跳到主要內容

臺灣博碩士論文加值系統

(44.192.67.10) 您好!臺灣時間:2024/11/12 18:50
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:陳昭銘
研究生(外文):Chao-Ming Chen
論文名稱:護理人員遵守資訊安全規範意向之研究-解構計劃行為理論觀點
論文名稱(外文):A Study of the Intention of Nursing Personnel to Comply with Information Security Guidelines
指導教授:阮金聲阮金聲引用關係
指導教授(外文):Jin-Sheng Roan
學位類別:碩士
校院名稱:國立中正大學
系所名稱:資訊管理所
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2006
畢業學年度:94
語文別:中文
論文頁數:130
中文關鍵詞:資訊安全規範解構計劃行為理論護理人員結構方程模式
外文關鍵詞:Information Security GuidelinesNursing PersonnelDecomposed Theory of Planned BehaviorStructural Equation Model
相關次數:
  • 被引用被引用:2
  • 點閱點閱:665
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:4
隨著資訊化時代來臨,人為問題對資訊安全所造成嚴重的威脅,不但會造成病患敏感資料外洩,破壞醫病關係,更嚴重時會危害到醫療品質,讓病患的生命處於危機之中,因此資訊安全在醫療院所是非常重要的議題。因為醫療團隊中,護理人員是最龐大的一群,不但要照顧病患,更要保護病患資訊的隱私與安全性,所以了解那些因素會影響護理人員遵行資訊安全規範的意向,是建構醫院資訊安全的關鍵所在。
本研究應用解構計劃行為理論(Decomposed Theory of Planned Behavior) ,探討護理人員遵守資訊安全行為意向的影響因素。我們針對國內區域級(含)以上醫院(18家醫學中心與78家區域醫院),護理部主任或副主任一名、督導一名、護理長或副護理長五名與N1(含)以上之基層護理人員五名,每家醫院發放十二份問卷,總共發放1152份問卷,回收有效問卷298份,使用結構方程模式(Structural Equation Model) 進行資料分析。研究結果顯示:
(1) 知覺易用性對行為態度有正向的影響。
(2) 主管影響對主觀規範有正向的影響。
(3) 自我效能對知覺行為控制有正向的影響。
(4) 行為態度與知覺行為控制對護理人員遵守資訊安全規範意向有正向影響。
本研究調查發現約有兩成的護理人員認為缺乏資訊安全教育或不清楚違反資訊安全的罰則為何。所以本研究建議醫療院所應多辦理資訊安全教育訓練與制定違反資訊安全規範的罰則與處理辦法,如此一來不但能間接提升易用性與自我效能,更提高護理人員遵守資訊安全規範意向之強度。
Recent years have seen increased attention being given to information security in the hospitals. Nursing personnel, the largest group in the hospitals, have greater responsibility than before because they should not only look after patients but protect the patient''s privacy. A review of the literature indicates that threats to information security studies have stressed on human errors or system failure. Information security guidelines often are difficult to implement and comply with. This thesis explores the factors infiuencing the intention of nursing personnel to comply with information security guidelines.
We conducted a questionnaire survey of the nursing personnel of 18 medical centers and 78 regional hospitals in Taiwan. One questionnaire was sent to the head of nursing department, one to nursing supervisors, five to head nurses, and five to nurses in each of the 96 hospitals. Of the 1152 questionnaires sent out, 298 useful copies were returned. Structural Eqations Modeing (SEM) was applied to analyze the data and the results were as follows.
(1) Perceived ease of use has positive impacts on attitaude.
(2) Superior’s influence has positive impacts on subjective norm.
(3) Self-efficacy has positive impacts on perceived behavioral control
(4) Attitude and perceived behavioral control have positive impacts on behavioral intention.
Therefore, it is important for the hospital to provide their nursing personnel with information security training to enhance their understanding of information security guidelines and intention to comply with these guidelines.
