Search results

1 – 1 of 1
Article
Publication date: 5 October 2012

Karen Renaud and Wendy Goucher

The purpose of this paper is to investigate how employees in a health board perceived and experienced information governance policies.

1248

Abstract

Purpose

The purpose of this paper is to investigate how employees in a health board perceived and experienced information governance policies.

Design/methodology/approach

The approach was interpretive. A series of interviews was carried out and the transcripts were analysed using an interpretative phenomenological approach.

Findings

The authors discovered that staff often felt subjugated by policies, they experienced a lack of support, and experienced pressure to comply and to motivate the staff they managed to comply with policy directives. It was also obvious that all interviewees were highly motivated and concerned about information security. The authors conclude by proposing some mediation: a recognition and reward scheme to reward secure behaviour, the implementation of an incident response process, facilitated upward communication and development of a security culture in the organisation. Finally, the authors argue for the same rules to apply to all staff, so that procedures are fair, and seen to be so.

Practical implications

The authors make some recommendations for mediation, which should ensure that employees experience less pressure in complying with policy directives.

Social implications

If the authors' recommendations are followed, information security is bound to improve, which would be an outcome greatly to be desired.

Originality/value

This paper empirically confirms recommendations made by other researchers working in this area.

Details

Information Management & Computer Security, vol. 20 no. 4
Type: Research Article
ISSN: 0968-5227

Keywords

Access

Year

All dates (1)

Content type

1 – 1 of 1