture

Organisational culture in internationally federated non-profit organisations : the importance of industry and governance

In the era of globalisation, organisations around the world have increasingly become stages of global diversity where multi-cultural workforces interact in teams on a daily basis. International organisations, in particular, are a characteristic display of cross-cultural interaction. The study of organisational culture in a multi-cultural organisational environment is receiving growing attention due to a pressing need to understand and manage the consequences of cross-cultural interaction and achieve better organisational outcomes. However, so far, studies in the area have focused on multinational for-profit organisations and neglected other industry and governance, missing opportunities for broader and richer understanding in the field. The present study covered a case of an internationally federated complex non-profit organisation and captured new insights, thereby contributing to theory and enriching the empirical evidence in the field of study. The results shed light on the importance of industry and governance, and provoked critical questions for further research. The unique features of non-profit and federated governance culture depicted the opportunities for cross-learning with other industries. The study highlighted the distinct formation of conventional cultural dimensions contributing to cultural cohesion and cushioning the federation against excessive fragmentation. The dimensions of institutional collectivism, in-group collectivism, power distance and uncertainty avoidance depicted interesting behaviours in the study context. These dimensions dominated behaviour and have rendered other dimensions subservient. Cultural behaviours, such as cultural-anchoring and power grouping, transpired as unique findings to the industry and governance, where consensus and fragmentation have played integrative and accommodative roles. Dominant dimensions determined direction and intensity in subservient dimensions irrespective of values espoused by leadership in the subservient dimensions. The line between organisational politics and the ingroup collectivism dimension was blurred, calling for further research in the field of organisational behaviour. Further research in the field could focus on shaping organisational cultural dimensions fit for diverse industry and governance contexts, identifying areas of cross-fertilisation of learning, investigating the significance of dominant versus subservient dimensions in the process of organisational cultural change, and broadening the knowledge base in the field by studying diverse organisational typologies.Graduate School of Business Leadership (SBL)D. B. L

A Typology for Organizational ICT Practice

This paper sets out a typology for organizational ICT practice in order to derive a more holistic perspective of sociomateriality and its constituent elements (i.e. humans, objects, and practice). Seminal literature by Parsons and Bourdieu is combined with sociomateriality literature in order to offer insights into the factors that need to be investigated when conducting research into organizational ICT practice. The outlined typology is evaluated through an empirical case study of a connected health ICT project to show how the dimensions of the typology come together and contribute to a better understanding

MANAGING THE CHANGE OF ORGANIZATIONAL CULTURE IN CROSS-BORDER MERGERS AND ACQUISITIONS. The role of post-acquisition integration in organizational culture change

siirretty Doriast