第一章 緒論 1
第一節 研究背景與動機 1
第二節 研究範圍與對象 4
第三節 研究目的與研究問題 5
第四節 研究流程 7
第五節 重要名詞解釋 8
第二章 文獻探討 12
第一節、資訊安全 12
一、資訊安全的定義 12
二、資訊安全規範 13
三、資訊安全威脅 16
第二節、醫院資訊安全 17
一、醫院資訊安全現況 17
二、醫院資訊安全常見的問題 18
三、來自人員的問題與管理 20
四、影響遵守資訊安全意向的因素 21
五、醫院資訊安全規範現況 23
第三節、理性行為理論 28
第四節、計劃行為理論 30
第五節、解構計劃行為理論 34
第六節、創新擴散理論 37
第七節、計劃行為理論的相關研究 38
第三章 研究方法 41
第一節 研究模式與假說 41
一、研究模式 41
二、研究假說 44
第二節 變數操作型定義與衡量 46
第三節 問卷設計與內容 51
第四節 調查對象與方式 55
第五節 資料分析方法 56
一、基本敘述統計分析 56
二、信度分析 56
三、效度分析 57
四、路徑分析 58
第四章 資料分析 59
第一節 問卷編碼 59
第二節 基本資料分析 62
第三節 資訊安全規範基本資料調查 65
第四節 統計基本假設 69
第五節 模式的界定 75
第六節 適配度與衡量模式分析 78
第七節 結構模式分析 87
第五章 結論 97
第一節 研究結論 97
第二節 研究建議 100
一、實務面建議 100
二、學術面建議 101
第三節 研究貢獻 102
第四節 研究限制 103
第五節 未來研究方向 105
參考文獻 106
中文部份 106
英文部份 107
網路部份 114
附錄 研究問卷 116
中文部份
1.王保進,多變量分析-套裝程式與資料分析,台北:高等教育文化事業公司,2004。
2.吳俊裕,專科護理師證照制度對護理人員影響之研究,國立中山大學人力資源管理研究所碩士論文,2002。
3.李東峰,企業資訊安全控管決策之研究--從組織決策理論觀點探討,中央大學博士論文,2003。
4.李麗傳,護理管理與實務,台北:五南書局,2000。
5.周子敬,結構方程模式(SEM)-精通LISREL,台北:全華科技圖書公司,2006
6.周宣光,管理資訊系統,台北:東華書局,2000。
7.周曉虹,社會學習理論,台北:桂冠圖書公司,1995。
8.林怡貞,花蓮某高職原住民與非原住民學生飲酒意圖差異之研究,慈濟大學原住民健康研究所碩士論文,2004。
9.林東清、孫培真、徐景智,「影響資訊系統使用者抗拒行為之原因:以計劃行為理論為基礎之整合研究」,資訊管理研究,2(2),2000,頁1-26。
10.邱家淮,影響非營利組織捐款人行為關鍵因素之研究 -從計劃行為理論(TPB)之觀點探討,中原大學企業管理研究所碩士論文,2005。
11.邱皓政,結構方程模式,台北:雙葉書廊公司,2003。
12.張黎慧,探討臨床護理人員資訊素養之研究,中正大學碩士論文,2004。
13.莊惠惠,醫療院所制訂資訊安全政策之研究,中正大學醫療資訊管理學研究所碩士論文,2005。
14.釧s祥,以意向模式研究資訊人員之專業倫理行為,國立中山大學資訊管理研究所博士論文,1998。
15.陳楚杰,醫院組織與管理,台北:宏翰書局,1995。
16.曾淑芬、謝豫立、何錦昌,「醫療院所資訊化程度及病歷安全保護之現況分析」,醫療資訊雜誌,13,2001,頁57-82。
17.黃文毅,廢乾電池資源回收行為之探討-某縣環保局員工為例,中興大學環境工程研究所碩士論文,2004。
18.黃正德,台灣中小製造業高階主管對企業e化意向之研究-以TPB模式來探討,中山大學高階經營研究所碩士論文,2001。
19.黃芳銘,結構方程模式理論與應用,台北:五南書局,2002。
20.黃智強,影響採用網路購物因素之研究-以網路書店為例,中央大學資訊管理研究所碩士論文,2000。
21.黃興進,「醫療管理資訊系統研究議題之探討」,資訊管理學報, 9(專),2002,頁101-116。
22.黃興進,電子病歷講議-第壹講,國立中正大學,2005a。
23.黃興進,電子病歷講議-第貳講,國立中正大學,2005b。
24.蔡佳婷、王大為、郭旭崧,「醫療院所高階主管對醫療資訊安全與隱私看法的調查研究」,敏盛醫院,2001/10/26-28,國際醫學資訊研討會,2001。
英文部份
1.Ajzen, I., “The Theory of Planned Behavior,” Organizational Behavior and Human Decision Processes, 50, 1991, pp. 179-211.
