벤처창업연구 (Asia-Pacific Journal of Business Venturing and Entrepreneurship)

  • 제17권4호
  • /
  • Pages.163-172
  • /
  • 2022
  • /
  • 1975-7557(pISSN)
  • /
  • 2671-9509(eISSN)
한국벤처창업학회 (The Korean Society of Business Venturing)
권호 표지

디지털 헬스케어 서비스 제공자의 정보보호의도에 관한 연구

A Study on the Information Protection Intention of Digital Healthcare Service Providers

  • 양창규 (아주대학교 경영대학 e-비즈니스학과)
  • 투고 : 2022.04.26
  • 심사 : 2022.08.17
  • 발행 : 2022.08.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

본 연구는 디지털 헬스케어 서비스 제공자의 보호동기를 형성하는 위험평가와 대처평가가 정보보호의도의 주요한 요인인 유도통제의도와 자기방어의도에 미치는 영향을 확인하고자 한다. 연구모형은 보호동기이론을 기반으로 기존 선행연구를 통해 심각성, 취약성, 반응효능감, 자기효능감을 독립변수로 채택하였다. 연구모형 검증을 위해 한국의 디지털 헬스케어 서비스 기업 임직원 222명을 대상으로 설문조사를 실시하였으며, 데이터는 구조방정식을 사용하여 분석하였다. 연구결과에 따르면 (1) 보안위협의 결과에 대한 명확한 인지가 디지털 헬스케어 서비스 제공자의 정보유출 사고에 대한 심각성에 대한 이해를 높여주고, 이를 통해 디지털 헬스케어 서비스 제공자의 오남용을 줄일 수 있으며, (2) 보안시스템에 대한 디지털 헬스케어 서비스 제공자의 신뢰와 만족이 스스로 정보유출에 대응할 수 있다는 자신감을 형성시킬 수 있고, (3) 디지털 헬스케어 서비스 제공자는 정보유출로 인해 돌아오는 결과를 인지하고 있지만, 실제 자신에게 발생할 수 있는 가능성은 적다고 생각하고 있음을 확인하였다. 이 연구결과는 디지털 헬스케어 서비스를 운영하는 벤처기업은 디지털 헬스케어 서비스 제공자의 정보보호의도를 높이기 위해서 디지털 헬스케어 서비스 제공자의 보안수준을 높일 수 있는 지속적인 콘텐츠 제공이 필요하고, 타 벤처기업대비 높은 수준의 보안시스템을 도입하여 디지털 헬스케어 서비스 제공자의 신뢰를 통해 정보보호 동기유발이 중요하다는 점을 시사한다.

This study investigates the IPI (Information Protection Intention) of DHS (Digital Healthcare Service) providers by introducing PMT (Protection Motivation Theory). This study examines the effects of protection motivation, such as threat appraisal and coping appraisal, on IPI, such as ICI(Induction Control Intention) and SDI(Self Defense Intention). The research model, based on the PMT, adopted severity, vulnerability, reaction efficacy and self-efficacy as independent variables. The research model was validated through quantitative research, a survey of 222 DHS providers in South Korea, using structural equation modeling. The results show that (1) a clear awareness of the consequences of security threats increases the understanding of DHS providers on the severity of closure of healthcare information, and thus may decreases abuse of DHS by providers; (2) user confidence and satisfaction on the security system may make them be confident that they can handle the closure of healthcare information by themselves; and (3) although DHS providers are realizing the consequences of closure of healthcare information, they think that they are unlikely to encounter such situations. As a result of this study, venture companies that provide DHS need to provide contents that can continuously increase providers' security level in order to increase providers' information protection intention. It suggests that IPI is important through trust of healthcare service providers.

