The impact of security practices on regulatory compliance and security performance

International Conference on Information Systems 2011, ICIS 2011

Volumn 3, Issue , 2011, Pages 2204-2212

  Kwon, Juhee ^a   Johnson, M Eric ^a  

^a DARTMOUTH COLLEGE   (United States)

Author keywords

Compliance; Healthcare; HIPPA; HITECH; Security

Indexed keywords

COMPLIANCE; GOVERNMENT REGULATION; HEALTHCARE ORGANIZATIONS; HI-TECH; HIERARCHICAL LINEAR MODELING; HIPPA; SECURITY; SECURITY PERFORMANCE;

HEALTH CARE; INFORMATION SYSTEMS; MANAGEMENT; REGULATORY COMPLIANCE; SECURITY OF DATA; SOCIETIES AND INSTITUTIONS; SURVEYS;

SECURITY SYSTEMS;

EID: 84884659181     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (20)

1. Bulgurcu, B., Cavusoglu, H., and Benbasat, I. "Information Security Policy Compliance: An Empirical Study of Rationality-based Beliefs and Information Security Awareness," MIS Quarterly (34:3), Sep 2010, pp 523-548.
2. D'Arcy, J., Hovav, A., and Galletta, D. "User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach," Information Systems Research (20:1) 2009, pp 79-98.
3. Garfinkel, R., Gopal, R., and Thompson, S. "Releasing individually identifiable microdata with privacy protection against Stochastic threat: An application to health information," Information Systems Research (18:1) 2007, pp 23-41.
4. Herath, T., and Rao, H.R. "Protection motivation and deterrence: a framework for security policy compliance in organisations," European Journal of Information Systems (18:2), Apr 2009, pp 106-125.
5. Hong, K., Chi, Y., Chag, L.R., and Tang, J. "An Integrated System Theory of Information Security Management," Information Management & Computer Security (11:5) 2003, p 243.
6. Ittner, CD., Nagar, V., and Rajan, M.V. 2001."An Empirical Examination of Dynamic Quality-based Learning Models," Management Science (47:4), April, pp. 563-578.
7. ITGI "Board Briefing on IT Governance," http://www.isaca.org/sox/. 2005.
8. Johnston, A.C., and Hale, R "Improved Security through Information Security Governance," Communications oftheACM (52:1) 2009, pp 126-129.
9. Johnston, A.C., and Warkentin, M. "Fear Appeals and Information Security Behaviors: An Empirical Study," MIS Quarterly (34:3), Sep 2010, pp 549-566.
10. Kayworth, T., and Whitten, D. "Effective Information Security Requires a Balance of Social and Technology Factors," MIS Quarterly Executive (9:3), Sep 2010, pp 163-175.
11. Liberti, L. "Survey Results: Reduce the Cost of Compliance While Strengthening Security," in: Security Management Newsletter, 2008.
12. McFadzean, E., Ezingeard, J.N., and Birchall, D. "Perception of risk and the strategic impact of existing IT on information security strategy at board level," Online Information Review (31) 2007, pp 622-660.
13. Puhakainen, P., and Siponen, M. "Improving Employees' Compliance through Information Systems Security Training: An Action Research Study," MIS Quarterly (34:4), Dec 2010, pp 757-778.
14. Siponen, M., and Vance, A. "Neutralization: New Insights into the Problem of Employee Information Systems Security Policy Violations," MIS Quarterly (34:3), Sep 2010, pp 487-502.
15. Spears, J.L., and Barki, H. "User Participation In Information Systems Security Risk Management," MIS Quarterly (34:3), Sep 2010, pp 503-522.
16. Straub, D.W., Goodman, S.E., and Baskerville, R Information security: policy, processes, and practices M.E. Sharpe, 2008.
17. Straub, D.W., and Nance, W.D. "Discovering and Disciplining Computer Abuse in Organizaitons-A Field-Study," MIS Quarterly (14:1), Mar 1990, pp 45-60.
18. Urbaczewski, A., and Jessup, L.M. "Does electronic monitoring of employee Internet usage work?," Communications of theACM (45:1), Jan 2002, pp 80-83.
19. von Solms, S.H. "Information Security Governance-Compliance management vs operational management," Computers & Security (24:6) 2005, pp 443-447.
20. Weber, R. Information System Control and Audit Prentice-Hall, 1999.