Continuance compliance of privacy policy of electronic medical records: the roles of both motivation and habit

BackgroundHospitals have increasingly realized that wholesale adoption of electronic medical records (EMR) may introduce differential tangible/intangible benefits to them, including improved quality-of-care, reduced medical errors, reduced costs, and allowable instant access to relevant patient information by healthcare professionals without the limitations of time/space. However, an increased reliance on EMR has also led to a corresponding increase in the negative impact exerted via EMR breaches possibly leading to unexpected damage for both hospitals and patients. This study investigated the possible antecedents that will influence hospital employees’ continuance compliance with privacy policy of Electronic Medical Records (EMR). This is done from both motivational and habitual perspectives; specifically, we investigated the mediating role of habit between motivation and continuance compliance intention with EMR privacy policy.MethodsData was collected from a large Taiwanese medical center by means of survey methodology. A total of 312 responses comprised of various groups of healthcare professionals was collected and analyzed via structural equation modeling.ResultsThe results demonstrated that self-efficacy, perceived usefulness, and facilitating conditions may significantly predict hospital employees’ compliance habit formation, whereas habit may significantly predict hospital employees’ intention to continuance adherence to EMR privacy policy. Further, habit partially mediates the relationships between self-efficacy, perceived usefulness, facilitating conditions and continuance adherence intention.ConclusionsBased on our findings, the study suggests that healthcare facilities should take measures to promote their employees’ habitualization with continuous efforts to protect EMR privacy parameters. Plausible strategies include improving employees’ levels of self-efficacy, publicizing the effectiveness of on-going privacy policy, and creating a positive habit-conducive environment leading to continued compliance behaviors.

[1]  Jordan Shropshire,et al.  Continuance of protective security behavior: A longitudinal study , 2016, Decis. Support Syst..

[2]  B. Verplanken,et al.  Habit, attitude, and planned behaviour : is habit an empty construct or an interesting case of goal-directed automaticity? , 1999 .

[3]  Juhee Kwon,et al.  Health-Care Security Strategies for Data Protection and Regulatory Compliance , 2013, J. Manag. Inf. Syst..

[4]  Marko Sarstedt,et al.  Partial least squares structural equation modeling (PLS-SEM): An emerging tool in business research , 2014 .

[5]  B. Gardner,et al.  Does intrinsic motivation strengthen physical activity habit? Modeling relationships between self-determination, past behaviour, and habit strength , 2013, Journal of Behavioral Medicine.

[6]  Chaoyun Liang,et al.  The Impact of College Students’ Intrinsic and Extrinsic Motivation on Continuance Intention to Use English Mobile Learning Systems , 2013 .

[7]  Kuang-Ming Kuo,et al.  Compliance With Electronic Medical Records Privacy Policy: An Empirical Investigation of Hospital Information Technology Staff , 2017, Inquiry: A Journal of Medical Care Organization, Provision and Financing.

[8]  Irene Pala,et al.  BMC Medical Informatics and Decision Making , 2014, BMC Medical Informatics and Decision Making.

[9]  Chun-Ming Chang,et al.  Re-examining the influence of trust on online repeat purchase intention: The moderating role of habit and its antecedents , 2012, Decis. Support Syst..

[10]  Anol Bhattacherjee,et al.  Understanding Information Systems Continuance: An Expectation-Confirmation Model , 2001, MIS Q..

[11]  Mo Adam Mahmood,et al.  Employees' adherence to information security policies: An exploratory field study , 2014, Inf. Manag..

[12]  P. Callero,et al.  Role identity and reasoned action in the prediction of repeated behavior , 1988 .

[13]  B. Verplanken Beyond frequency: habit as mental construct. , 2006, The British journal of social psychology.

[14]  Nadja Dwenger,et al.  Extrinsic and intrinsic motivations for tax compliance: evidence from a field experiment in Germany , 2016 .

[15]  Sarv Devaraj,et al.  Employee Misuse of Information Technology Resources: Testing a Contemporary Deterrence Model , 2012, Decis. Sci..

[16]  Mikko T. Siponen,et al.  Improving Employees' Compliance Through Information Systems Security Training: An Action Research Study , 2010, MIS Q..

[17]  Moez Limayem,et al.  How Habit Limits the Predictive Power of Intention: The Case of Information Systems Continuance , 2007, MIS Q..

[18]  Stuart J. Barnes,et al.  Understanding use continuance in virtual worlds: Empirical test of a research model , 2011, Inf. Manag..

[19]  Jiming Wu,et al.  Effects of Extrinsic and Intrinsic Motivators on Using Utilitarian, Hedonic, and Dual-Purposed Information Systems: A Meta-Analysis , 2013, J. Assoc. Inf. Syst..

[20]  A. Meyer The Health Insurance Portability and Accountability Act. , 1997, Tennessee medicine : journal of the Tennessee Medical Association.

[21]  Wendy Wood,et al.  Habit and intention in everyday life: The multiple processes by which past behavior predicts future behavior. , 1998 .

[22]  H C Triandis,et al.  Values, attitudes, and interpersonal behavior. , 1980, Nebraska Symposium on Motivation. Nebraska Symposium on Motivation.

[23]  Gilbert A. Churchill A Paradigm for Developing Better Measures of Marketing Constructs , 1979 .

[24]  Kuang-Ming Kuo,et al.  How Do Patients Respond to Violation of Their Information Privacy? , 2014, Health information management : journal of the Health Information Management Association of Australia.