키워드

참고문헌

  1. Agarwal, R., Gao, G., DesRoches, C., & Ashish. K. J.(2010). The digital transformation of healthcare: Current status and the road ahead. Information Systems Research, 21(4), 796-809. https://doi.org/10.1287/isre.1100.0327
  2. Ahn, J. M.(2021). Comparative Analysis of the Economic Ripple Effect of the Digital Healthcare Industry and the Telemedicine Industry. The e-Business Studies, 22(5), 15-25. https://doi.org/10.20462/TeBS.2021.10.22.5.15
  3. Ajzen, I.(1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179-211. https://doi.org/10.1016/0749-5978(91)90020-T
  4. Anderson, C. L., & Agarwal, R.(2011). The digitization of healthcare: Boundary risks, emotion, and consumer willingness to disclose personal health information. Information Systems Research, 22(3), 469-490. https://doi.org/10.1287/isre.1100.0335
  5. Bulgurcu, B., Cavusoglu, H., & Benbasat, I.(2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523-548. https://doi.org/10.2307/25750690
  6. Choi, H. S., Lee, W. S., & Sohn, S. Y.(2017). Analyzing research trends in personal information privacy using topic modeling. Computers & Security, 67, 244-253. https://doi.org/10.1016/j.cose.2017.03.007
  7. Compeau, D. R., & Higgins, C. A.(1995). Computer self-efficacy: Development of a measure and initial test. MIS Quarterly, 19(2), 189-211. https://doi.org/10.2307/249688
  8. Dinev, T., & Hart, P.(2006). An extended privacy calculus model for e-commerce transactions. Information Systems Research, 17(1), 61-80. https://doi.org/10.1287/isre.1060.0080
  9. Edwards, W.(1954). The theory of decision making. Psychological Bulletin, 51(4), 380-417. https://doi.org/10.1037/h0053870
  10. Gonsalves, J.(2018). The necessity for federal organizations to ensure proper privacy and security compliance of mobile health care applications. Journal of High Technology, 19(1.5), 251-278.
  11. Gritzalis, D., & Lambrinoudakis, C.(2004). A security architecture for interconnecting health information systems. International Journal of Medical Informatics, 73(3), 305-309. https://doi.org/10.1016/j.ijmedinf.2003.12.011
  12. Guadarrama, A.(2018). Mind the gap: Addressing gaps in HIPAA coverage in the mobile health apps industry. Houston Law Review, 55(4), 999-1025.
  13. Ham, M. J.(2022.2.25.). A large hospital with 200,000 medical information stolen. "Is the notice over?" victims' anger. The JoongAng, https://www.joongang.co.kr/article/25051054#home.
  14. Hurson, A. R., Ploskonka, J. A., Jiao, Y., & Haridas, H.(2004). Security issues and solutions in distributed heterogeneous mobile database systems. Advances in Computers, 61, 107-198. https://doi.org/10.1016/S0065-2458(03)61003-X
  15. Jang, C. H., & Cha, Y. H.(2021). A Study on the Determinants of Personal Information Protection Activities: With a Focus on Personal Information Managers. Informatization Policy, 28(1), 64-76. https://doi.org/10.22693/NIAIP.2021.28.1.064
  16. Jung, J. H., & Kim, J. S.(2015). Medical information security issues according to the U-health care environment. Journal of Korea Multimedia Society, 19(3), 36-41.
  17. Kang, M. S., Kim, T. S., & Kim, T. Y.(2019). Effects of Information Security Education on the Practice of Information Security for the Youth. Journal of Information Technology Applications & Management, 26(2), 27-40.
  18. Kim, H. D., & Joo, A. R.(2021). Prerequisites on Smart Healthcare in the Perspective of Service Design: Focusing on the Elderly Experience Case. Journal of Information Technology Applications & Management, 28(3) 49-58.
  19. Kim, K. H.(2016). A Constitutional Study on the Protection of Personal Health Information: With the focus on the protection of personal health information in the public sector. Ajou Law Review, 10(2), 1-40. https://doi.org/10.21589/AJLAW.2016.10.2.1
  20. Kim, Y. H., & Ahn, B. G.(2018). A Study on the Cost-Effective Security System for SME Hospital Acceptability in Convergence Medical Environment. Journal of Convergence Security, 18(5), 75-81.
  21. Kim, Y. S., & Jung, J. J.(2019). A Study on e-Healthcare Business Model: Focusing on Business Ecosystem Approach. Asia-Pacific Journal of Business Venturing and Entrepreneurship, 14(1), 167-185. https://doi.org/10.16972/APJBVE.14.1.201902.167
  22. Kim, Y. S.(2021.10.27.). In February 2020, after the revision of the medical law, a total of 25 hospitals were hacked... 8 general hospitals or higher. Medical World News. http://medicalworldnews.co.kr/news/view.php?idx=1510945760.
  23. Kokolakis, S.(2017). Privacy attitudes and privacy behaviour: A review of current research on the privacy paradox phenomenon. Computers & Security, 64, 122-134. https://doi.org/10.1016/j.cose.2015.07.002
  24. Kwon, H. J., Kim, H., & Choi, J. W.(2018). A Blockchain Application for Personal health information: Focusing on Private Block Scheme. Knowledge Management Review, 19(4), 119-131. https://doi.org/10.15813/KMR.2018.19.4.007
