Advanced search
Publication Cover
Journal of Information Privacy and Security Volume 10, 2014 - Issue 4: Behavioral Information Security Research with Emerging Technologies
Journal homepage
146
Views
7
CrossRef citations to date
0
Altmetric
Articles

Organizational Privacy Strategy: Four Quadrants of Strategic Responses to Information Privacy and Security Threats

Rachida F. ParksUniversity of Arkansas at Little RockCorrespondence[email protected]
&
Rolf T. WigandUniversity of Arkansas at Little Rock
Pages 203-224 | Published online: 07 Jan 2015

REFERENCES

  • Appari, A., & Johnson, M. E. (2010). Information security and privacy in healthcare: Current state of research. International Journal of Internet and Enterprise Management, 6(4), 279 –314.
  • Baker, W., Hutton, A., Hylender, C. D., Pamula, J., Porter, C., & Spitler, M. (2011). 2011 Data breach investigations report (pp. 1–72). Verizon RISK team. Retrieved from: http://www.verizonbusiness.com/resources/reports/rp_databreach-investigations-report-2011_en_xg.pdf
  • Bélanger, F., & Crossler, R. E. (2011). Privacy in the digital age: A review of information privacy research in information systems. MIS Quarterly, 35(4), 1017 –1042.
  • Chabrow, E. (2013). Regulations’ impact on data breach costs. Analyzing latest Ponemon/Symantec cost of data breach study. Retrieved from http://www.bankinfosecurity.com/interviews/regulations-impact-on-data-breach-costs-i-1953
  • Chan, Y. E., & Greenaway, K. E. (2005). Theoretical explanations for firms’ information privacy behaviors. Journal of the Association for Information Systems, 6(6), 7.
  • CHIME. (2014). CHIME–College of Healthcare Information Management Executives. http://www.cio-chime.org/
  • Corbin, J., & Strauss, A. (2008). Basics of qualitative research: Techniques and procedures for developing grounded theory (3rd ed.). Newbury Park, CA: Sage.
  • Culnan, M. J., & Williams, C. C. (2009). How ethics can enhance organizational privacy: Lessons From the Choicepoint and TJX data breaches. MIS Quarterly, 33(4), 673 –687.
  • Delmas, M. A., & Toffel, M. W. (2008). Organizational responses to environmental demands: Opening the black box. Strategic Management Journal, 29(10), 1027 –1055.
  • Eisenhardt, K. M. (1989). Building theories from case study research. Academy of Management Review, 14(4), 532 –550.
  • Etherington, L. D., & Richardson, A. J. (1994). Institutional pressures on university accounting education in Canada. Contemporary Accounting Research, 10(S1), 141 –162.
  • Glaser, B. G., & Strauss, A. L. (1967). The discovery of grounded theory: Strategies for qualitative research. Chicago, IL: Aldine.
  • Golden-Biddle, K., & Locke, K. (2007). Composing qualitative research: Los Angeles, CA: Sage Publications, Inc.
  • Goodstein, J. D. (1994). Institutional pressures and strategic responsiveness: Employer involvement in work-family issues. Academy of Management Journal, 37(2),350 –382.
  • Greenaway, K. E., & Chan, Y. E. (2005). Theoretical explanations for firms’ information privacy behaviors: Journal of the Association for Information Systems, 6(6), 171 –198.
  • Healthcare Information and Management Systems Society (HIMSS). (2014). HIMSS14 annual conference and exhibition. Retrieved from http://www.himssconference.org/
  • Kalam, A. A. E., Baida, R. E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., … Trouessin, G. (2003). Organization-based access control (pp. 120–131). In Policies for distributed systems and networks, 2003—Proceedings of POLICY 2003: IEEE 4th International Workshop. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1206966
  • Klein, H. K., & Myers, M. D. (1999). A set of principles for conducting and evaluating interpretive field studies in information systems. MIS Quarterly, 23(1), 67 –93.
  • Köseoglu, M. A., Topaloglu, C., Parnell, J. A., & Lester, D. L. (2013). Linkages among business strategy, uncertainty and performance in the hospitality industry: Evidence from an emerging economy. International Journal of Hospitality Management, 34, 81 –91.
  • Kotulic, A. G., & Clark, J. G. (2004). Why there aren’t more information security research studies. Information & Management, 41(5), 597 –607.
  • Lewin, K. (1945). The Research Center for Group Dynamics at Massachusetts Institute of Technology. Sociometry, 8, 126 –135.
