Abstract
Employees are generally responsible for activities that occur on the computer networks as well as the maintenance of confidential patient and administrative records on most health care information systems (HISs). Employees’ passwords are among the first in the line of defense against system intrusions. The purpose of this paper is twofold. First, we address the security threats and consequences of employee’s password choices; second we investigate health care workers passwords in relationship to their safety. Results of this study indicated that the majority of passwords created by employees have significant security problems and could allow for severe damage to the information system. The study should indicate to health care organizations the need for a comprehensive and continuous security training program.
Additional information
Notes on contributors
B. Dawn Medlin
B. Dawn Medlin is currently serving as an Associate Professor and Acting Chair in the Department of Computer Information Systems in the John A. Walker College of Business at Appalachian State University in Boone, North Carolina. She earned her doctorate at Virginia Polytechnic Institute and State University. Her teaching and research activities have been in the area of information technology, specifically in security and privacy issues related to health care institutions and retailing organizations. Dr. Medlin’s research articles have appeared in journals such as the Information Systems Security: the (ISC)2 Journal and the Journal of Information Privacy and Security, International Journal of Information Technology Management, Journal of Computer Information Systems, Int. Journal of Management, among other refereed journals.
Adriana Romaniello
Adriana Romaniello is currently serving as an Associate Professor in the Department of Management in Universidad Rey Juan Carlos in Madrid, Spain. She earned her PhD at Universidad Complutense de Madrid. Her teaching and research activities have been in the area of knowledge management, strategic management and information and communication technology. She has participated in many international conferences and in various projects supported with governmental funds.