Does nationality affect nurses’ information security participation? A comparative study in Iran and Poland
Keywords:
safety management, information protection, information security climate, information dissemination, security measuresAbstract
Background:
Confidential personal data breaches are a serious problem for medical service providers. They may result in high financial costs for medical care facilities and unnecessary stress for patients. Research on information security (IS) in healthcare has been insufficient thus far. International studies may add a new perspective on this issue.
Participants and procedure:
A quantitative approach was assumed to analyse relationships between IS climate and IS indicators in countries with dif-ferent cultures (Iran and Poland). The Information Security Climate Index was used in the study. The software PLS3 and SPSS 22 was used for data analysis.
Results:
The results showed that the predicted factors of nurses’ IS participation were different in Iran and Poland. In both coun-tries, nurses’ perception of the importance of IS had an effect on IS participation, but in Poland, IS compliance had an addi-tional positive effect. In addition, IS compliance moderated the relationship between IS motivation and IS participation.
Conclusions:
Components of IS climate have a significant effect on nurses’ IS participation in both Iran and Poland, though nationality can modify this relation. However, in both countries, by linking IS policies with human resource management activities such as performance appraisal and training, nurses’ perception of IS importance can be increased and IS participation can be facilitated.
Downloads
References
Alnatheer, M. A. (2014). A conceptual model to understand information security culture. Inter International Journal of Social Science and Humanity, 4, 104–107. https://doi.org/10.7763/IJSSH.2014.V4.327.
Ameen, N., Tarhini, A., Shah, M. H., Madichie, N., Paul, J., & Choudrie, J. (2021). Keeping customers’ data secure: a cross-cultural study of cybersecurity compliance among the Gen-Mobile workforce. Computers in Human Behavior, 114, 106531. https://doi.org/10.1016/j.chb.2020.106531.
Anderson, C., Baskerville, R. L., & Kaul, M. (2017). Information security control theory: Achieving a sustainable reconciliation between sharing and protecting the privacy of information. Journal of Management Information Systems, 34, 1082–1112. https://doi.org/10.1080/07421222.2017.1394063.
Apkan, N. (2016). Hacking health care records reaches epidemic proportions. Retrieved from https://www.scientificamerican.com/article/hacking-healthcare-records-reaches-epidemic-proportions/.
Bond, C. S. (2007). Nurses’ requirements for information technology: a challenge for educators. International Journal of Nursing Studies, 44, 1075–1078. https://doi.org/10.1016/j.ijnurstu.2007.01.009.
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2009). Roles of information security awareness and perceived fairness in information security policy compliance. Proceedings of the 15th Americas Conference on Information Systems, San Francisco, CA, USA.
Chin, W. W. (2010). How to write up and report PLS analyses. In V. E. Vinzi, W. W. Chin, J. Henseler, & H. Wang (Eds.), Handbook of partial least squares (pp. 655–690). Springer.
Chin, W. W., Marcelin, B. L., & Newsted, P. R. (2003). A partial least squares latent variable modeling approach for measuring interaction effects: Results from a Monte Carlo simulation study and an electronic-mail emotion/adoption study. Information Systems Research, 14, 189–217. https://doi. org/10.1287/isre.14.2.189.16018.
Coppock, D., Zambo, D., Moyo, D., Tanthuma, G., Chapman, J., Re III, V. L., Graziani, A., Lowenthal, E., Hanrahan, N., Littman-Quinn, R., Kovarik, C., Albarracin, D., Holmes, J. H., & Gross, R. (2017). Development and usability of a smartphone application for tracking antiretroviral medication refill data for human immunodeficiency virus. Methods of Information in Medicine, 56, 351–359. https://doi.org/10.1055/s-0040-1713129.
Elst, T., Cavents, C., Daneels, K., Johannik, K., Baillien, E., Van den Broeck, A., & Godderis, L. (2016). Job demands-resources predicting burnout and work engagement among Belgian home health care nurses: a cross-sectional study. Nursing Outlook, 64, 542–556. https://doi.org/10.1016/j.outlook.2016.06.004.
Fardoun, H. M., Alghazzawi, D. M., & De la Guia, M. E. (2020). Using information and communication technologies to enhance patient rehabilitation research techniques. Methods of Information in Medicine, 59, 59–60. https://doi.org/10.1055/s-0040-1715797.
Fernández-Alemán, J. L., Sánchez-Henarejos, A., Toval, A., Sánchez-García, A. B., Hernández-Hernández, I., & Fernandez-Luque, L. (2015). Analysis of health professional security behaviors in a real clinical setting: an empirical study. International Journal of Medical Informatics, 84, 454–467. https://doi.org/10.1016/j.ijmedinf.2015.01.010.
Greenslade, J. H., & Jimmieson, N. L. (2011). Organizational factors impacting on patient satisfaction: a cross sectional examination of service climate and linkages to nurses’ effort and performance. International Journal of Nursing Studies, 48, 1188–1198. https://doi.org/10.1016/j.ijnurstu.2011.04.004.
Grover, S., Shah, S., Bhatia, R., Urusaro, S., Monare, B., Ralefala, T., Seiphetlheng, A., Singh, S. P., & Dhaliwal, G. (2020). Development and usability of a smartphone application for tracking oncology patients in Gaborone, Botswana. Methods of Information in Medicine, 59, 31–40. https://doi.org/ 10.1055/s-0040-1713129.
Guhr, N., Lebek, B., & Breitner, M. H. (2019). The impact of leadership on employees’ intended information security behaviour: an examination of the full‐range leadership theory. Information Systems Journal, 29, 340–362. https://doi.org/10.1111/isj.12202.
Gülkesen, K. H., & Haux, R. (2019). Research subjects and research trends in medical informatics. Methods of Information in Medicine, 58, e1–e13. https:// doi.org/10.1055/s-0039-1681107.
Hallett, N., Huber, J., Sixsmith, J., & Dickens, G. L. (2018). Measuring the violence prevention climate: Development and evaluation of the VPC-14. International Journal of Nursing Studies, 88, 97–103. https://doi.org/10.1016/j.ijnurstu.2018.09.002.
Huang, D. L., Patrick Rau, P. L., Salvendy, G., Gao, F., & Zhou, J. (2011). Factors affecting perception of information security and their impacts on IT adoption and security practices. International Journal of Human – Computer Studies, 69, 870–883. https://doi.org/10.1016/j.ijhcs.2011.07.007.
Humaidi, N., & Balakrishnan, V. (2015). Leadership styles and information security compliance behavior: The mediator effect of information security awareness. International Journal of Information and Education Technology, 5, 311–318. https://doi.org/10.7763/IJIET.2015.V5.522.
Human Development Report 2019 Team (2019). Human Development Report 2019. Beyond income, beyond averages, beyond today: Inequalities in human development in the 21st century (United Nations Development Programme). Retrieved from http:// www.hdr.undp.org/sites/default/files/hdr2019.pdf.
Jackowski, M. (2018). Medical data protection. GDPR in health protection. Wolters Kluwer. Karjalainen, M., Siponen, M., & Sarker, S. (2020). Toward a stage theory of the development of employees’ information security behavior. Computers & Security, 93, 101782. https://doi.org/10.1016/j.cose.2020.101782.
Kessler, S. R., Pindek, S., Kleinman, G., Andel, S. A., & Spector, P. E. (2019). Information security climate and the assessment of information security risk among healthcare employees. Health Informatics Journal, 26, 461–473. https://doi.org/10. 1177/1460458219832048.
Kirsch, L., & Boss, S. (2007). The last line of defense: Motivating employees to follow corporate security guidelines. Proceedings of the 28th International Conference on Information Systems, Montreal, Quebec, Canada.
Kopanitsa, G. (2017). Integration of hospital information and clinical decision support systems to enable the reuse of electronic health record data. Methods of Information in Medicine, 56, 238–247. https://doi.org/10.3414/ME16-01-0057.
Lee, C., Lee, C. C., & Kim, S. (2016). Understanding information security stress: Focusing on the type of information security compliance activity. Computers & Security, 59, 60–70. https://doi.org/10.1016/j. cose.2016.02.004.
Liu, V., Musen, M. A., & Chou, T. (2015). Data breaches of protected health information in the United States. JAMA, 313, 1471–1473. https://doi.org/ 10.1001/jama.2015.2252.
Lowry, P. B., & Moody, G. D. (2013). Explaining opposing compliance motivations towards organizational information security policies. Proceedings of the 46th Hawaii International Conference on System Sciences, Wailea, HI, USA. https://doi.org/10.1109/ HICSS.2013.5.
Madera, J. M., Dawson, M., & Guchait, P. (2016). Psychological diversity climate: Justice, racioethnic minority status and job satisfaction. International Journal of Contemporary Hospitality Management, 28, 2514–2532. https://doi.org/10.1108/ IJCHM-06-2015-0304.
McCoy, T. H., & Perlis, R. H. (2018). Temporal trends and characteristics of reportable health data breaches, 2010-2017. JAMA, 320, 1282–1284. https://doi.org/10.1001/jama.2018.9222.
Mehraeen, E., Ayatollahi, H., & Ahmadi, M. (2014). A study of information security in hospital information systems. Health Information Management, 10, 779–788.
Olds, D. M., Aiken, L. H., Cimiotti, J. P., & Lake, E. T. (2017). Association of nurse work environment and safety climate on patient mortality: a cross-sectional study. International Journal of Nursing Studies, 74, 155–161. https://doi.org/10.1016/j.ijnurstu. 2017.06.004.
Peikari, H. R., Ramayah, T., Shah, M. H., & Lo, M. C. (2018). Patients’ perception of the information security management in health centers: The role of organizational and human factors. BMC Medical Informatics and Decision Making, 18, 1–13. https:// doi.org/10.1186/s12911-018-0681-z.
Piotrowski, A., & Jurek, P. (2019). A preliminary adaptation and validation of the Overwork Climate Scale by Mazzetti, Schaufeli, Guglielmi and Depolo. Medycyna Pracy, 70, 177–188. https://doi. org/10.13075/mp.5893.00771.
Podsakoff, P. M., MacKenzie, S. B., Lee, J. Y., & Podsakoff, N. P. (2003). Common method biases in behavioral research: a critical review of the literature and recommended remedies. Journal of Applied Psychology, 88, 879–903. https://doi.org/10.1037/0021-9010.88.5.879.
Pulverman, C. S., & Meston, C. M. (2020). Sexual dysfunction in women with a history of childhood sexual abuse: The role of sexual shame. Psychological Trauma: Theory, Research, Practice & Policy, 12, 291–299. https://doi.org/10.1037/tra0000506.
Querstret, D., O’Brien, K., Skene, D. J., & Maben, J. (2020). Improving fatigue risk management in healthcare: a systematic scoping review of sleeprelated/fatigue-management interventions for nurses and midwives. International Journal of Nursing Studies, 106, 103513. https://doi.org/10.1016/j. ijnurstu.2019.103513.
Reichers, A. E., & Schneider, B. (1990). Climate and culture: an evolution of constructs. In B. Schneider (Ed.), Organizational climate and culture (pp. 5–39). Jossey-Bass.
Schatz, D., & Bashroush, R. (2019). Security predictions – a way to reduce uncertainty. Journal of Information Security and Applications, 45, 107–116. https://doi.org/10.1016/j.jisa.2019.01.009.
Schneider, B., Ehrhart, M., & Macey, W. (2013). Organizational climate and culture. Annual Review of Psychology, 64, 361–388. https://doi.org/10.1146/ annurev-psych-113011-143809.
Simmonds, M. (2018). Instilling a culture of data security throughout the organisation. Network Security, 2018, 9–12. https://doi.org/10.1016/S1353-4858(18)30055-2.
Sołtysik-Piorunkiewicz, A. (2014). The recent ideas and trends in health care information systems in Poland. Studia Ekonomiczne, 188, 218–225.
Thye, J., Esdar, M., Liebe, J. D., Jahn, F., Winter, A., & Hübner, U. (2020). Professionalism of information management in health care: Development and validation of the construct and its measurement. Methods of Information in Medicine, 59, e1–e12. https://doi.org/10.1055/s-0040-1712465.
Toode, K., Routasalo, P., & Suominen, T. (2011). Work motivation of nurses: a literature review. International Journal of Nursing Studies, 48, 246–257. https://doi.org/10.1016/j.ijnurstu.2010.09.013.
Urbach, N., & Ahlemann, F. (2010). Structural equation modeling in information systems research using partial least squares. Journal of Information Technology Theory and Application, 11, 5–40.
Vance, A., Siponen, M., & Pahnila, S. (2012). Motivating IS security compliance: Insights from habit and protection motivation theory. Information & Management, 49, 190–198. https://doi.org/10.1016/j. im.2012.04.002.
Verizon Risk Team (2018). Data breach investigations report (11th edition). Retrieved from https://enterprise.verizon.com/resources/reports/DBIR 2018 Report.pdf.
Vinzi, V. E., Trinchera, L., & Amato, S. (2010). PLS path modeling: From foundations to recent developments and open issues for model assessment and improvement. In V. E. Vinzi, W. W. Chin, J. Henseler, & H. Wang (Eds.), Handbook of partial least squares (pp. 47–82). Springer.
Wagg, A. J., Callanan, M. M., & Hassett, A. (2018). The use of computer mediated communication in providing patient support: a review of the research literature. International Journal of Nursing Studies, 82, 68–78. https://doi.org/10.1016/j.ijnurstu.2018.03.010.