Home

Find us on

Past Programs

	Keynote: Securing IT in Healthcare: Part III Patty Mechael mHealth Alliance May 16, 2013
	Keynote: SITH3, Technology-Enabled Remote Monitoring and Support Wendy Nilsen National Institutes of Health (NIH) May 17, 2013
	Intersection of mHealth and Behavioral Health SITH3 Workshop, Panel 1 May 17, 2013

Newsletter

ISTS Information Pamphlet

Search ISTS

Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA
info.ists@dartmouth.edu

Home > Projects > Health IT Security > TISH >

Economics and Risk Models
Thread 3

Confidential data hemorrhaging from health-care providers pose financial risks to firms and medical risks to patients. In this research thread, we are examining the consequences of data hemorrhages including privacy violations, medical fraud, financial identity theft, and medical identity theft. We also are exploring the types and sources of data hemorrhages.

Research

The Thread 3 team has collaborated with numerous members of industry and published several papers including:

Camp, L. Jean and M. Eric Johnson (2012), The Economics of Financial and Medical Identity Theft, Springer, New York.
Kwon, Juhee and M. Eric Johnson, "Security Resources, Capabilities and Cultural values: Links to Security Performance and Compliance," forthcoming in Proceedings of the Eleventh Workshop on the Economics of Information Security, Berlin Brandenburg Academy of Sciences, Berlin Germany, June 25-26, 2012.
Kwon, Juhee and M. Eric Johnson, "Proactive vs. Reactive Investment in the healthcare sector," Proceedings of the 22nd Workshop on Information Systems Economics, Shanghai, December 7-9, 2011.
Kwon, Juhee and M. Eric Johnson, "The Impact of Security Practices on Regulatory Compliance and Security Performance," Proceedings of the International Conference on Information Systems, Shanghai, December 4-8, 2011.
Appari, Ajit, Emily K. Carian, M. Eric Johnson, and Denise Anthony, "Medication Administration Quality and Health Information Technology: A National Study of US Hospitals," in Journal of the American Medical Informatics Association, Vol. 19, No. 3, 360-367. Published Online First 28 October 2011.
Juhee Kwon and M. Eric Johnson, "An Organizational Learning Perspective on Proactive vs. Reactive Investment in Information Security" The Tenth Workshop on Economics of Information Security (WEIS), George Mason University, Fairfax, Virginia, June 14-15, 2011.
M. Eric Johnson and Nicholas D. Willey, "Usability Failures and Healthcare Data Hemorrhages", in IEEE Security and Privacy, March/April 2011.
M. Eric Johnson and Nicholas Willey, "Healthcare Data Hemorrhages: Inadvertent Disclosure and HITECH" Proceedings from the IEEE Symposium on Security and Privacy, Oakland, California, May 16- 19, 2010.
Ajit Appari, Denise Anthony and M. Eric Johnson, "HIPAA Compliance: An Institutional Theory Perspective" in Proceedings of the 15th Americas Conference on Information Systems, San Francisco, CA, August 6-9, 2009.

News

Defending Cyberspace, Inside Supply Management, December 2011/January 2012, pages 20-23.
Human Security Weaker Than IT Security, Finextra, November 14, 2011.
Opinion Piece Outlines Four Steps for Greater Security in Health IT, iHealthBeat, September 27, 2011.
Health-Care Industry: Heal Thyself, The Wall Street Journal, September 26, 2011.
Corporate Security Chiefs Focus on 'Human' Side of Cybercrime, The Wall Street Journal, July 21, 2011.
The leaky corporation, The Economist, February 24, 2011.
Why Are Health Data Leaking Online? Bad Software, Study Says, The Wall Street Journal, February 3, 2011.
Complicated Software a Likely Reason for Data Leaks, Study Suggests, iHealthBeat, January 4, 2011.

Team

johnson

The Thread 3 team is led by Professor Eric Johnson of the Tuck School of Business. Other team members include Postdoctoral Research Fellows Ajit Appari and Juhee Kwon.