2.Agarwal, R. and P. Jayesh, “A Conceptual and Operational Definition of Personal Innovativeness in the Domain of Information Technology,” Information Systems Research, 9(2), 1998, pp. 204-215.
3.Bagozzi, R. P., “Attitudes, Intentions and Behavior: A Test of Some Key Hypothesis,” Journal of Personality and Social Psychology, 41, 1981, pp. 607-627.
4.Bandura, A., “Self-efficacy: Toward a Unifying Theory of Behavioral Change,” Psychological Review, 84(2), 1977, pp. 191-215.
5.Bollen, K. A., Structural Equations with Latent Variables, New York: Wiley, 1989.
6.Buckovich, S. and R. M. Rozen, “Driving Toward Guiding Principles: A Goal for Privacy, Confidentiality, and Security of Health Information,” Journal of the American Medical Informatics Association, 6(2), 1999, pp. 122-113.
7.Burke, L. and B. Weill, Information Technology for the Health Professions, New Jersey: Prentice-Hall, 2000.
8.Byrne, B. M., Structural Equation Modeling with Lisrel, Prelis, and Simplis. Basic concepts, applications, and programming, Mahwah, New Jersey: Lawrence Erlbaum Associates, 1998.
9.Cavalli, E., Andrea M., Pinciroli, F., and S. Piergiorgio, “Information Security Concepts and Practices: The Case of A Provincial Multi-specialty Hospital,” International Journal of Medical Informatics, 73, 2004, pp. 297-303.
10.Chau, P. Y. K. and P. J. H. Hu, “Investigating Healthcare Professionals’ Decisions to Accept Telemedicine Technology: An Empirical Test of Competing Theories,” Information & Management, 39(4), 2002, pp. 297-311.
11.Colton, D., “The Design of Evaluations for ContinuoUs Quality Improvement,” Evaluation & the Health Professions, 20(3), 1997, pp. 265-285.
12.Compeau, D. R. and C. A. Higgins, “Computer Self-efficacy: Development of A Measure and Initial Test,” MIS Quarterly, 1995, 19(2), pp. 189-211.
13.Davis F. D., “Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology,” MIS Quarterly, 31(3), 1989, pp. 319-340.
14.Davis, F. D., Bagozzi, R. P., and P. R. Warshaw, “User Acceptance of Computer Technology: A Comparison of Two Theoretical Models,” Management Science, 35(8), 1989, pp. 982-1003.
15.Elbra, T., A Management Guide to BS7799, United Kingdom, Bristol: The Institute of Chartered Accountants in England & Wales, 1999, pp. 4-30.
16.Finne, T., “Information System Risk Management: Key Concepts and Business Processes,” Computer & Security, 19(3), 2000, pp. 234-235.
17.Fishbein, M. and I. Ajzen., Belief, Attitude, Iintention, and Behavior: An Introduction to Theory and Research, Reading, MA: Addison-Wesley, 1975.
18.Fornell, C. and D. F. Larcker, “Evaluating Structural Equation Models with Unobservables and Measurement Error,” Journal of Marketing Research, 18, 1981, pp. 39-50.
19.Furnell, S. M., Gaunt, P. N., Holben, R. F., Sanders, P. W., Stockel, C. T., and M. J. Warren, “Assessing Staff Attitudes to Wards Information Security in A European Healthcare Establishment,” Medical Informatics, 21, 1996, pp. 105–112.
20.Gaunt, N., “Practical Approaches to Creating A Security Culture International,” Journal of Medical Informatics, 60, 2000, pp. 151–157.
21.Gould, J. D. and C. Lewis, “Designing for Usability: Key Principles and What Designers Thinks,” Communications of the ACM, 28, 1985, pp. 300-311.
22.Gritzalis, D., “A Baseline Security Policy for Distributed Healthcare Information Systems,” Computers & Security, 16(8), 1997, pp. 709-719.
23.Hair, J. F., Anderson, R. E., Tatham, R. L. and W. C. Black, Multivariate Mutlivariate Data Analysis, 5th ed., New Jersey: Prentice Hall, 1998.
24.Hall, M. A. and S. S. Rich, “Genetic Privacy Laws and Patients’ Fear of Discrimination by Health Insurers: The View from Genetic Counselors,” Journal of Law, Medicine & Ethics, 28, 2000, pp. 245-257.
