Information security policy's impact on reporting security incidents

Computers and Security

Volumn 24, Issue 6, 2005, Pages 448-459

  Wiant, Terry L ^a  

^a MARSHALL UNIVERSITY   (United States)

Author keywords

Computer abuse; Deterrence; Incidents; Medical records; Policy; Security; Seriousness

Indexed keywords

COMPUTER CRIME; DATA PRIVACY; HEALTH CARE; HOSPITALS; PATIENT MONITORING; PUBLIC POLICY;

COMPUTER ABUSE; DETERRENCE; INCIDENTS; MEDICAL RECORDS; SERIOUSNESS;

SECURITY OF DATA;

EID: 24644439555     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2005.03.008     Document Type: Article

References (61)

1. Anon. Six top information systems issues EDP Analyzer 23 1 Jan 1985 1 12
2. K.P. Badenhorst, and J.H.P. Eloff Framework of a methodology for the life cycle of computer security in an organization Computers and Security 8 5 August 1989 433 442
3. L. Ball, and R. Harris SMIS member: a membership analysis MIS Quarterly 6 1 March 1982 19 38
4. Carl Benson, Andrew V. Jablon, and Paul J. Kaplan Computer crimes (twelfth survey of white collar crime) American Criminal Law Review 34 2 Wntr 1997 409 443
5. A. Blumstein Introduction A. Blumstein J. Cohen D. Nagin Deterrence and incapacitation: estimating the effects of criminal sanctions on crime rates 1978 National Academy of Sciences Washington, DC
6. Alfred Blumstein, Jacqueline Cohen, and Daniel Nagin Introduction Deterrence and incapacitation: estimating the effects of criminal sanctions on crime rates 1978 National Academy of Sciences Washington, D.C.
7. J. Brancheau, and J.C. Wetherbe Key issues in information systems: 1986 MIS Quarterly 11 1 March 1987 23 45
8. J.C. Brancheau, B.D. Janz, and J.C. Wetherbe Key issues in information systems management: 1994-95 SIM Delphi results MIS Quarterly 20 2 June 1996 225 242
9. J. Carroll Computer security 1987 Butterworths Boston
10. R. Chandrasekaran Governments find information pays Washington Post March 9, 1998 A1, A12
11. CIO Magazine and PriceWaterhouseCoopers worldwide information security study security without the hype: it's hard work 2003
12. Carol Marie Cropper How to keep prying eyes off your medical records Business Week November 19, 2001 130 132
13. W.F. De Koning A methodology for the design of security plans Computers and Security 14 7 1995 633 643
14. G.W. Dickeson, R.L. Leitheiser, J.C. Wetherbe, and M. Nechis Key information systems issues for the 80's MIS Quarterly 8 3 September 1984 135 159
15. Dunn, Thurman Stanley. Methodology for the optimization of resources in the detection of computer fraud. Doctoral dissertation, University of Arizona; 1982.
16. J.H.P. Eloff, L. Labuschagne, and K.P. Badenhorst A comparative framework for risk analysis methods Computers and Security 12 6 October 1993 597 603
17. Lance J. Ewing Keeping the lid on secrets Risk Management 39 November 1992 18
18. Jack W. Farrell Information security: more than money alone Traffic Management 17 8 Aug. 1978 42 44
19. Thomas Finne The information security chain in a company Computers and Security 15 1996 297
20. R. Fisher Information systems security 1984 Prentice-Hall Englewood Cliffs, NJ
21. K.A. Forcht Computer security management 1994 Boyd & Fraser Danvers, MA
22. R. Freedman The right of privacy in the age of computer data and processing Texas Tech Law Review 13 1982 1361 1363
23. Global information security survey 2002 KPMG LLP UK
24. Global information security survey 2003 Ernst & Young LLP
25. Lawrence A. Gordon, Martin P. Loeb, William Lucyshyn, and Robert Richardson CSI/FBI ninth annual computer crime and security survey 2004 Computer Security Institute
26. Grance Tim, Kent Karen, Kim Brian. Computer security incident handling guide, NIST special publication 800-61. National Institute of Standards and Technology; January 2004.
27. C. Hartlog, and M. Herbert 1985 Opinion survey of MIS managers: key issues MIS Quarterly 10 4 December 1986 351 361
28. Avraham Hayam, and Effy Oz Integrating data security into the systems development life cycle Journal of Systems Management August 1993 16
29. Lisa B. Hill, and Michael Pemberton Information security: an overview and resource guide for information managers Records Management Quarterly January 1995 14
30. Jeffrey A. Hoffer, and Detmar W. Straub The 9 to 5 underground: are you policing computer crimes? Sloan Management Review 30 4 Summer 1989 35
31. Information security breaches survey 2004 PriceWaterhouseCoopers
