CCE Theses and Dissertations

Date of Award


Document Type


Degree Name

Doctor of Philosophy (PhD)


College of Computing and Engineering


Souren Paul

Committee Member

Ling Wang

Committee Member

Inkyoung Hur


The digitization and transfer of patient records has increased the risk of patient data being improperly handled by healthcare organizations. In light of this growing concern, the United States government and state authorities have implemented various regulations to mitigate the privacy concerns. Beside privacy regulations, healthcare organizations have been forced by other pressures such as organization’s competitive pressures, resources, ethical responsibilities, and legitimacy to implement privacy safeguards. However, surveys show that healthcare organizations fail to achieve information privacy compliance. This study examined the creation of information privacy culture from the different occupational communities in healthcare organizations to help achieve information privacy compliance. This research applied the dynamic social impact theory (DSIT) and the theory explains how coherent structures of cultural elements are developed from the interactions of people located in the same spatial location. This study argues that interaction is important because healthcare professionals have different attitudes about each other’s field that requires cultural synergy to enable healthcare organizations to achieve HIPAA compliance practice. Survey data was collected from two healthcare organizations with one being exposed to information privacy message to its’ occupational communities and the other without being exposed to information privacy message to its employees to test the hypotheses. A total of 98 participants were included in Hospital A, and 83 participants were included in Hospital B. Gender was distributed between 86 females, 88 males, and 7 no response. Multiple linear regression analysis was used to test the relationships between the variables and determine the fitness of the research model. A series of independent sample t-tests were conducted to examine for differences in the scales by hospital. The findings supported the fundamental predictions of the study that communicating patients’ information privacy concerns as issue of importance to the occupational communities will lead to the development of information privacy belief and a positive attitude toward patient information privacy concerns. The information privacy attitude will have a positive impact in creating information privacy culture. Tolerance of diversity on the other hand, will have a positive effect on reducing job tensions between the different groups. It was finally predicted that the coherent culture created, and reduced tension will have a positive impact on collective HIPAA compliance practice. The results supported all the key assumptions of the study and the findings were consistent with extant literature.