An Exploratory Study on Physicians' Diligence when Dealing with Patient Data

Recent history shows an increasing number of privacy breaches, usually attributed to a lack of diligence when handling personal data. Little awareness for privacy concerns is asserted as the pivotal negative effect on diligence. Challenging this conventional wisdom, this study shows that physicians are fully aware of the privacy issues. Their lack of diligence mainly results from a trade-off between the prospected consequences resulting from a privacy breach and the impediments diligent data handling has on the actual workflow of the physicians. Based on the grounded theory method, we chose hospitals as research field since patient data is commonly perceived as especially sensitive. We add to the body of knowledge by emphasizing the role of actors processing personal data in contrast to existing research that focuses on the behavior of affected actors, such as consumers. In sum, we provide a new perspective on the factors leading to privacy breaches.

[1]  Kai Lung Hui,et al.  Online Information Privacy: Measuring the Cost-Benefit Trade-Off , 2002, ICIS.

[2]  S. Berg Snowball Sampling—I , 2006 .

[3]  David W. Bates,et al.  Position Paper: Factors and Forces Affecting EHR System Adoption: Report of a 2004 ACMI Discussion , 2004, J. Am. Medical Informatics Assoc..

[4]  Daniel B. Hier,et al.  Differing faculty and housestaff acceptance of an electronic health record , 2005, Int. J. Medical Informatics.

[5]  Vimla L. Patel,et al.  Cognitive models in training health professionals to protect patients' confidential information , 2000, Int. J. Medical Informatics.

[6]  Mark S. Ackerman,et al.  Privacy in e-commerce: examining user scenarios and privacy preferences , 1999, EC '99.

[7]  Naresh K. Malhotra,et al.  Internet Users' Information Privacy Concerns (IUIPC): The Construct, the Scale, and a Causal Model , 2004, Inf. Syst. Res..

[8]  W. Ryan,et al.  Privacy and freedom: Alan F. Westin Atheneum Publishers, $10 , 1967 .

[9]  Alessandro Acquisti,et al.  The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study , 2011, WEIS.

[10]  R. Laufer,et al.  Privacy as a Concept and a Social Issue: A Multidimensional Developmental Theory , 1977 .

[11]  Albert H. Segars,et al.  An Empirical Examination of the Concern for Information Privacy Instrument , 2002, Inf. Syst. Res..

[12]  Jan Jürjens,et al.  Secure Information Systems Engineering: Experiences and Lessons Learned from Two Health Care Projects , 2009, CAiSE.

[13]  Tamara Dinev,et al.  An Extended Privacy Calculus Model for E-Commerce Transactions , 2006, Inf. Syst. Res..

[14]  R. Bies,et al.  Consumer Privacy: Balancing Economic and Justice Considerations , 2003 .

[15]  Ramnath K. Chellappa,et al.  Personalization versus Privacy: An Empirical Examination of the Online Consumer’s Dilemma , 2005, Inf. Technol. Manag..

[16]  Hamid R. Nemati,et al.  The Effect of Consumer Privacy Empowerment on Trust and Privacy Concerns in E-Commerce , 2007, Electron. Mark..

[17]  Ellen Rose,et al.  An Empirical Examination of the Concern for Information Privacy Construct in the New Zealand Context , 2004, IASSIST Conference.

[18]  Mikko T. Siponen,et al.  Five dimensions of information security awareness , 2001, CSOC.

[19]  A. Strauss,et al.  Grounded theory , 2017 .

[20]  Bettina Berendt,et al.  E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior , 2001, EC '01.

[21]  Thomas C. Rindfleisch,et al.  Privacy, information technology, and health care , 1997, CACM.

[22]  Yi Mu,et al.  Personal Health Record Systems and Their Security Protection , 2006, Journal of Medical Systems.

[23]  B. Lo,et al.  Uses and abuses of prescription drug information in pharmacy benefits management programs. , 2000, JAMA.

[24]  Daniel R. Horne,et al.  The Privacy Paradox: Personal Information Disclosure Intentions versus Behaviors , 2007 .

[25]  Kim Sheehan,et al.  Toward a Typology of Internet Users and Online Privacy Concerns , 2002, Inf. Soc..

[26]  Ted O’Donoghue,et al.  The economics of immediate gratification , 2000 .

[27]  Kai Lung Hui,et al.  Overcoming Online Information Privacy Concerns: An Information-Processing Theory Approach , 2007, J. Manag. Inf. Syst..

[28]  Robert Boguslaw,et al.  Privacy and Freedom , 1968 .

[29]  Adam Shostack,et al.  The New School of Information Security , 2008 .

[30]  Alessandro Acquisti,et al.  Privacy and rationality in individual decision making , 2005, IEEE Security & Privacy.

[31]  Louis D. Brandeis,et al.  The Right to Privacy , 1890 .

[32]  H. Jeff Smith,et al.  Information Privacy: Measuring Individuals' Concerns About Organizational Practices , 1996, MIS Q..