MEANINGFUL HEALTHCARE SECURITY : DOES MEANINGFUL-USE ATTESTATION IMPROVE INFORMATION SECURITY PERFORMANCE?
|Journal / Publication||MIS Quarterly: Management Information Systems|
|Publication status||Published - Dec 2018|
|Link to Scopus||https://www.scopus.com/record/display.uri?eid=2-s2.0-85055998031&origin=recordpage|
Certification mechanisms are often employed to assess and signal difficult-to-observe management practices and foster improvement. In the U.S. healthcare sector, a certification mechanism called meaningful-use attestation was recently adopted as part of an effort to encourage electronic health record (EHR) adoption while also focusing healthcare providers on protecting sensitive healthcare data. This new regime motivated us to examine how meaningful-use attestation influences the occurrence of data breaches. Using a propensity score matching technique combined with a difference-in-differences (DID) approach, our study shows that the impact of meaningful-use attestation is contingent on the nature of data breaches and the time frame. Hospitals that attest to having reached Stage 1 meaningful-use standards observe fewer external breaches in the short term, but do not see continued improvement in the following year. On the other hand, attesting hospitals observe short-term increases in accidental internal breaches but eventually see long-term reductions. We do not find any link between malicious internal breaches and attestation. Our findings offer theoretical and practical insights into the effective design of certification mechanisms.
- Data breaches, Electronic healthcare records, Healthcare, Meaningful-use, Security, ISO-9000 CERTIFICATION, FINANCIAL PERFORMANCE, QUALITY MANAGEMENT, TECHNOLOGY DIFFUSION, GLOBAL DIFFUSION, RECORD SYSTEMS, MARKET VALUE, IMPACT, ADOPTION, FIRMS
MIS Quarterly: Management Information Systems, Vol. 42, No. 4, 12.2018, p. 1043-1067.
Research output: Journal Publications and Reviews (RGC: 21, 22, 62) › 21_Publication in refereed journal › peer-review
Kwon, J & Johnson, ME 2018, 'MEANINGFUL HEALTHCARE SECURITY: DOES MEANINGFUL-USE ATTESTATION IMPROVE INFORMATION SECURITY PERFORMANCE?', MIS Quarterly: Management Information Systems, vol. 42, no. 4, pp. 1043-1067. <https://misq.org/meaningful-healthcare-security-does-meaningful-use-attestation-improve-information-security-performance.html>
Kwon, J., & Johnson, M. E. (2018). MEANINGFUL HEALTHCARE SECURITY: DOES MEANINGFUL-USE ATTESTATION IMPROVE INFORMATION SECURITY PERFORMANCE? MIS Quarterly: Management Information Systems, 42(4), 1043-1067. https://misq.org/meaningful-healthcare-security-does-meaningful-use-attestation-improve-information-security-performance.html
Kwon J, Johnson ME. MEANINGFUL HEALTHCARE SECURITY: DOES MEANINGFUL-USE ATTESTATION IMPROVE INFORMATION SECURITY PERFORMANCE? MIS Quarterly: Management Information Systems. 2018 Dec;42(4):1043-1067.