The role of collectivism and moderating effect of IT proficiency on intention to disclose protected health information.

Abstract

This paper aims to identify and understand factors affecting insiders' intention to disclose patients' medical information and to investigate how these factors affect the intention to disclose. Based on the literature review on deterrence theory and health information security awareness (HISA), we identify relevant factors and develop a research model explaining insiders' intention to disclose patients' health information. We collect data (N = 105) through scenario-based experiments. Results show that two personal factors, collectivism, and IT proficiency, play a significant role in the model. While collectivism affects two components (health information security regulation awareness and punishment severity awareness) of HISA which influences intention to disclose, IT proficiency moderates the relationship between HISA and intention to disclose. In addition, HISA negatively affects reporting assessment and intention to disclose. This paper aims to fill a research gap in understanding factors affecting insiders' intentions to disclose protected health information. We identify and investigate factors (e.g., collectivism, HISA, reporting assessment, and IT proficiency) that may affect insiders' disclosing intentions. We find that collectivism affects two components of HISA which influence reporting assessment and disclosing intention. We also discover that IT proficiency moderates the relationship between HISA and intention to disclose. Our findings suggest that we need to carefully consider personal factors such as collectivistic nature and IT proficiency in managing insiders' security breaches.