Home

Find us on

Upcoming Events

My Computer Ate My Data, Changed My Students' Grades and Stole My Money
OR
What all faculty need to know about securing their information
March 16, 2012

Past Programs

	Real-Time Crowd Support for People with Disabilities Jeff Bigham University of Rochester November 15, 2011
	Cyber Operations and National Security A Panel Discussion October 20, 2011
	CISO vs. Adversary Healthcare Security Investment Game July 7, 2011
	Adventures in SCADA TROOPERS 2011 April 30, 2011

Newsletter - Summer/Fall 2010

Search ISTS

Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA
info.ists@dartmouth.edu

Home > Projects > Health IT Security > TISH >

Economics and Risk Models
Thread 3

Confidential data hemorrhaging from health-care providers pose financial risks to firms and medical risks to patients. In this research thread, we are examining the consequences of data hemorrhages including privacy violations, medical fraud, financial identity theft, and medical identity theft. We also are exploring the types and sources of data hemorrhages.

Research

The Thread 3 team has collaborated with numerous members of industry and published several papers including:

Kwon, Juhee and M. Eric Johnson, "Proactive vs. Reactive Investment in the healthcare sector," Proceedings of the 22nd Workshop on Information Systems Economics, Shanghai, December 7-9, 2011.
Kwon, Juhee and M. Eric Johnson, "The Impact of Security Practices on Regulatory Compliance and Security Performance," Proceedings of the International Conference on Information Systems, Shanghai, December 4-8, 2011.
Appari, Ajit, Emily K. Carian, M. Eric Johnson, and Denise Anthony (2011), "Medication Administration Quality and Health Information Technology: A National Study of US Hospitals," forthcoming in Journal of the American Medical Informatics Association. Published Online First 28 October 2011.
Juhee Kwon and M. Eric Johnson, "An Organizational Learning Perspective on Proactive vs. Reactive Investment in Information Security" The Tenth Workshop on Economics of Information Security (WEIS), George Mason University, Fairfax, Virginia, June 14-15, 2011.
M. Eric Johnson and Nicholas D. Willey, "Usability Failures and Healthcare Data Hemorrhages", in IEEE Security and Privacy, March/April 2011.
M. Eric Johnson and Nicholas Willey, "Healthcare Data Hemorrhages: Inadvertent Disclosure and HITECH" Proceedings from the IEEE Symposium on Security and Privacy, Oakland, California, May 16- 19, 2010.
Ajit Appari, Denise Anthony and M. Eric Johnson, "HIPAA Compliance: An Institutional Theory Perspective" in Proceedings of the 15th Americas Conference on Information Systems, San Francisco, CA, August 6-9, 2009.

News

Defending Cyberspace, Inside Supply Management, December 2011/January 2012, pages 20-23.
Human Security Weaker Than IT Security, Finextra, November 14, 2011.
Opinion Piece Outlines Four Steps for Greater Security in Health IT, iHealthBeat, September 27, 2011.
Health-Care Industry: Heal Thyself, The Wall Street Journal, September 26, 2011.
Corporate Security Chiefs Focus on 'Human' Side of Cybercrime, The Wall Street Journal, July 21, 2011.
The leaky corporation, The Economist, February 24, 2011.
Why Are Health Data Leaking Online? Bad Software, Study Says, The Wall Street Journal, February 3, 2011.
Complicated Software a Likely Reason for Data Leaks, Study Suggests, iHealthBeat, January 4, 2011.

Team

johnson

The Thread 3 team is led by Professor Eric Johnson of the Tuck School of Business. Other team members include Postdoctoral Research Fellows Ajit Appari and Juhee Kwon.