Skip to main content
SpringerLink
Log in

The Impact of the Security Competency on “Self-efficacy in Information Security” for Effective Health Information Security in Iran

  • Conference paper
  • First Online:
New Advances in Information Systems and Technologies

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 445))

  • 1681 Accesses

Abstract

The security effectiveness based on users’ behaviors is becoming a top priority of Health Information System (HIS). In the first step of this study, through the review of previous studies ‘Self-efficacy in Information Security’ (SEIS) and ‘Security Competency’ (SCMP) were identified as the important factors to transforming HIS users to the first line of defense in the security. Subsequently, a conceptual model was proposed taking into mentioned factors for HIS security effectiveness. Then, this quantitative study used the structural equation modeling to examine the proposed model based on survey data collected from a sample of 263 HIS users from eight hospitals in Iran. The result shows that SEIS is one of the important factors to cultivate of good end users’ behaviors toward HIS security effectiveness. However SCMP appears a feasible alternative to providing SEIS. This study also confirms the mediation effects of SEIS on the relationship between SCMP and HIS security effectiveness. The results of this research paper can be used by HIS and IT managers to implement their information security process more effectively.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Health Information Systems, 27 07 2009. [Online]. Available: http://go.worldbank.org/ XFTO56S8S0.

  2. Chu, A.M. and P.Y. Chau, Development and Validation of Instruments of Information Security Deviant Behavior. Decision Support Systems, 2014. 66: p. 93-101.

    Google Scholar 

  3. Hagen, J.M., The Contributions of Information Security Culture and Human Relations to the Improvement of Situational Awareness, in Situational Awareness in Computer Network Defense: Principles, Methods and Applications. 2012, Cyril Onwubiko: UK.

    Google Scholar 

  4. Appari, A. and M.E. Johnson, Information Security and Privacy in Healthcare: Current State of Research. International Journal of Internet and Enterprise Management, 2010. 6(4): p. 279-314.

    Google Scholar 

  5. Asai, T. and S. Fernando, Human-Related Problems in Information Security in Thai Cross-Cultural Environments. Contemporary Management Research, 2011. 7(2): p. 117-142.

    Google Scholar 

  6. Ma, Q., A.C. Johnston, and J.M. Pearson, Information Security Management Objectives and Practices: A Parsimonious Framework. Information Management & Computer Security, 2008. 16(3): p. 251-270.

    Google Scholar 

  7. Sedlack, D.J. and G.P.S. Tejay. Improving Information Security Through Technological Frames of Reference. in Southern Association for Information Systems Conference. 2011. Atlanta, GA, USA.

    Google Scholar 

  8. Rhee, H.S., C. Kim, and Y.U. Ryu, Self-Efficacy in Information Security: Its Influence on End Users’ Information Security Practice Behavior. Computers & Security, 2009. 28(8): p. 816-826.

    Google Scholar 

  9. Al-Omari, A., O. El-Gayar, and A. Deokar. Security Policy Compliance: User Acceptance Perspective. in 45th Hawaii International Conference on System Sciences (HICSS). 2012. USA: IEEE.

    Google Scholar 

  10. Doherty, N.F., L. Anastasakis, and H. Fulford, Reinforcing the Security of Corporate Information Resources: A Critical Review of the Role of the Acceptable Use Policy. International Journal of Information Management, 2011. 31(3): p. 201-209.

    Google Scholar 

  11. D’Arcy, J. and A. Hovav, Does One Size Fit All? Examining the Differential Effects of IS Security Countermeasures. Journal of Business Ethics, 2009. 89: p. 59-71.

    Google Scholar 

  12. Knapp, K.J., et al., Information Security Policy: An Organizational-Level Process Model. Computers & Security, 2009. 28(7): p. 493-508.

    Google Scholar 

  13. Rindfleisch, T.C., Privacy, Information Technology, and Health Care. Communications of the ACM, 1997. 40(8): p. 92-100.

    Google Scholar 

  14. Dimitropoulos, L. and S. Rizk, A State-Based Approach to Privacy and Security for Interoperable Health Information Exchange. Health Affairs, 2009. 28(2): p. 428-434.

    Google Scholar 

  15. Benhocine, A., L. Laouamer, and H. Hadji, Toward an Efficient Security: A New Methodology for Information Security. Journal of Economics and Administration, 2011. 1(1).

    Google Scholar 

  16. Yoon, C. and H. Kim, Understanding Computer Security Behavioral Intention in the Workplace: An Empirical Study of Korean Firms. Information Technology & People, 2013. 26(4): p. 401-419.

    Google Scholar 

  17. Aydın, Ö.M. and O. Chouseinoglou, Fuzzy Assessment of Health Information System Users’ Security Awareness. Journal of Medical Systems, 2013. 37(6): p. 1-13.

    Google Scholar 

  18. Straub, D.W., Effective IS Security. Information Systems Research, 1990. 1(3): p. 255-276.

    Google Scholar 

  19. Stanton, J.M., et al., Analysis of End User Security Behaviors. Computers & Security, 2005. 24(2): p. 124-133.

    Google Scholar 

  20. Sandoval, R., Information Technology Change and the Effects on User Behavior and Cyber Security. 2015.

    Google Scholar 

  21. Farzandipour, M., et al., Security Requirements and Solutions in Electronic Health Records: Lessons Learned from a Comparative Study. Journal of Medical Systems, 2010. 34(4): p. 629-642.

