Date of Award
Doctor of Philosophy (PhD)
College of Computing and Engineering
The Health Insurance Portability and Accountability Act (HIPAA) Security Rule (SR) mandate provides a national standard for the safeguard of electronically protected health information (ePHI). SR compliance enforcement efforts started in 2005; however, U.S.-based covered entities and business associates (CEs & BAs) remain challenged to comply with the HIPAA SR regulatory strategy. Although there is a significant volume of academic research on HIPAA compliance, research specific to the SR is sparse.
This study addressed the research gap by designing a unique conceptual model that assessed factors affecting CEs & BAs compliance (or non-compliance) with the SR regulatory strategy. The primary goal of this research study was to develop and empirically measure how motive, characteristics and capacity, regulator respect, and deterrence factors impacted the perceived likelihood of compliance with HIPAA SR in healthcare CEs & BAs operating in the United States. Multiple linear regression determined whether motive, characteristics and capacity, regulator respect, or deterrence factors better predicted the perceived likelihood of compliance with HIPAA SR, rather than any single factor alone. Only characteristics and capacity were a statistically significant predictor of the perceived likelihood of compliance. Motive and characteristics and capacity were significantly and positively correlated with the perceived likelihood of compliance with HIPAA SR. A negative correlation existed between the perceived likelihood of compliance with HIPAA SR and deterrence factors. There was no correlation between a perceived likelihood of compliance with HIPAA SR regulator respect. This research contributes toward filling the previous knowledge gap and providing insight into the factors and challenges CEs & BAs face in meeting compliance mandates.
James Furstenberg. 2020. An Investigation of the Factors that Contribute to the Perceived Likelihood of Compliance with the HIPAA Security Rule among Healthcare Covered Entities and Business Associates. Doctoral dissertation. Nova Southeastern University. Retrieved from NSUWorks, College of Computing and Engineering. (1107)