{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,13]],"date-time":"2026-02-13T09:29:48Z","timestamp":1770974988227,"version":"3.50.1"},"reference-count":60,"publisher":"Springer Science and Business Media LLC","issue":"11","license":[{"start":{"date-parts":[[2016,9,28]],"date-time":"2016-09-28T00:00:00Z","timestamp":1475020800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Med Syst"],"published-print":{"date-parts":[[2016,11]]},"DOI":"10.1007\/s10916-016-0591-5","type":"journal-article","created":{"date-parts":[[2016,9,28]],"date-time":"2016-09-28T07:17:03Z","timestamp":1475047023000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["The Impact of the Security Competency on \u201cSelf-Efficacy in Information Security\u201d for Effective Health Information Security in Iran"],"prefix":"10.1007","volume":"40","author":[{"given":"Ahmad Bakhtiyari","family":"Shahri","sequence":"first","affiliation":[]},{"given":"Zuraini","family":"Ismail","sequence":"additional","affiliation":[]},{"given":"Shahram","family":"Mohanna","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,9,28]]},"reference":[{"key":"591_CR1","unstructured":"Myler E., and Broadbent G., ISO 17799: Standard for security. Inf. Manag. J., 2006."},{"key":"591_CR2","unstructured":"Health Information Systems, 27 07 2009. [Online]. Available: http:\/\/go.worldbank.org\/XFTO56S8S0 ."},{"issue":"1","key":"591_CR3","first-page":"246","volume":"7","author":"M Sushma","year":"2011","unstructured":"Sushma, M., Robert, M., and Chasalow, L., Information security effectiveness: a research framework. Issues in Inf. Syst. 7(1):246\u2013255, 2011.","journal-title":"Issues in Inf. Syst."},{"issue":"3","key":"591_CR4","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1287\/isre.1.3.255","volume":"1","author":"DW Straub","year":"1990","unstructured":"Straub, D.W., Effective IS security. Inf. Syst. Res. 1(3):255\u2013276, 1990.","journal-title":"Inf. Syst. Res."},{"issue":"1","key":"591_CR5","first-page":"2","volume":"14","author":"S Dzazali","year":"2012","unstructured":"Dzazali, S., and Zolait, A.H., Assessment of information security maturity: an exploration study of Malaysian public service organizations. J. Sys. Inf. Technol. 14(1):2\u20132, 2012.","journal-title":"J. Sys. Inf. Technol."},{"issue":"1","key":"591_CR6","first-page":"106","volume":"7","author":"JH Pardue","year":"2011","unstructured":"Pardue, J.H., and Patidar, P., Threats to healthcare date: a threat tree for risk assessment. Inf. Syst. 7(1):106\u2013113, 2011.","journal-title":"Inf. Syst."},{"key":"591_CR7","unstructured":"Landry, J.P., Pardue, J.H., Johnsten, T., Campbell, M., and Patidar, P., A threat tree for health information security and privacy. In: 17th American Conference on Information Systems (AMCIS 2011), Detroit, 4\u20138 August, 2011."},{"key":"591_CR8","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1016\/j.dss.2014.06.008","volume":"66","author":"AM Chu","year":"2014","unstructured":"Chu, A.M., and Chau, P.Y., Development and validation of instruments of information security deviant behavior. Decis. Support. Syst. 66:93\u2013101, 2014.","journal-title":"Decis. Support. Syst."},{"key":"591_CR9","doi-asserted-by":"crossref","unstructured":"Hagen, J.M., The contributions of information security culture and human relations to the improvement of situational awareness. In: Situational awareness in computer network defense: Principles, methods and applications. Cyril Onwubiko: UK, 2012","DOI":"10.4018\/978-1-4666-0104-8.ch002"},{"issue":"4","key":"591_CR10","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1504\/IJIEM.2010.035624","volume":"6","author":"A Appari","year":"2010","unstructured":"Appari, A., and Johnson, M.E., Information security and privacy in healthcare: current state of research. Int. J. Internet Entrep. Manag. 6(4):279\u2013314, 2010.","journal-title":"Int. J. Internet Entrep. Manag."},{"issue":"2","key":"591_CR11","first-page":"117","volume":"7","author":"T Asai","year":"2011","unstructured":"Asai, T., and Fernando, S., Human-related problems in information security in Thai cross-cultural environments. Contemporary management. Restor. Dent. 7(2):117\u2013142, 2011.","journal-title":"Restor. Dent."