Indirect effect of management support on users’ compliance behaviour towards information security policies
BACKGROUND: Health information systems are innovative products designed to improve the delivery of effective healthcare, but they are also vulnerable to breaches of information security, including unauthorised access, use, disclosure, disruption, modification or destruction, and duplication of passw...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Published: |
Health Information Management Association of Australia
2018
|
| Subjects: | |
| Online Access: | http://eprints.um.edu.my/21855/ https://doi.org/10.1177/1833358317700255 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.um.eprints.21855 |
|---|---|
| record_format |
eprints |
| spelling |
my.um.eprints.218552019-08-07T04:30:19Z http://eprints.um.edu.my/21855/ Indirect effect of management support on users’ compliance behaviour towards information security policies Humaidi, Norshima Balakrishnan, Vimala QA75 Electronic computers. Computer science BACKGROUND: Health information systems are innovative products designed to improve the delivery of effective healthcare, but they are also vulnerable to breaches of information security, including unauthorised access, use, disclosure, disruption, modification or destruction, and duplication of passwords. Greater openness and multi-connectedness between heterogeneous stakeholders within health networks increase the security risk. OBJECTIVE: The focus of this research was on the indirect effects of management support (MS) on user compliance behaviour (UCB) towards information security policies (ISPs) among health professionals in selected Malaysian public hospitals. The aim was to identify significant factors and provide a clearer understanding of the nature of compliance behaviour in the health sector environment. METHOD: Using a survey design and stratified random sampling method, self-administered questionnaires were distributed to 454 healthcare professionals in three hospitals. Drawing on theories of planned behaviour, perceived behavioural control (self-efficacy (SE) and MS components) and the trust factor, an information system security policies compliance model was developed to test three related constructs (MS, SE and perceived trust (PT)) and their relationship to UCB towards ISPs. RESULTS: Results showed a 52.8% variation in UCB through significant factors. Partial least squares structural equation modelling demonstrated that all factors were significant and that MS had an indirect effect on UCB through both PT and SE among respondents to this study. CONCLUSION: The research model based on the theory of planned behaviour in combination with other human and organisational factors has made a useful contribution towards explaining compliance behaviour in relation to organisational ISPs, with trust being the most significant factor. In adopting a multidimensional approach to management-user interactions via multidisciplinary concepts and theories to evaluate the association between the integrated management-user values and the nature of compliance towards ISPs among selected health professionals, this study has made a unique contribution to the literature. Health Information Management Association of Australia 2018 Article PeerReviewed Humaidi, Norshima and Balakrishnan, Vimala (2018) Indirect effect of management support on users’ compliance behaviour towards information security policies. Health Information Management Journal, 47 (1). pp. 17-27. ISSN 1833-3583 https://doi.org/10.1177/1833358317700255 doi:10.1177/1833358317700255 |
| institution |
Universiti Malaya |
| building |
UM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Malaya |
| content_source |
UM Research Repository |
| url_provider |
http://eprints.um.edu.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Humaidi, Norshima Balakrishnan, Vimala Indirect effect of management support on users’ compliance behaviour towards information security policies |
| description |
BACKGROUND: Health information systems are innovative products designed to improve the delivery of effective healthcare, but they are also vulnerable to breaches of information security, including unauthorised access, use, disclosure, disruption, modification or destruction, and duplication of passwords. Greater openness and multi-connectedness between heterogeneous stakeholders within health networks increase the security risk. OBJECTIVE: The focus of this research was on the indirect effects of management support (MS) on user compliance behaviour (UCB) towards information security policies (ISPs) among health professionals in selected Malaysian public hospitals. The aim was to identify significant factors and provide a clearer understanding of the nature of compliance behaviour in the health sector environment. METHOD: Using a survey design and stratified random sampling method, self-administered questionnaires were distributed to 454 healthcare professionals in three hospitals. Drawing on theories of planned behaviour, perceived behavioural control (self-efficacy (SE) and MS components) and the trust factor, an information system security policies compliance model was developed to test three related constructs (MS, SE and perceived trust (PT)) and their relationship to UCB towards ISPs. RESULTS: Results showed a 52.8% variation in UCB through significant factors. Partial least squares structural equation modelling demonstrated that all factors were significant and that MS had an indirect effect on UCB through both PT and SE among respondents to this study. CONCLUSION: The research model based on the theory of planned behaviour in combination with other human and organisational factors has made a useful contribution towards explaining compliance behaviour in relation to organisational ISPs, with trust being the most significant factor. In adopting a multidimensional approach to management-user interactions via multidisciplinary concepts and theories to evaluate the association between the integrated management-user values and the nature of compliance towards ISPs among selected health professionals, this study has made a unique contribution to the literature. |
| format |
Article |
| author |
Humaidi, Norshima Balakrishnan, Vimala |
| author_facet |
Humaidi, Norshima Balakrishnan, Vimala |
| author_sort |
Humaidi, Norshima |
| title |
Indirect effect of management support on users’ compliance behaviour towards information security policies |
| title_short |
Indirect effect of management support on users’ compliance behaviour towards information security policies |
| title_full |
Indirect effect of management support on users’ compliance behaviour towards information security policies |
| title_fullStr |
Indirect effect of management support on users’ compliance behaviour towards information security policies |
| title_full_unstemmed |
Indirect effect of management support on users’ compliance behaviour towards information security policies |
| title_sort |
indirect effect of management support on users’ compliance behaviour towards information security policies |
| publisher |
Health Information Management Association of Australia |
| publishDate |
2018 |
| url |
http://eprints.um.edu.my/21855/ https://doi.org/10.1177/1833358317700255 |
| _version_ |
1643691678729502720 |
| score |
13.160551 |