Publication Type

Conference Paper



Publication Date



Healthcare organizations face significant challenges in designing and implementing the appropriate safeguards to mitigate information privacy threats. While many studies examined various technical and behavioral safeguards to protect the confidentiality and privacy of patient information, very little is known about the actual outcomes and implications of the privacy practices in which organizations engage. There is little research theoretically explaining the outcomes of enacting privacy safeguards and subsequent effects on privacy compliance. This paper reports the results of a grounded theory study investigating the intended consequences (positive impacts) and unintended (negative impacts) consequences of enacting privacy safeguards in healthcare organizations. An imbalance challenge occurs when the negative impacts outweigh the positive ones. To address the imbalance challenge, organizations need to achieve a balance between privacy and utility, meeting privacy requirements without impeding the workflow in medical practices. Findings are presented within an emerging theoretical framework of the imbalance challenge identified in this work. This study is one of the first systematic attempts to identify the opposing impacts of privacy safeguard enactments and examine its implications for privacy compliance in the healthcare domain.


Information privacy, privacy safeguards, healthcare, imbalance challenge, grounded theory


Computer Sciences | Medicine and Health

Research Areas

Information Systems and Management


IFIP WG8.11/WG11.13 Dewald Roode Workshop on Information Systems Security Research

City or Country

Provo, UT

Creative Commons License

Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Additional URL