},{"issue":"3","key":"591_CR12","doi-asserted-by":"crossref","first-page":"251","DOI":"10.1108\/09685220810893207","volume":"16","author":"Q Ma","year":"2008","unstructured":"Ma, Q., Johnston, A.C., and Pearson, J.M., Information security management objectives and practices: a parsimonious framework. Inf. Manage. Comput. Secur. 16(3):251\u2013270, 2008.","journal-title":"Inf. Manage. Comput. Secur."},{"key":"591_CR13","unstructured":"Sedlack, D.J., and Tejay, G.P.S., Improving information security through technological frames of reference. In: Southern association for information systems conference: Atlanta, GA, USA, 2011, pp 153\u2013157."},{"issue":"8","key":"591_CR14","doi-asserted-by":"crossref","first-page":"816","DOI":"10.1016\/j.cose.2009.05.008","volume":"28","author":"HS Rhee","year":"2009","unstructured":"Rhee, H.S., Kim, C., and Ryu, Y.U., Self-efficacy in information security: Its Influence on End Users\u2019 information security practice behavior. Comput. Secur. 28(8):816\u2013826, 2009.","journal-title":"Comput. Secur."},{"key":"591_CR15","doi-asserted-by":"crossref","unstructured":"Al-Omari, A., El-Gayar, O., and Deokar, A., Security policy compliance: user acceptance perspective. In: 45th Hawaii international conference on system sciences (HICSS). IEEE: USA, 2012, pp 3317\u20133326.","DOI":"10.1109\/HICSS.2012.516"},{"issue":"3","key":"591_CR16","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1016\/j.ijinfomgt.2010.06.001","volume":"31","author":"NF Doherty","year":"2011","unstructured":"Doherty, N.F., Anastasakis, L., and Fulford, H., Reinforcing the security of corporate information resources: a critical review of the role of the acceptable use policy. Int. J. Inf. Manag. 31(3):201\u2013209, 2011.","journal-title":"Int. J. Inf. Manag."},{"issue":"4","key":"591_CR17","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1080\/07421222.2014.1001257","volume":"31","author":"S Chatterjee","year":"2015","unstructured":"Chatterjee, S., Sarker, S., and Valacich, J.S., The behavioral roots of information systems security: exploring key factors related to unethical IT use. J. Manag. Inf. Syst. 31(4):49\u201387, 2015.","journal-title":"J. Manag. Inf. Syst."},{"key":"591_CR18","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1007\/s10551-008-9909-7","volume":"89","author":"J D\u2019Arcy","year":"2009","unstructured":"D\u2019Arcy, J., and Hovav, A., Does one size fit all? Examining the differential effects of IS security countermeasures. J. Bus. Ethics. 89:59\u201371, 2009.","journal-title":"J. Bus. Ethics"},{"issue":"7","key":"591_CR19","doi-asserted-by":"crossref","first-page":"493","DOI":"10.1016\/j.cose.2009.07.001","volume":"28","author":"KJ Knapp","year":"2009","unstructured":"Knapp, K.J., Franklin Morris, R., Marshall, T.E., and Byrd, T.A., Information security policy: an organizational-level process model. Comput. Secur. 28(7):493\u2013508, 2009.","journal-title":"Comput. Secur."},{"issue":"8","key":"591_CR20","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1145\/257874.257896","volume":"40","author":"TC Rindfleisch","year":"1997","unstructured":"Rindfleisch, T.C., Privacy, information technology, and health care. Commun. ACM. 40(8):92\u2013100, 1997.","journal-title":"Commun. ACM"},{"issue":"1","key":"591_CR21","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10916-014-0181-3","volume":"39","author":"B Mart\u00ednez-P\u00e9rez","year":"2015","unstructured":"Mart\u00ednez-P\u00e9rez, B., De La Torre-D\u00edez, I., and L\u00f3pez-Coronado, M., Privacy and Security in Mobile Health Apps: A Review and Recommendations. J. Med. Syst. 39(1):1\u20138, 2015.","journal-title":"J. Med. Syst."},{"issue":"2","key":"591_CR22","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1377\/hlthaff.28.2.428","volume":"28","author":"L Dimitropoulos","year":"2009","unstructured":"Dimitropoulos, L., and Rizk, S., A state-based approach to privacy and security for interoperable health information exchange. Health Aff. 28(2):428\u2013434, 2009.","journal-title":"Health Aff."},{"key":"591_CR23","unstructured":"Benhocine, A., Laouamer, L., and Hadji, H., Toward an efficient security: a new methodology for information security. J. Econ. Bus. 1(1), 2011."