Find us on
ISTS Information Pamphlet
Institute for Security, Technology, and Society
Dartmouth College 6211 Sudikoff Laboratory Hanover, NH 03755 USA firstname.lastname@example.org
Economics and Risk Models
Confidential data hemorrhaging from health-care providers pose financial risks to firms and medical risks to patients. In this research thread, we are examining the consequences of data hemorrhages including privacy violations, medical fraud, financial identity theft, and medical identity theft. We also are exploring the types and sources of data hemorrhages.
The Thread 3 team has collaborated with numerous members of industry and published several papers including:
Camp, L. Jean and M. Eric Johnson (2012),
The Economics of Financial and Medical Identity Theft, Springer, New York. Kwon, Juhee and M. Eric Johnson, "Security Resources, Capabilities and Cultural values: Links to Security Performance and Compliance," forthcoming in
Proceedings of the Eleventh Workshop on the Economics of Information Security, Berlin Brandenburg Academy of Sciences, Berlin Germany, June 25-26, 2012. Kwon, Juhee and M. Eric Johnson, "
Proactive vs. Reactive Investment in the healthcare sector," Proceedings of the 22nd Workshop on Information Systems Economics, Shanghai, December 7-9, 2011. Kwon, Juhee and M. Eric Johnson, "
The Impact of Security Practices on Regulatory Compliance and Security Performance," Proceedings of the International Conference on Information Systems, Shanghai, December 4-8, 2011. Appari, Ajit, Emily K. Carian, M. Eric Johnson, and Denise Anthony, "
Medication Administration Quality and Health Information Technology: A National Study of US Hospitals," in Journal of the American Medical Informatics Association, Vol. 19, No. 3, 360-367. Published Online First 28 October 2011. Juhee Kwon and M. Eric Johnson, "
An Organizational Learning Perspective on Proactive vs. Reactive Investment in Information Security" The Tenth Workshop on Economics of Information Security (WEIS), George Mason University, Fairfax, Virginia, June 14-15, 2011. M. Eric Johnson and Nicholas D. Willey, "
Usability Failures and Healthcare Data Hemorrhages", in IEEE Security and Privacy, March/April 2011. M. Eric Johnson and Nicholas Willey, "
Healthcare Data Hemorrhages: Inadvertent Disclosure and HITECH" Proceedings from the IEEE Symposium on Security and Privacy, Oakland, California, May 16- 19, 2010. Ajit Appari, Denise Anthony and M. Eric Johnson, "
HIPAA Compliance: An Institutional Theory Perspective" in Proceedings of the 15th Americas Conference on Information Systems, San Francisco, CA, August 6-9, 2009. News
Defending Cyberspace, Inside Supply Management, December 2011/January 2012, pages 20-23.
Human Security Weaker Than IT Security, Finextra, November 14, 2011.
Opinion Piece Outlines Four Steps for Greater Security in Health IT, iHealthBeat, September 27, 2011.
Health-Care Industry: Heal Thyself, The Wall Street Journal, September 26, 2011.
Corporate Security Chiefs Focus on 'Human' Side of Cybercrime, The Wall Street Journal, July 21, 2011.
The leaky corporation, The Economist, February 24, 2011.
Why Are Health Data Leaking Online? Bad Software, Study Says, The Wall Street Journal, February 3, 2011.
Complicated Software a Likely Reason for Data Leaks, Study Suggests, iHealthBeat, January 4, 2011. Team
The Thread 3 team is led by Professor
Eric Johnson of the Tuck School of Business. Other team members include Postdoctoral Research Fellows Ajit Appari and Juhee Kwon.