Information Technology Security Research Study

Paper

Saturday, 22 July 2006

This presentation is part of : Creative Use of Technology

Walter O. Baggett, PhD, CPA, School of Business, Manhattan College, Riverdale, NY, USA, Christine Malmgreen, MA, RN-BC, CHES, Nursing administration, HUdson Valley Hospital Center, Cortlandt Manor, NY, USA, Paula L. Graham, MS, RN, Hospital Information Systems, Phelps Memorial Hospital Center, Sleepy Hollow, NY, USA, and Juanita Fernando, BA, MA, Faculties of Information Technology & Medicine, Nursing & Health Sciences, Monash Universtiy, Clayton, Australia.

Learning Objective #1: • The learner will be able explain the importance of attitudes and values in assuring information systems security and how they can be measured
Learning Objective #2: • The learner will be able to develop criteria for educational programs to enhance information systems security.

This research builds on three 2003 publications. Those studies used the nine values of Organization for Economic Cooperation and Development’s (OECD) Guidelines for the Security of Information Systems and Network as dimensions for the development of an instrument to measure ethics, attitudes and opinions towards information system security. In this study a self-efficacy perspective has been the added. The underlying theoretical point is that, while people may have very positive attitudes and values towards computer security, unless they have an adequate level of self-efficacy towards their ability to act and have a positive effect on a given situation, there is a strong possibility they will not act on those attitudes and values. This study administered a pair of surveys to healthcare professionals. The first survey, the one developed in 2003, was the same for all participants. The second survey attempts to address self-efficacy towards healthcare information systems security behaviors. It was prepared and administered in two formats. One format was completed by staff. It asked them how confident they are that they can perform specific behaviors. The second format was completed by managers. It asked them how confident they were that they can help their staff perform specific behaviors. This study has a number of important outcomes. First it provides information on the underlying survey instruments. Issues such as format, clarity, instructions, administration and the validity of the nine OECD dimensions are addressed. Correlations between the surveys also provide information on the relationships between what people believe, what they are willing to do and how those attitudes and values correspond to managements’ perceptions. Finally, this study provides input into the needs for educational programs. Eventually, the surveys will be part of before and after tests to assess the effectiveness of training programs and established security protocols.

See more of Creative Use of Technology
See more of The 17th International Nursing Research Congress Focusing on Evidence-Based Practice (19-22 July 2006)