},{"issue":"4","key":"591_CR24","first-page":"401","volume":"26","author":"C Yoon","year":"2013","unstructured":"Yoon, C., and Kim, H., Understanding computer security behavioral intention in the workplace: an empirical study of korean firms. Inf. Technol. 26(4):401\u2013419, 2013.","journal-title":"Inf. Technol."},{"issue":"8","key":"591_CR25","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10916-015-0259-6","volume":"39","author":"H Arshad","year":"2015","unstructured":"Arshad, H., Teymoori, V., Nikooghadam, M., and Abbassi, H., On the Security of aTwo-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems. J. Med. Syst. 39(8):1\u201310, 2015.","journal-title":"J. Med. Syst."},{"issue":"6","key":"591_CR26","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10916-013-9984-x","volume":"37","author":"\u00d6M Ayd\u0131n","year":"2013","unstructured":"Ayd\u0131n, \u00d6.M., and Chouseinoglou, O., Fuzzy assessment of health information system users\u2019 security awareness. J. Med. Syst. 37(6):1\u201313, 2013.","journal-title":"J. Med. Syst."},{"key":"591_CR27","doi-asserted-by":"crossref","unstructured":"Wohn, D.Y., Solomon, J., Sarkar, D., Vaniea, K.E., Factors related to privacy concerns and protection behaviors regarding behavioral advertising. In: proceedings of the 33rd annual ACM conference extended abstracts on human factors in computing systems ACM, 2015, pp 1965\u20131970.","DOI":"10.1145\/2702613.2732722"},{"key":"591_CR28","unstructured":"Bakhtiyari Shahri, A., and Ismail, Z., Human factors as the biggest threats to security of health information systems. Int. J. Commun. J. Comput. Inf. Technol. (IJCIT) 2(1), 2012."},{"issue":"12","key":"591_CR29","first-page":"226","volume":"6","author":"AB Shahri","year":"2012","unstructured":"Shahri, A.B., Ismail, Z., and Rahim, N.Z.A.B., Security effectiveness in health information system: through improving the human factors by education and training. Aust. J. Basic Appl. Sci. 6(12):226\u2013233, 2012.","journal-title":"Aust. J. Basic Appl. Sci."},{"issue":"2","key":"591_CR30","doi-asserted-by":"crossref","first-page":"124","DOI":"10.1016\/j.cose.2004.07.001","volume":"24","author":"JM Stanton","year":"2005","unstructured":"Stanton, J.M., Stam, K.R., Mastrangelo, P., and Jolton, J., Analysis of End User Security Behaviors. Comput. Secur. 24(2):124\u2013133, 2005.","journal-title":"Comput. Secur."},{"key":"591_CR31","unstructured":"Sandoval, R., Information technology change and the effects on user behavior and cyber security. 2015."},{"issue":"4","key":"591_CR32","doi-asserted-by":"crossref","first-page":"629","DOI":"10.1007\/s10916-009-9276-7","volume":"34","author":"M Farzandipour","year":"2010","unstructured":"Farzandipour, M., Sadoughi, F., Ahmadi, M., and Karimi, I., Security requirements and solutions in electronic health records: lessons learned from a comparative study. J. Med. Syst. 34(4):629\u2013642, 2010.","journal-title":"J. Med. Syst."},{"key":"591_CR33","volume-title":"Social Foundations of Thought and Action: A Social Cognitive Theory","author":"A Bandura","year":"1986","unstructured":"Bandura, A., Social Foundations of Thought and Action: A Social Cognitive Theory. Prentice Hall: Englewood Cliffs, NJ, 1986."},{"issue":"6","key":"591_CR34","doi-asserted-by":"crossref","first-page":"2799","DOI":"10.1016\/j.chb.2008.04.005","volume":"24","author":"M Workman","year":"2008","unstructured":"Workman, M., Bommer, W.H., and Straub, D., Security lapses and the omission of information security measures: a threat control model and empirical test. Comput. Hum. Behav. 24(6):2799\u20132816, 2008.","journal-title":"Comput. Hum. Behav."},{"issue":"2","key":"591_CR35","doi-asserted-by":"crossref","first-page":"189","DOI":"10.2307\/249688","volume":"19","author":"DR Compeau","year":"1995","unstructured":"Compeau, D.R., and Higgins, C.A., Computer self-efficacy: development of a measure and initial test. MIS Q. 19(2):189\u2013211, 1995.","journal-title":"MIS Q."},{"issue":"3","key":"591_CR36","doi-asserted-by":"crossref","first-page":"472","DOI":"10.1037\/0022-3514.58.3.472","volume":"58","author":"EM Ozer","year":"1990","unstructured":"Ozer, E.M., and Bandura, A., Mechanisms governing empowerment effects: a self-efficacy analysis. J. Pers. Soc. Psychol. 