Information security climate and the assessment of information security risk among healthcare employees

Stacey Kessler, Shani Pindek, Gary Kleinman, Stephanie A. Andel, Paul E. Spector

Research output: Contribution to journalArticle

Abstract

Since 2009, over 176 million patients in the United States have been adversely impacted by data breaches affecting Health Insurance Portability and Accountability Act–covered institutions. While the popular press often attributes data breaches to external hackers, most breaches are the result of employee carelessness and/or failure to comply with information security policies and procedures. To change employee behavior, we borrow from the organizational climate literature and introduce the Information Security Climate Index, developed and validated using two pilot samples. In this study, four categories of healthcare professionals (certified nursing assistants, dentists, pharmacists, and physician assistants) were surveyed. Likert-type items were used to assess the Information Security Climate Index, information security motivation, and information security behaviors. Study results indicated that the Information Security Climate Index was related to better employee information security motivation and information security behaviors. In addition, there were observed differences between occupational groups with pharmacists reporting a more favorable climate and behaviors than physician assistants.

Original languageEnglish
JournalHealth Informatics Journal
DOIs
StatePublished - 1 Jan 2019

Fingerprint

Climate
Delivery of Health Care
Physician Assistants
Pharmacists
Motivation
Occupational Groups
Social Responsibility
Health Insurance
Dentists
Nursing

Keywords

  • cybersecurity
  • electronic health records
  • information protection
  • information security
  • organizational climate

Cite this

@article{1ca699d23f3645b3bd1c492b51d711d3,
title = "Information security climate and the assessment of information security risk among healthcare employees",
abstract = "Since 2009, over 176 million patients in the United States have been adversely impacted by data breaches affecting Health Insurance Portability and Accountability Act–covered institutions. While the popular press often attributes data breaches to external hackers, most breaches are the result of employee carelessness and/or failure to comply with information security policies and procedures. To change employee behavior, we borrow from the organizational climate literature and introduce the Information Security Climate Index, developed and validated using two pilot samples. In this study, four categories of healthcare professionals (certified nursing assistants, dentists, pharmacists, and physician assistants) were surveyed. Likert-type items were used to assess the Information Security Climate Index, information security motivation, and information security behaviors. Study results indicated that the Information Security Climate Index was related to better employee information security motivation and information security behaviors. In addition, there were observed differences between occupational groups with pharmacists reporting a more favorable climate and behaviors than physician assistants.",
keywords = "cybersecurity, electronic health records, information protection, information security, organizational climate",
author = "Stacey Kessler and Shani Pindek and Gary Kleinman and Andel, {Stephanie A.} and Spector, {Paul E.}",
year = "2019",
month = "1",
day = "1",
doi = "10.1177/1460458219832048",
language = "English",
journal = "Health Informatics Journal",
issn = "1460-4582",
publisher = "SAGE Publications Ltd",

}

Information security climate and the assessment of information security risk among healthcare employees. / Kessler, Stacey; Pindek, Shani; Kleinman, Gary; Andel, Stephanie A.; Spector, Paul E.

In: Health Informatics Journal, 01.01.2019.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Information security climate and the assessment of information security risk among healthcare employees

AU - Kessler, Stacey

AU - Pindek, Shani

AU - Kleinman, Gary

AU - Andel, Stephanie A.

AU - Spector, Paul E.

PY - 2019/1/1

Y1 - 2019/1/1

N2 - Since 2009, over 176 million patients in the United States have been adversely impacted by data breaches affecting Health Insurance Portability and Accountability Act–covered institutions. While the popular press often attributes data breaches to external hackers, most breaches are the result of employee carelessness and/or failure to comply with information security policies and procedures. To change employee behavior, we borrow from the organizational climate literature and introduce the Information Security Climate Index, developed and validated using two pilot samples. In this study, four categories of healthcare professionals (certified nursing assistants, dentists, pharmacists, and physician assistants) were surveyed. Likert-type items were used to assess the Information Security Climate Index, information security motivation, and information security behaviors. Study results indicated that the Information Security Climate Index was related to better employee information security motivation and information security behaviors. In addition, there were observed differences between occupational groups with pharmacists reporting a more favorable climate and behaviors than physician assistants.

AB - Since 2009, over 176 million patients in the United States have been adversely impacted by data breaches affecting Health Insurance Portability and Accountability Act–covered institutions. While the popular press often attributes data breaches to external hackers, most breaches are the result of employee carelessness and/or failure to comply with information security policies and procedures. To change employee behavior, we borrow from the organizational climate literature and introduce the Information Security Climate Index, developed and validated using two pilot samples. In this study, four categories of healthcare professionals (certified nursing assistants, dentists, pharmacists, and physician assistants) were surveyed. Likert-type items were used to assess the Information Security Climate Index, information security motivation, and information security behaviors. Study results indicated that the Information Security Climate Index was related to better employee information security motivation and information security behaviors. In addition, there were observed differences between occupational groups with pharmacists reporting a more favorable climate and behaviors than physician assistants.

KW - cybersecurity

KW - electronic health records

KW - information protection

KW - information security

KW - organizational climate

UR - http://www.scopus.com/inward/record.url?scp=85063038849&partnerID=8YFLogxK

U2 - 10.1177/1460458219832048

DO - 10.1177/1460458219832048

M3 - Article

AN - SCOPUS:85063038849

JO - Health Informatics Journal

JF - Health Informatics Journal

SN - 1460-4582

ER -