  25. Lee, H. J.(2014). The Legislation on the Personal Medical Information Protection Law. Korean Journal of Medicine and Law, 22(1), 177-208. https://doi.org/10.17215/kaml.2014.06.22.1.177
  26. Lee, N. K., & Lee, J. O.(2015). A Study on the Architecture of Cloud Hospital Information System for Small and Medium Sized Hospitals. The Journal of Society for e-Business Studies, 20(3), 89-112. https://doi.org/10.7838/JSEBS.2015.20.3.089
  27. Lee, S. K., Park, S. C., Seo, E. H., & Koh, J.(2020). An Analysis of Stakeholder Issues in the Implementation of Telemedicine Services: Based on Grounded Theory. Knowledge Management Review, 21(4), 1-19. https://doi.org/10.15813/KMR.2020.21.4.001
  28. Lee, S. M., Lee, S. G., & Yoo, S.(2004). An integrative model of computer abuse based on social control and general deterrence theories. Information & Management, 41(6), 707-718. https://doi.org/10.1016/j.im.2003.08.008
  29. Lim, S. H., & Kim, Y. T.(2015). Lean Startup Application Study in the Healthcare Industrial point of View: The Case of Humedix Corporation. Asia-Pacific Journal of Business Venturing and Entrepreneurship, 10(3), 99-109. https://doi.org/10.16972/APJBVE.10.3.201506.99
  30. Milne, S., Sheeran, P., & Orbell, S.(2000). Prediction and intervention in health related behavior: A meta-analytic review of protection motivation theory. Journal of Applied Social Psychology, 30(1), 106-143. https://doi.org/10.1111/j.1559-1816.2000.tb02308.x
  31. Ng, B., Kankanhalli, A., & Xu, Y. C.(2009). Studying users' computer security behavior: A health belief perspective. Decision Support Systems, 46(4), 815-825. https://doi.org/10.1016/j.dss.2008.11.010
  32. Park, A. R., Song, J. M., & Lee, S. B.(2020). Healthcare service analysis using big data. Journal of The Korea Society of Computer and Information, 25(4), 149-156. https://doi.org/10.9708/JKSCI.2020.25.04.149
  33. Park, G. H.(2021.10.26.). Proposed amendment to the Medical Act to protect medical information. Korea Information and Communication Newspaper, https://www.koit.co.kr/news/articleView.html?idxno=90215.
  34. Park, M. J., Chai, S. M., & Lee, M. J.(2018). Legal Issues of Blockchain in Personal Information Protection: Based on GDPR and Personal Information Protection Act. Journal of Information Technology Applications & Management, 25(2), 133-146.
  35. Peppard, J., & Ward, J.(2016). The strategic management of information systems: Building a digital strategy. John Wiley & Sons.
  36. Rippetoe, P. A., & Rogers, R. W.(1987). Effects of components of protection-motivation theory on adaptive and maladaptive coping with a health threat. Journal of Personality and Social Psychology, 52(3), 596. https://doi.org/10.1037/0022-3514.52.3.596
  37. Rogers, R. W.(1983). Cognitive and psychological processes in fear appeals and attitude change: A revised theory of protection motivation. Social Psychophysiology.
  38. So, H. J., & Kwahk, K. Y.(2021). Motivational Factors Affecting Intention to Use Mobile Health Apps: Focusing on Regulatory Focus Tendency and Privacy Calculus Theory. Knowledge Management Review, 22(2), 33-53. https://doi.org/10.15813/KMR.2021.22.2.003
  39. Solove, D. J., & Schwartz, P.(2014). Information privacy law. Wolters Kluwer.
  40. Song, Y. J., Kim, M. H., & Choi, S. J.(2019). A Study on Consumers' Responses to Shopping Chatbot: The Effects of Agent and Message Types. Jourmal of the HCI Society of Korea, 14(2), 71-81. https://doi.org/10.17210/jhsk.2019.05.14.2.71
  41. Um, H. M.(2021). e-Transformation Strategy of Data Integration Model: Long-Term Care Agency Case. Journal of Information Technology Applications & Management, 28(3), 23-30.
  42. Vance, A., Siponen, M., & Pahnila, S.(2012). Motivating IS security compliance: Insights from habit and protection motivation theory. Information & Management, 49(3-4), 190-198. https://doi.org/10.1016/j.im.2012.04.002
  43. Workman, M., Bommer, W. H., & Straub, D.(2008). Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in Human Behavior, 24(6), 2799-2816. https://doi.org/10.1016/j.chb.2008.04.005
  44. Wu, L., Li, J., & Fu, C.(2011). The adoption of mobile healthcare by hospital's professionals: An integrative perspective. Decision Support Systems, 51(3), 587-596. https://doi.org/10.1016/j.dss.2011.03.003
  45. Yang, J. M., Hyun, B. H., & Ok, J. W.(2020). A Study on the Function and Intention of the Health Care Application in the Analysis of Smartphone Usage Behavior. Asia-Pacific Journal of Business Venturing and Entrepreneurship, 15(4), 303-315. https://doi.org/10.16972/APJBVE.15.4.202008.303
  46. Yoon, U. J.(2012). Information security technology trend in u-healthcare service. Information & Communications Magazine, 29(10), 55-65.
  47. Youn, S.(2005). Teenagers' perceptions of online privacy and coping behaviors: A risk-benefit appraisal approach. Journal of Broadcasting & Electronic Media, 49(1), 86-110. https://doi.org/10.1207/s15506878jobem4901_6