58(3):472, 1990.","journal-title":"J. Pers. Soc. Psychol."},{"issue":"1","key":"591_CR37","doi-asserted-by":"crossref","first-page":"9","DOI":"10.1016\/0149-7189(90)90004-G","volume":"13","author":"A Bandura","year":"1990","unstructured":"Bandura, A., Perceived self-efficacy in the exercise of control over AIDS infection. Eval. Program Plann. 13(1):9\u201317, 1990.","journal-title":"Eval. Program Plann."},{"issue":"8","key":"591_CR38","doi-asserted-by":"crossref","first-page":"982","DOI":"10.1287\/mnsc.35.8.982","volume":"35","author":"FD Davis","year":"1989","unstructured":"Davis, F.D., Bagozzi, R.P., and Warshaw, P.R., User acceptance of computer technology: a comparison of two theoretical models. Manag. Sci. 35(8):982\u20131003, 1989.","journal-title":"Manag. Sci."},{"issue":"3","key":"591_CR39","doi-asserted-by":"publisher","first-page":"49","DOI":"10.4018\/jhisi.2007070105","volume":"2","author":"D Lending","year":"2007","unstructured":"Lending, D., and Dillon, T.W., The Effects of Confidentiality on Nursing Self-Efficacy with Information Systems. Int. J. Health Inf. Manag. Int. J. Health Inf. Manag. Syst. Inf. 2(3):49\u201364, 2007. doi: 10.4018\/jhisi.2007070105 .","journal-title":"Int. J. Health Inf. Manag. Int. J. Health Inf. Manag. Syst. Inf"},{"key":"591_CR40","volume-title":"An investigation of factors that affect hipaa security compliance in academic medical centers","author":"J Brady","year":"2010","unstructured":"Brady, J., An investigation of factors that affect hipaa security compliance in academic medical centers. 3411810, Nova Southeastern University: Florida, USA, 2010."},{"issue":"8","key":"591_CR41","doi-asserted-by":"crossref","first-page":"1447","DOI":"10.1016\/j.ijnurstu.2007.06.004","volume":"44","author":"A Kartal","year":"2007","unstructured":"Kartal, A., and \u00d6zsoy, S.A., Validity and reliability study of the Turkish version of health belief model scale in diabetic patients. Int. J. Nurs. Stud. 44(8):1447\u20131458, 2007.","journal-title":"Int. J. Nurs. Stud."},{"issue":"4","key":"591_CR42","doi-asserted-by":"crossref","first-page":"815","DOI":"10.1016\/j.dss.2008.11.010","volume":"46","author":"BY Ng","year":"2009","unstructured":"Ng, B.Y., Kankanhalli, A., and YC, X., Studying users\u2019 computer security behavior: a health belief perspective. Decis. Support. Syst. 46(4):815\u2013825, 2009.","journal-title":"Decis. Support. Syst."},{"key":"591_CR43","unstructured":"Mussa, C.C., A prudent access control behavioral intention model for the healthcare domain. Nova Southeastern University, 2012."},{"issue":"8","key":"591_CR44","doi-asserted-by":"crossref","first-page":"683","DOI":"10.1016\/j.ijhcs.2006.01.003","volume":"64","author":"JC Roca","year":"2006","unstructured":"Roca, J.C., Chiu, C.M., and Mart\u00ednez, F.J., Understanding e-learning continuance intention: an extension of the technology acceptance model. Int. J. Hum. Comput. Sci. Stud. 64(8):683\u2013696, 2006.","journal-title":"Int. J. Hum. Comput. Sci. Stud."},{"key":"591_CR45","doi-asserted-by":"crossref","unstructured":"Crossler, R.E., and B\u00e9langer, F., The effect of computer self-efficacy on security training effectiveness. In: 3rd annual conference on Information security curriculum development. ACM: Kennesaw, GA, 2006, pp 124\u2013129","DOI":"10.1145\/1231047.1231075"},{"key":"591_CR46","doi-asserted-by":"crossref","unstructured":"Enrici, I., Ancilli, M., and Lioy, A., A psychological approach to information technology security. In: 3rd conference on system interactions human, Torino, Italy, 13-15 may 2010. IEEE:459\u2013466, 2010.","DOI":"10.1109\/HSI.2010.5514528"},{"issue":"7","key":"591_CR47","first-page":"394","volume":"11","author":"H Liang","year":"2010","unstructured":"Liang, H., and Xue, Y., Understanding security behaviors in personal computer usage: a threat avoidance perspective. J. Assoc. Inf. Syst. 11(7):394\u2013413, 2010.","journal-title":"J. Assoc. Inf. Syst."},{"key":"591_CR48","unstructured":"Ennis, M.R., Competency models: a review of the literature and the role of the employment and training administration (ETA). US Department of Labor, 2008, pp 1\u201324."