Abstract
German hospitals are required to comply with, and give due consideration to, the data protection laws and regulations that apply to their daily work. However, the data protection scandals that have occurred in Germany in recent years imply that this compliance on the part of hospital employees cannot be taken for granted. According to the literature available, psychological factors may account for this fact – in particular the variables of the theory of planned behaviour and the general deterrence theory. In keeping with these theories, this research has analysed the influences of the attitudes, subjective norms and perceived behavioural control on employees’ intentions to comply with data protection regulations. A survey was conducted among hospital employees in Germany to further identify the most significant factors influencing their intention to comply with data protection and the variance in intention between men and women. The results suggest that psychological factors such as attitude, subjective norms and perceived behaviour control are significantly influential and find significant differences between the genders in the intention to comply with data protection regulations. The results of this study demonstrate that there are practical implications that, if implemented, can lead to a higher standard of data protection compliance in hospitals in the future by taking the technical and organisational measures of awareness for data protection compliance into account.
Additional information
Notes on contributors
Michael Foth
Michael Foth, is an applicant of Ph.D at the UMIT – The Health & Life Sciences University in Austria. He worked since 15 years for data protection in Germany and other European countries. His research interests are the data protection and information security in the health service and the finance branch. He is admitted as a certified auditor for data protection for the European union.