25.Hoffer, J. A. and D. W. Straub, “The 9 to 5 Underground: Are You Policing Computer Crimes?” Sloan Management Review, 30(4), 1989, pp. 35-44.
26.Hőne, Κ. and Eloff, J., “Information Security Policy - What Do International Information Security Standards Say?” Computers & Security, 21(5), 2002, pp. 402-409.
27.Hsu, Chin-Lung and Hsi-Peng Lu, “Why Do People Play On-line Games? An Extended TAM with Social Influences and Flow Experience,” Information and Management, 41(7), 2004, pp. 853-868.
28.Hu, L. and P. M. Bentler, “Cutoff Criteria for Fit Index In Covariance Structural Analysis: Conventional Criteria Versus New Alternatives,” Structural Equation Modeling, 6, 1999, pp. 1-55.
29.Hu, P. J., Lin, C., and H. Chen, “User Acceptance of Intelligence and Security Informatics Technology: A Study of Coplink,” Journal of the American Society for Information Science and Technology, 56(3), 2005, pp. 235–244.
30.Hu, Q. and T. Dinev, “Is Spyware An Internet Nuisance or Public Menace?” Communications of the ACM, 48(8), 2005, pp. 61-66.
31.Janczewski, L. and F. X. Shi, “Development of Information Security Baselines for Healthcare Information Systems in New Zealand,” Computers & Security, 21(2), 2002, pp. 172-192.
32.Joreskog, K. G. and D. Sorbom, LISREL 8: Structural Equation Modeling with the S1MPL1S Command Language, Chicago: Scientific Software, 1993.
33.Lee, S. M., Lee, S., and S. Yoo, “Integrative Model of Computer Abuse Based on Social Control and General Deterrence Theories,” Information & Management, 41, 2004, pp. 707–718.
34.Lee, Y. and K. A. Kozar, “Investigating Factors Affecting Adoption of Anti- Spyware Systems,” Communications of the ACM, 48(8), 2005, pp. 41-45.
35.Lewis, B. R., Snyder, C. A., and R. K. Rainer, “An Empirical Assessment of the Information Resource Management Construct,” Journal of Management Information Systems, 12(1), 1995, pp. 199-223.
36.Limayem, M., Khalifa, M., and A. Frini, “What Makes Consumers Buy from Internet? A Longitudinal Study of Online Shopping,” IEEE Transactions on Systems, Man, and Cybernetics—Part a: Systems and Humans, 30(4), 2000, pp. 421-432.
37.Lo, B. and A. Alpers, “Uses and Abuses of Prescription Drug Information in Pharmacy Benefits Management Programs,” Journal of the American Medical Association, 283, 2000, pp. 801-806.
38.Lorence, D. P. and R. Churchill, “Incremental Adoption of Information Security in Health-Care Organizations: Implications for Document Management,” IEEE transactions on Information Technology in Biomedicine, 9(2), 2005, pp. 169-173.
39.Mason, R. O., “Four Ethical Issues on the Information Age,” MIS Quarterly, 10(1), 1986, pp. 4-12.
40.Mathieson, K., “Predicting User Intentions: Comparing the Technology Acceptance Model with the Theory of Planned Behavior,” Information Systems Research, 2(3), 1991, pp. 173-191.
41.Medley, F. and D. R. Larochelle, “Transformational Leadership and Job Satisfaction,” Nursing Management, 26(9), 1995, pp. 64-68.
42.Preece, J., Rogers, Y., Sharp, H., Benyon, D., Holland, S. and T. Carey, Human-Computer Interaction, Wokingham, England: AddisonWesley, 1994.
43.Ravera, L., Colombo I., Tedeschi, M., and A. Ravera, “Security and Privacy at the Private Multispecialty Hospital Istituto Clinico Humanitas: Strategy and Reality,” International Journal of Medical Informatics, 73, 2004, pp. 321-324.
44.Rindfleisch, T. C., “Privacy, Information Technology, and Health Care,” Communications of the ACM, 40(8), 1997, pp. 93-100.
45.Roberto A. J., Meyer G., Boster F. J., and H. L. Roberto, “Adolescents'' Decisions about Verbal and Physical Aggression: An Application of the Theory of Reasoned Action,” Human Communication Research, 29(1), 2003, pp. 135-147.
46.Rogers, E. M., Diffusion of Innovations, 3rd ed., New York: Free Press, 1995.