[25]  Steven R. Simon,et al.  The relationship between electronic health record use and quality of care over time. , 2009, Journal of the American Medical Informatics Association : JAMIA.

[26]  P. Patterson,et al.  The Roles of Habit, Self-Efficacy, and Satisfaction in Driving Continued Use of Self-Service Technologies , 2013 .

[27]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[28]  H. Aarts,et al.  Habits as knowledge structures: automaticity in goal-directed behavior. , 2000, Journal of personality and social psychology.

[29]  Mikko T. Siponen,et al.  Motivating IS security compliance: Insights from Habit and Protection Motivation Theory , 2012, Inf. Manag..

[30]  Kuang-Ming Kuo,et al.  A survey-based study of factors that motivate nurses to protect the privacy of electronic medical records , 2015, BMC Medical Informatics and Decision Making.

[31]  R Core Team,et al.  R: A language and environment for statistical computing. , 2014 .

[32]  Ofir Turel,et al.  Quitting the use of a habituated hedonic information system: a theoretical model and empirical examination of Facebook users , 2015, Eur. J. Inf. Syst..

[33]  Tejaswini Herath,et al.  Understanding continuance intentions of physicians with electronic medical records (EMR): An expectancy-confirmation perspective , 2015, Decis. Support Syst..

[34]  R. Oliver A Cognitive Model of the Antecedents and Consequences of Satisfaction Decisions , 1980 .

[35]  Anol Bhattacherjee,et al.  A unified model of IT continuance: three complementary perspectives and crossover effects , 2015, Eur. J. Inf. Syst..

[36]  Fred D. Davis Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology , 1989, MIS Q..

[37]  Jie Zhang,et al.  Impact of perceived technical protection on security behaviors , 2009, Inf. Manag. Comput. Secur..

[38]  Venkatesh,et al.  Computer Technology Training in the Workplace: A Longitudinal Investigation of the Effect of Mood. , 1999, Organizational behavior and human decision processes.

[39]  Kuang-Ming Kuo,et al.  How can hospitals better protect the privacy of electronic medical records? Perspectives from staff members of health information management departments , 2017, Health information management : journal of the Health Information Management Association of Australia.

[40]  H. Aarts,et al.  Habits as knowledge structures: Automaticity in goal-directed behavior , 2000 .

[41]  Kevin G Volpp,et al.  Harnessing the Right Combination of Extrinsic and Intrinsic Motivation to Change Physician Behavior. , 2015, JAMA.

[42]  Kai-Yu Tang,et al.  Exploring the influential factors in continuance usage of mobile social Apps: Satisfaction, habit, and customer value perspectives , 2016, Telematics Informatics.

[43]  Moez Limayem,et al.  Understanding information systems continuance: The case of Internet-based learning technologies , 2008, Inf. Manag..

[44]  B. Verplanken,et al.  Habit, information acquisition, and the process of making travel mode choices , 1997 .

[45]  Matthew K. O. Lee,et al.  Acceptance of Internet-based learning medium: the role of extrinsic and intrinsic motivation , 2005, Inf. Manag..

[46]  Ming-Chien Hung,et al.  A Deterrence Approach to Regulate Nurses’ Compliance with Electronic Medical Records Privacy Policy , 2017, Journal of Medical Systems.

[47]  H. Humphrey,et al.  Standards for privacy of individually identifiable health information. , 2003, Health care law monthly.

[48]  Dennis F. Galletta,et al.  What Do Systems Users Have to Fear? Using Fear Appeals to Engender Threats and Fear that Motivate Protective Security Behaviors , 2015, MIS Q..

[49]  Rebecca Herold,et al.  Standards for privacy of individually identifiable health information. Office of the Assistant Secretary for Planning and Evaluation, DHHS. Final rule. , 2001, Federal register.

[50]  Ritu Agarwal,et al.  The Digitization of Healthcare: Boundary Risks, Emotion, and Consumer Willingness to Disclose Personal Health Information , 2011, Inf. Syst. Res..

[51]  David P MacKinnon,et al.  RMediation: An R package for mediation analysis confidence intervals , 2011, Behavior research methods.

[52]  H. Aarts,et al.  Physical exercise habit: on the conceptualization and formation of habitual health behaviours. , 1997, Health education research.

[53]  Tejaswini Herath,et al.  Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness , 2009, Decis. Support Syst..

[54]  E. Deci,et al.  Intrinsic and Extrinsic Motivations: Classic Definitions and New Directions. , 2000, Contemporary educational psychology.

[55]  Peter A. Todd,et al.  Understanding Information Technology Usage: A Test of Competing Models , 1995, Inf. Syst. Res..

[56]  Rex B. Kline,et al.  Principles and Practice of Structural Equation Modeling , 1998 .

[57]  Michael Foth,et al.  Factors influencing the intention to comply with data protection regulations in hospitals: based on gender differences in behaviour and deterrence , 2016, Eur. J. Inf. Syst..

[58]  Moez Limayem,et al.  Force of Habit and Information Systems Usage: Theory and Initial Validation , 2003, J. Assoc. Inf. Syst..

[59]  Helen Henshaw,et al.  Intrinsic and extrinsic motivation is associated with computer-based auditory training uptake, engagement, and adherence for people with hearing loss , 2015, Front. Psychol..

[60]  Friedrich Leisch,et al.  semPLS: Structural Equation Modeling Using Partial Least Squares , 2012 .