Purpose Based on neo-institutional theory, this study evaluates factors that affect instances of data breaches in a hospital. The authors study the effect of adopting the health information exchange (HIE) initiative on a hospital’s data breach threats. This study integrates formal and information institutional factors to identify the antecedents that influence data breaches when adopting HIE. This study uses a hospital’s entrepreneurial orientation (EO) as a formal institutional factor and national culture (collectivism–individualism) as an informal institutional factor. Design/methodology/approach Using a Statistical Analysis System, the authors analyze US hospital observations over five years. The data was collected from the Health Information and Management Systems Society (HIMSS) database, the Health and Human Services website and the Vandello and Cohen (1999) collectivism index. Findings This study finds that when hospitals adopt HIEs, data breaches increase. This study also finds that both EO (formal institutional factor) and the individualism–collectivism index (informal institutional factor) significantly moderate these instances. Research limitations/implications HIMSS has not updated its data set to reflect recent hospital data, so this study’s data set lacks recent data on US hospitals. Originality/value This study is one of the few studies to address the impact of cultural variation in US hospitals and how it interacts with entrepreneurial activity to lower data breach threats when adopting new data exchange standards.
Read full abstract