    Google Scholar 

  22. Bandura, A., Social Foundations of Thought and Action: A Social Cognitive Theory. 1986, Englewood Cliffs NJ: Prentice Hall.

    Google Scholar 

  23. Bandura, A., Perceived Self-Efficacy in the Exercise of Control Over AIDS Infection. Evaluation and Program Planning, 1990. 13(1): p. 9-17.

    Google Scholar 

  24. Davis, F.D., R.P. Bagozzi, and P.R. Warshaw, User Acceptance of Computer Technology: A Comparison of Two Theoretical Models. Management Science, 1989. 35(8): p. 982-1003.

    Google Scholar 

  25. Madhavan, P. and R.R. Phillips, Effects of Computer Self-efficacy and System Reliability on User Interaction with Decision Support Systems. Computers in Human Behavior, 2010. 26(2): p. 199-204.

    Google Scholar 

  26. Thatcher, J.B., et al., Individual and Human-Assisted Computer Self Efficacy: An Empirical Examination. Wirtschaftinformatik Proceedings 2007, 2007. Paper 68: p. 199-216.

    Google Scholar 

  27. Lending, D. and T.W. Dillon, The Effects of Confidentiality on Nursing Self-Efficacy with Information Systems. International Journal of Healthcare Information Systems and Informatics, 2007. 2(3): p. 49-64.

    Google Scholar 

  28. He, W., X. Yuan, and X. Tian. The Self-Efficacy Variable in Behavioral Information Security Research. in Enterprise Systems Conference (ES), 2014. 2014: IEEE.

    Google Scholar 

  29. Enrici, I., M. Ancilli, and A. Lioy. A Psychological Approach to Information Technology Security. in 3rd Conference on System Interactions Human. 2010. Torino, Italy: IEEE.

    Google Scholar 

  30. Rodriguez, D., et al., Developing Competency Models to Promote Integrated Human Resource Practices. Human Resource Management, 2002. 41(3): p. 309-324.

    Google Scholar 

  31. Mussa, C.C., A Prudent Access Control Behavioral Intention Model for the Healthcare Domain, in Computer and Information Sciences. 2012, Nova Southeastern University.

    Google Scholar 

  32. Yeratziotis, A., D. Van Greunen, and D. Pottas. Recommendations for Usable Security in Online Health Social Networks. in 6th International Conference on Pervasive Computing and Applications (ICPCA). 2011. Port Elizabeth: IEEE.

    Google Scholar 

  33. Taneja, A., Determinants of Adverse Usage of Information Systems Assets: A Study of Antecedents of IS Exploit in Organizations, in Faculty of the Graduate School. 2007, THE UNIVERSITY OF TEXAS AT ARLINGTON.

    Google Scholar 

  34. Brady, J., An Investigation of Factors that Affect HIPAA Security Compliance in Academic Medical Centers. 2010, Nova Southeastern University: Florida, USA. p. 219.

    Google Scholar 

  35. Workman, M., W.H. Bommer, and D. Straub, Security Lapses and the Omission of Information Security Measures: A Threat Control Model and Empirical Test. Computers in Human Behavior, 2008. 24(6): p. 2799-2816.

    Google Scholar 

  36. Chan, M., I. Woon, and A. Kankanhalli, Perceptions of Information Security in the Workplace: Linking Information Security Climate to Compliant Behavior. Journal of Information Privacy and Security, 2005. 1(3): p. 18-41.

    Google Scholar 

  37. Hair, J., et al., Multivariate Data Analysis.(7th). 2010, New Jersey: Prentice Hall.

    Google Scholar 

  38. Ng, B.Y., A. Kankanhalli, and Y.C. Xu, Studying Users’ Computer Security Behavior: A Health Belief Perspective. Decision Support Systems, 2009. 46(4): p. 815-825.

    Google Scholar 

  39. Brady, J.W. Securing Health Care: Assessing Factors That Affect HIPAA Security Compliance in Academic Medical Centers. in 44th Hawaii International Conference on System Sciences. 2011. Kauai, HI: IEEE.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Electrical and Computer Engineering, University of Sistan and Baluchestan, Zahedan, Iran

    Ahmad Bakhtiyari Shahri & Shahram Mohanna

Authors
  1. Ahmad Bakhtiyari Shahri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shahram Mohanna
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ahmad Bakhtiyari Shahri .

Editor information

Editors and Affiliations

  1. DEI/FCT, Universidade de Coimbra, Coimbra, Portugal

    Álvaro Rocha

  2. ISEGI,, Universidade Nova de Lisboa, Lisboa, Portugal

    Ana Maria Correia

  3. College of Engineering, The Ohio State University, Columbus, Ohio, USA

    Hojjat Adeli

  4. DSI, Universidade do Minho, Guimarães, Portugal

    Luis Paulo Reis

  5. Rua Dom Manoel de Medeiros, s/n, DoisIrm, Universidade Federal Rural de Pernambuco, Recife, Brazil

    Marcelo Mendonça Teixeira

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Shahri, A.B., Mohanna, S. (2016). The Impact of the Security Competency on “Self-efficacy in Information Security” for Effective Health Information Security in Iran. In: Rocha, Á., Correia, A., Adeli, H., Reis, L., Mendonça Teixeira, M. (eds) New Advances in Information Systems and Technologies. Advances in Intelligent Systems and Computing, vol 445. Springer, Cham. https://doi.org/10.1007/978-3-319-31307-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-31307-8_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-31306-1

  • Online ISBN: 978-3-319-31307-8

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation