{"title":"Challenges in Addressing Information Security Compliance in Healthcare Research: The Human Factor","authors":"Sweden S. De Matas, B. Keegan","doi":"10.11648/j.ajomis.20200502.12","DOIUrl":null,"url":null,"abstract":"This retrospective case report aimed to evaluate the impact of information security compliance in research programs across a large federal healthcare organization. The authors sought to discern whether the methodologies employed for promoting and ensuring compliance delivered the expected benefits and produced a more informed basis for employee decision-making. Data collected from compliance report assessments conducted at 103 federal research programs were reviewed and analyzed by clustering into three primary groupings (procedural, technological and behavioral). While noncompliance related to technological strategies was rare, moderate levels of procedural noncompliance was observed across most areas of analysis, and the highest rates of non-compliance identified in the behavioral category and observed across all areas of analysis, signifying the need for a more comprehensive approach to information security oversight and compliance strategies with specific consideration to those factors that impact human behavior.","PeriodicalId":345253,"journal":{"name":"American Journal of Operations Management and Information Systems","volume":"1988 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"American Journal of Operations Management and Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11648/j.ajomis.20200502.12","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
This retrospective case report aimed to evaluate the impact of information security compliance in research programs across a large federal healthcare organization. The authors sought to discern whether the methodologies employed for promoting and ensuring compliance delivered the expected benefits and produced a more informed basis for employee decision-making. Data collected from compliance report assessments conducted at 103 federal research programs were reviewed and analyzed by clustering into three primary groupings (procedural, technological and behavioral). While noncompliance related to technological strategies was rare, moderate levels of procedural noncompliance was observed across most areas of analysis, and the highest rates of non-compliance identified in the behavioral category and observed across all areas of analysis, signifying the need for a more comprehensive approach to information security oversight and compliance strategies with specific consideration to those factors that impact human behavior.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