32. Hans Kletee Some minimum requirements for legal sanctioning systems with special emphasis on detection Alfred Blumstein Jacqueline Cohen Daniel Nagin Deterrence and incapacitation: estimating the effects of criminal sanctions on crime rates 1975 National Academy of Sciences Washington, D.C.
33. Gerald L. Kovacich Information warfare and the information systems security professional Computers and Security 16 1997 19
34. James Martin Security, accuracy, and privacy in computer systems 1973 Prentice-Hall Englewood Cliffs, NJ
35. Sandra J. Milberg, H. Jeff Smith, and Sandra J. Burke Information privacy: corporate management and national regulation Organization Science 11 1 January-February 2000 35 57
36. F. Niederman, J.C. Brancheau, and J.C. Wetherbe Information systems management issues for the 1990's MISS Quarterly 15 4 December 1991 475 495
37. R. O'Harrow Drug plans keep tabs on patients' medication Washington Post September 27, 1998 A1, A26
38. Donn B. Parker Computer security management 1981 Reston VA
39. Donn B. Parker Fighting computer crime 1983 Scribner's New York
40. Donn B. Parker The many faces of data vulnerability IEEE Spectrum 21 5 May 1984 46 49
41. F.S. Pearson, and N.A. Weiner Toward an integration of criminological theories Journal of Crime and Criminology 76 1 Winter 1985 116 150
42. Thomas R. Peltier Information security policies, procedures, and standards: guidelines for effective information security management 2001 Auerbach Publications p. 10
43. William E. Perry Quality assurance for information systems, methods, tools, and techniques 1991 USA, p. 492
44. Ralph Spencer Poore Holistic approach needed for healthy security program Computing Canada 6 25 Dec 9, 1980 7
45. Thomas Rindfleisch Privacy, information technology, and health care Communications of the ACM 40 8 1997 92 100
46. James A. Schweitzer Computing security risk analysis: is it worth it? Security Management 25 8 Aug 1981 104 106
47. H. Jeff Smith Privacy policies and practices: inside the organizational maze Communications of the ACM 36 12 1993 105 122
48. H. Jeff Smith Managing privacy: information technology and corporate america 1994 University of North Carolina Press Chapel Hill
49. H. Jeff Smith, Sandra J. Milberg, and Sandra J. Burke Information privacy: measuring individuals' concerns about organizational practices MIS Quarterly 20 2 1996 167 196
50. Paul English Smith Overview of HIPAA: implementation of the HIPAA laws and regulations, patient rights under HIPAA HIPAA, medical record compliance and the e-revolution 2001 Medical Educational Services, Inc. 2001 Edition, Copyright 2001
51. Rossouw von Solms, and L.R. Meyer Information security accreditation - the ISO 9000 route. Information security the next decade J. Eloff S. von Solms Proceedings of the IFIP TC11 eleventh international conference on information security, South Africa May 9-12, 1995 40 49
52. R. von Solms, H. van de Haar, S.H. von Solms, and W.J. Caelli A framework for information security evaluation Information and Management 26 3 March 1994 143 153
53. Detmar W. Straub Jr., and Rosann Webb Collins Key information liability issues facing managers: software piracy, proprietary databases, and individual rights to privacy MIS Quarterly 14 2 Jun 01 1990 143
54. Detmar W. Straub Jr., and William D. Nance Discovering and disciplining computer abuse in organizations: a field study MIS Quarterly 14 1 Mar 01, 1990 45
55. Detmar W. Straub, and Richard J. Welke Coping with systems risk: security planning models for management decision-making MIS Quarterly 22 4 Dec 01, 1998 441
56. D.W. Straub Deterring computer abuse: the effectiveness of deterrent countermeasures in the computer security environment, unpublished dissertation 1986 Indiana University School of Business Bloomington, IN
57. Detmar W. Straub Jr. Validating instruments in MIS research MIS Quarterly 13 2 June 1989 147
58. Detmar W. Straub Jr. Effective is security: an empirical study Information Systems Research 1 3 Sep 01, 1990 255
59. D.W. Straub, P.J. Carlson, and E.H. Jones Deterring highly motivated computer abusers: a field experiment in computer security G.G. Gable W.J. Caelli IT security: the need for international cooperation 1992 North-Holland Amsterdam 309 324
60. D.W. Straub, P.J. Carlson, and E.H. Jones Deterring cheating by student programmers: a field experiment in computer security Journal of Management Systems 5 1 1993 33 48
61. J. Van Duyn Personnel security policy critical to dispel risk Computerworld 17 48 Nov 28, 1983 9 10 Special report