Abstract
BackgroundThis study explored the possible antecedents that will motivate hospital employees’ compliance with privacy policy related to electronic medical records (EMR) from a deterrence perspective. Further, we also investigated the moderating effect of computer monitoring on relationships among the antecedents and the level of hospital employees’ compliance intention.MethodsData was collected from a large Taiwanese medical center using survey methodology. A total of 303 responses was analyzed via hierarchical regression analysis.ResultsThe results revealed that sanction severity and sanction certainty significantly predict hospital employees’ compliance intention, respectively. Further, our study found external computer monitoring significantly moderates the relationship between sanction certainty and compliance intention.ConclusionsBased on our findings, the study suggests that healthcare facilities should take proactive countermeasures, such as computer monitoring, to better protect the privacy of EMR in addition to stated privacy policy. However, the extent of computer monitoring should be kept to minimum requirements as stated by relevant regulations.
Highlights
This study explored the possible antecedents that will motivate hospital employees’ compliance with privacy policy related to electronic medical records (EMR) from a deterrence perspective
Since deterrence and detection have already been well-studied to predict individuals’ unlawful behaviors [14,15,16,17,18], taken from the perspective that detection can strengthen deterrence effect [12], we argue that the associations between the sanction severity/sanction certainty of deterrence theory and policy compliance intention are contingent on the level of computer monitoring performed
The results revealed that sanction severity (β = 0.159, p = .002), sanction certainty (β = 0.361, p < .001) and computer monitoring (β = 0.410, p < .001) were all significant, providing support for H1 and H2
Summary
This study explored the possible antecedents that will motivate hospital employees’ compliance with privacy policy related to electronic medical records (EMR) from a deterrence perspective. An increasing reliance on EMR has led to a corresponding increase in the possible negative influences risked in EMR breaches from unauthorized access to EMR by internal staff or outside sources. These breaches may cause intangible/tangible damage to both hospitals and private individuals alike [5] since the burgeoning volume of digital medical records remains highly accessible to both authorized and unauthorized users [6]. There were a total of 16,471,765 patients whose medical records were breached intentionally or unintentionally in 2016 alone Most of these reported incidents of privacy violations in healthcare facilities stem from staff
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
