Counterfeit compliance with the HIPAA security rule: A study of information system success

The intent of the security standards adopted by the Department of Health and Human Services (DHS) implementing some of the requirements of the Administrative Simplification (AS) subtitle of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was to improve Federal and private health care programs and to improve the effectiveness and efficiency of the health care industry by establishing a minimal level of protection for protected health information (PHI). In this study, registered nurses in an East North Central state were surveyed to determine how their attitudes toward HIPAA security controls affected their behavioral intention to comply with HIPAA security policies and procedures. Findings validated the use of the technology acceptance model (TAM) to study information system success when use of the system in question is expected. Second, findings report on the efficacy of threats on information system success. And lastly, findings discuss practices that are correlated with compliance with the HIPAA security rule.