Balancing Information Privacy and Operational Utility in Healthcare: Proposing a Privacy Impact Assessment (PIA) Framework

European Journal of Information Systems (EJIS), Forthcoming

45 Pages Posted: 15 Sep 2022

See all articles by Rachida Parks

Rachida Parks

University of Arkansas at Little Rock - Department of Management

Rolf T. Wigand

University of Arkansas at Little Rock

Paul Benjamin Lowry

Virginia Tech - Pamplin College of Business

Date Written: July 05, 2022

Abstract

One needs to look only at recent data breaches to be reminded of the severe and far-reaching damage caused by privacy threats. Considering these threats, healthcare leaders strive to understand how to protect patient information without losing the benefits (utility) that result from privacy-preserving mechanisms. Our study examines the relatively unexplored issue of simultaneously responding to information privacy threats and maintaining utility. Thus, we also identify a symbiotic relationship between these two focal and interdependent efforts. We adopt an interpretive, qualitative research method leveraging the value-focused thinking (VFT) approach, which results in two major contributions: (1) the development of a value-driven framework presented as a means-end objective network that provides a list of 16 means objectives and seven key fundamental objectives enabling higher-quality decision-making vis-à-vis privacy and utility; (2) Our second and central contribution is a theoretical framework of privacy impact assessment (PIA), emphasising the interplay and balance between making appropriate decisions in responding to information privacy while not hindering business operations. This research provides the foundation for proposing four compelling propositions for future healthcare privacy research.

Keywords: information privacy, healthcare, operational utility, business impacts, value-focused thinking (VFT), qualitative research, organisational privacy, privacy impact assessment (PIA)

Suggested Citation

Parks, Rachida and Wigand, Rolf T. and Lowry, Paul Benjamin, Balancing Information Privacy and Operational Utility in Healthcare: Proposing a Privacy Impact Assessment (PIA) Framework (July 05, 2022). European Journal of Information Systems (EJIS), Forthcoming , Available at SSRN: https://ssrn.com/abstract=4205322

Rachida Parks

University of Arkansas at Little Rock - Department of Management ( email )

Little Rock, AR 72204
United States

Rolf T. Wigand

University of Arkansas at Little Rock ( email )

Little Rock, AR 72201
United States

Paul Benjamin Lowry (Contact Author)

Virginia Tech - Pamplin College of Business ( email )

1016 Pamplin Hall
Blacksburg, VA 24061
United States

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
24
Abstract Views
138
PlumX Metrics