Health service employees and information security policies: an uneasy partnership?

$58.76 plus tax (Refund Policy)

Buy Article:

Abstract:

Purpose ‐ The purpose of this paper is to investigate how employees in a health board perceived and experienced information governance policies. Design/methodology/approach ‐ The approach was interpretive. A series of interviews was carried out and the transcripts were analysed using an interpretative phenomenological approach. Findings ‐ The authors discovered that staff often felt subjugated by policies, they experienced a lack of support, and experienced pressure to comply and to motivate the staff they managed to comply with policy directives. It was also obvious that all interviewees were highly motivated and concerned about information security. The authors conclude by proposing some mediation: a recognition and reward scheme to reward secure behaviour, the implementation of an incident response process, facilitated upward communication and development of a security culture in the organisation. Finally, the authors argue for the same rules to apply to all staff, so that procedures are fair, and seen to be so. Practical implications ‐ The authors make some recommendations for mediation, which should ensure that employees experience less pressure in complying with policy directives. Social implications ‐ If the authors' recommendations are followed, information security is bound to improve, which would be an outcome greatly to be desired. Originality/value ‐ This paper empirically confirms recommendations made by other researchers working in this area.
Related content

Share Content

Access Key

Free Content
Free content
New Content
New content
Open Access Content
Open access content
Subscribed Content
Subscribed content
Free Trial Content
Free trial content
Cookie Policy
X
Cookie Policy
ingentaconnect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more