},{"key":"591_CR49","doi-asserted-by":"crossref","unstructured":"Yeratziotis, A., Van Greunen, D., Pottas, D., Recommendations for usable security in online health social networks. In: 6th international conference on pervasive computing and applications (ICPCA), Port Elizabeth, 26-28 Oct. 2011. IEEE, 2011, pp 220\u2013226.","DOI":"10.1109\/ICPCA.2011.6106508"},{"issue":"3","key":"591_CR50","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1080\/01449290701679361","volume":"29","author":"DL Huang","year":"2010","unstructured":"Huang, D.L., Patrick Rau, P.L., and Salvendy, G., Perception of Information Security. Behav. Inform. Technol. 29(3):221\u2013232, 2010. doi: 10.1080\/01449290701679361 .","journal-title":"Behav. Inform. Technol."},{"issue":"5","key":"591_CR51","doi-asserted-by":"crossref","first-page":"381","DOI":"10.1080\/01449290500102144","volume":"25","author":"P Carayon","year":"2006","unstructured":"Carayon, P., Schoepke, J., Hoonakker, P., Haims, M.C., and Brunette, M., Evaluating Causes and Consequences of Turnover Intention among IT Workers: The Development of a Questionnaire Survey. Behav. Inform. Technol. 25(5):381\u2013397, 2006.","journal-title":"Behav. Inform. Technol."},{"issue":"3","key":"591_CR52","first-page":"18","volume":"1","author":"M Chan","year":"2005","unstructured":"Chan, M., Woon, I., and Kankanhalli, A., Perceptions of information security in the workplace: Linking information security climate to compliant behavior. J. Info. Priv. Sec. 1(3):18\u201341, 2005.","journal-title":"J. Info. Priv. Sec."},{"key":"591_CR53","unstructured":"Taneja, A., Determinants of adverse usage of information systems assets: a study of antecedents of is exploit in organizations. The University of Texas at Arlington, 2007."},{"key":"591_CR54","doi-asserted-by":"crossref","unstructured":"Lewis, B.R., Templeton, G.F., and Byrd, T.A., A methodology for construct development in MIS research. Eur. J. Inf. Syst. 14(4):388\u2013400, 2005.","DOI":"10.1057\/palgrave.ejis.3000552"},{"key":"591_CR55","unstructured":"Hair, J., Black, W., Babin, B., Anderson, R., and Tatham, R., Multivariate data analysis. (7th). Prentice Hall: New Jersey, 2010."},{"issue":"3","key":"591_CR56","doi-asserted-by":"crossref","first-page":"297","DOI":"10.1007\/BF02310555","volume":"16","author":"L Cronbach","year":"1951","unstructured":"Cronbach, L., Coefficient alpha and the internal structure of tests. Psychometrika. 16(3):297\u2013334, 1951.","journal-title":"Psychometrika"},{"key":"591_CR57","unstructured":"Iran Medical Research Portal (2012) http:\/\/www.research.ac.ir . Center of Iran Medical Research Information."},{"key":"591_CR58","volume-title":"Comprehensive health plan","author":"MOHME","year":"2011","unstructured":"MOHME, Comprehensive health plan. Ministry of Health and Medical Education of Iran: Tehran, 2011."},{"key":"591_CR59","unstructured":"MOHME, Framework for evaluation of performance hospital information system. Ministry of Health and Medical Education of Iran: Tehran, 2011."},{"key":"591_CR60","volume-title":"Applied multivariate research: Design and interpretation","author":"L Meyers","year":"2005","unstructured":"Meyers, L., Gamst, G., and Guarino, A., Applied multivariate research: Design and interpretation. Sage Publications: London, 2005."}],"container-title":["Journal of Medical Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10916-016-0591-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10916-016-0591-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10916-016-0591-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,20]],"date-time":"2017-06-20T17:58:16Z","timestamp":1497981496000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10916-016-0591-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,9,28]]},"references-count":60,"journal-issue":{"issue":"11","published-print":{"date-parts":[[2016,11]]}},"alternative-id":["591"],"URL":"https:\/\/doi.org\/10.1007\/s10916-016-0591-5","relation":{},"ISSN":["0148-5598","1573-689X"],"issn-type":[{"value":"0148-5598","type":"print"},{"value":"1573-689X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,9,28]]},"article-number":"241"}}