  • Lincoln, Y. S., & Guba, E. G. (1985). Naturalistic inquiry. Los Angeles, CA: Sage Publications, Inc.
  • Milberg, S. J., Smith, H. J., & Burke, S. J. (2000). Information privacy: Corporate management and national regulation. Organization Science, 11(1), 35 –57.
  • Miles, R. E., & Snow, C. C. (1978). Organizational strategy, structure, and process. New York: McGraw Hill.
  • Motta, G. H., & Furuie, S. S. (2003). A contextual role-based access control authorization model for electronic patient record. IEEE Transactions on Information Technology in Biomedicine, 7, 202 –207.
  • Munir, R., Perera, S., & Baird, K. (2011). An analytical framework to examine changes in performance measurement systems within the banking sector. Australasian Accounting Business and Finance Journal, 5(1), 93 –115.
  • Oliver, C. (1991). Strategic responses to institutional processes. Academy of Management Review, 16(1), 145 –179.
  • Parks, R. F. (2012). A study of organizational responses to information privacy threats in the healthcare context. Pennsylvania State University. Retrieved from https://etda.libraries.psu.edu/paper/15206/12269
  • Parnell, J. A. (2013). Uncertainty, generic strategy, strategic clarity, and performance of retail SMEs in Peru, Argentina, and the United States. Journal of Small Business Management, 51(2), 215 –234.
  • Pavlou, P. A. (2011). State of the information privacy literature: Where are we now and where should we go. MIS Quarterly, 35(4), 977 –988.
  • Pedersen, E. R. G., & Gwozdz, W. (2013). From resistance to opportunity-seeking: Strategic responses to institutional pressures for corporate social responsibility in the Nordic fashion industry. Journal of Business Ethics, 119(2),245 –264.
  • Peng, M. W., & Chen, H. (2011). Strategic responses to domestic and foreign institutional pressures. International Studies of Management and Organization, 41(2), 88 –105.
  • Ploesser, K., Peleg, M., Soffer, P., Rosemann, M., & Recker, J. C. (2009). Learning from context to improve business processes. BPTrends, 6(1), 1 –7.
  • Privacy Rights Clearinghouse (PRC). (2014). Chronology of data breaches. http://www.privacyrights.org/data-breach
  • Rosemann, M., Recker, J., & Flender, C. (2008). Contextualisation of business processes. International Journal of Business Process Integration and Management, 3(1), 47 –60.
  • Schultze, U., & Avital, M. (2010). Designing interviews to generate rich data for information systems research. Information and Organization, 21(1), 1 –16.
  • Shortell, S. M., & Zajac, E. J. (1990). Perceptual and archival measures of Miles and Snow’s strategic types: A comprehensive assessment of reliability and validity. Academy of Management Journal, 33(4), 817 –832.
  • Smith, H. J. (1993). Privacy policies and practices: Inside the organizational maze. Communications of the ACM, 36(12), 104 –122.
  • Smith, H. J., Dinev, T., & Xu, H. (2011). Information privacy research: An interdisciplinary review. MIS Quarterly, 35(4), 989 –1016.
  • Strauss, A., & Corbin, J. (1998). Basics of qualitative research: Techniques and procedures for developing grounded theory (2nd ed.). Thousand Oaks, CA: Sage.
  • Urquhart, C., Lehmann, H., & Myers, M. D. (2010). Putting the “theory” back into grounded theory: Guidelines for grounded theory studies in information systems. Information Systems Journal, 20(4), 357 –381.
  • U.S. Department of Health and Human Services (HHS). (2014). Breaches affecting 500 or more individuals. Washington, DC: HHS. Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
  • Zahra, S. A. (1987). Corporate strategic types, environmental perceptions, managerial philosophies, and goals: An empirical study. Akron Business and Economic Review, 18(2), 64 –77.
  • Zahra, S. A., & Pearce, J. A. (1990). Research evidence on the Miles-Snow typology. Journal of Management, 16(4), 751 –768.
  • Zajac, E. J., & Shortell, S. M. (1989). Changing generic strategies: Likelihood, direction, and performance implications. Strategic Management Journal, 10(5), 413 –430.
  • Zinn, J. S., Spector, W. D., Weimer, D. L., & Mukamel, D. B. (2008). Strategic orientation and nursing home response to public reporting of quality measures: An application of the Miles and Snow Typology. Health Services Research, 43(2), 598 –615.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.