47.Senge, P. M., The Fifth Discipline: The Art and Practice of the Learning Organization, New York: Doubleday, 1990.
48.Seyal, A. H., Rahman, M. N., and M. M. Rahim, “Determinants of Academic Use of the Internet: A Structural Equation Model,” Taylor & Francis, 2002, pp. 71-96.
49.Siponen, M. T., “A Conceptual Foundation for Organizational Information Security Awareness,” Information Management & Computer Security, 8(1), 2000, pp. 31-41.
50.Smith, E. and J. H. P. Eloff, “Security in health-care information systems—current trends,” International Journal of Medical Informatics, 54, 1999, pp. 39–54.
51.Starling, G., Strategies for Policy Making, Chicago:The Dorsey Press, 1988.
52.Steiger, J. H., “Structural Model Evaluation and Modification: An Interval Estimation Approach,” Multivariate Behavioral Research, 25(2), 1990, pp. 173-180.
53.Straub, D. W. and R. J. Welke, “Coping with Systems Risk: Security Planning Models for Management Decision Marking,” MIS Quarterly, 22 (4), 1998, pp. 441-469.
54.Styffe, E. J., “Privacy, Confidentiality, and Security in Clinical Information Systems: Dilemmas and Opportunities for the Nurse Executive,” Nursing Administration Quarterly, 21(3), 1997, pp. 21-28.
55.Taylor, S. and P. A. Todd, “Decomposition and Crossover Effects in the Theory of Planned Behavior: A study of Consumer Adoption Intentions,” International Journal of Research in Marketing, 12, 1995a, pp. 137-155.
56.Taylor, S., and P. A. Todd, “Understanding Information Technology Usage: A Test of Competing Models,” Information System Research, 6(2), 1995b, pp. 144-176.
57.Trofino, J., “Transformational Leadership: The Catalyst for Successful Change,” Nursing Review, 40(6), 1993, pp. 179-182.
58.Van Bemmel, J. H. and M. A. Musen, Handbook of Medical Informatics, Heidelberg, New York: Springer Verlag, 1997.
59.Warren, M. J., “A Risk Analysis Model to Reduce Computer Security Risks among Healthcare Organizations”, Risk management, 3(1), 2001, pp. 27-37.
60.Whitman, M. E., “Enemy at the Gate: Threats to Information Security,” Communications of the ACM, 46(8), 2003, 91-95.
61.Wiant, T. L., “Information Security Policy’s Impact on Reporting Security Incidents,” Computers & Security, 24, 2005, pp. 448-459.
網路部份
1.CNET新聞專區,http://taiwan.cnet.com/enterprise/topic/0,2000062938,20084409,00.htm,2003。
2.中央健保局,http://www.nhi.gov.tw/webdata/webdata.asp?menu=1&menu_id=26&webdata_id=934,2006。
3.台北榮民總醫院網站,http://www.vghtpe.gov.tw/~nurs/t03.htm,2006。
4.行政院勞工委員會職業訓練局資訊安全管理作業準則,http://law.moj.gov.tw/Scripts/Query4A.asp?FullDoc=all&Fcode=N0080018,2006。
5.行政院衛生署,http://www.doh.gov.tw/cht/index.aspx,2006。
6.行政院衛生署,http://www.doh.gov.tw/cht/list.aspx?dept=R&now_fod_list_no=7056&class_no=94&level_no=2&divNo=1&divCount=3,2006。
7.高雄榮民總醫院,http://www.vghks.gov.tw/,2006。
8.資安人,http://www.isecutech.com.tw/feature/view.asp?fid=88,2002。
9.賽門鐵克,http://www.symantec.com/region/tw/enterprise/article/security_definition.html,2003。
10.Ajzen, I., Constructing a TpB Questionnaire: Conceptual and Methodological Considerations, http://www.people.umass.edu/aizen/tpb.diag.html, 2002.
11.Marie, A. G., Background and Rationale for a PDA Survey on Privacy, Security, Confidentiality, and Trust, http://www.duke.edu/~mageorge/Papers/Privacy%20Survey%20Rationale.pdf, 2003.
12.Richardson, R., CSI/FBI 2002 Computer Crime and Security Survey, http://www.gocsi.com/press/20020407.html, 2002.
13.Davis, D. C. and K. M. Having, Privacy and Security of Electronic Informtion a For HIPAA Compliance In U.S. Hospitals, http://www.osra.org/2005/davis.pdf, 2005.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top