Organizational Power and Information Security Rule Compliance
نویسندگان
چکیده
This paper analyzes power relationships and the resulting failure in complying with information security rules. We argue that inability to understand the intricate power relationships in the design and implementation of information security rules leads to a lack of compliance with the intended policy. We conduct the argument through an empirical, qualitative case study set in a Swedish Social Services organization. Our findings suggest a relationship between dimensions of power and information security rules and the impact there might be on compliance behavior. This also helps to improve configuration of security rules through proactive information security
منابع مشابه
Which Hospitals Are Complying with HIPAA: An Empirical Investigation of US Hospitals1,2
Since the passage of HIPAA regulation, US hospitals have gone on a high gear by investing organizational resources on HIPAA policy and procedures, information technologies, and information privacy & security safeguards to achieve compliance status by the enforcement dates. Yet, recent industry report, conducted post HIPAA enforcement deadlines, presents a bleak picture of HIPAA compliance, rais...
متن کاملThe Neo-Institutional View of HIPAA Compliance in Home Health Care
Despite many years since the enactment of the Health Insurance Portability and Accountability Act (HIPAA), healthcare providers have been slow to fully comply with the regulatory requirements, especially the privacy and security rules concerning protection of electronic personal health information. Neo-institutional theory, a dominant analytical perspective of organizational behavior, suggests ...
متن کاملOrganisational Security Culture and Information Security Compliance for E-Government Development: The Moderating Effect of Social Pressure
Rapid development of e-government has exposed critical public information to the possibility of cybercrime. Information security has become a critical issue that needs to be adequately addressed in egovernment development. This paper develops an information security compliance model by drawing insights from organizational and institutional theory literature to examine how organizational securit...
متن کاملInvestigating the Role of Socio-organizational Factors in the Information Security Compliance in Organizations
The increase reliance on information systems has created unprecedented challenges for organizations to protect their critical information from different security threats that have direct consequences on the corporate liability, loss of credibility, and monetary damage. As a result, the security of information has become critical in many organizations. This study investigates the role of socio-o...
متن کاملExploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)
A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...
متن کامل