Individuals’ Attitudes Towards Electronic Health Records: A Privacy Calculus Perspective

  • Tamara DinevEmail author
  • Valentina Albano
  • Heng Xu
  • Alessandro D’Atri
  • Paul Hart
Part of the Annals of Information Systems book series (AOIS, volume 19)


National adoption of Electronic Health Records (EHRs) is considered an essential component of the health care system overhaul sought by policy makers and health care professionals, in both U.S. and Europe, to cut costs and increase benefits. And yet, along with the technological aspects, the human factor consistently proves to be a critical component to diffusion of any IT system, and is even more so regarding health care. The highly personal and sensitive nature of health care data and the associated concerns about privacy impede even the most efficient and technologically perfect system. Our objective is to investigate individuals’ attitudes towards EHR and what factors form these attitudes. If we understand individuals’ attitudes regarding EHR and the factors that influence them, we will be in a better position to take responsive measure to facilitate Privacy by Design for EHRs. A positivist research model is empirically tested using survey data from U.S. and Italy and structural equation modeling techniques. We find that perceived effectiveness of regulatory mechanisms positively impact trust; perceived effectiveness of technological mechanisms positively impacts perceived privacy control and trust; the latter two help reduce privacy concerns which, along with perceived benefits, convenience, and Internet experience, play the privacy calculus-type formation of attitudes towards EHR.


Health care Electronic health care records Privacy Attitudes Structural equation modeling 


  1. Agarwal R, Gao G, DesRoches C, Jha AK (2010) The digital transformation of healthcare: current status and the road ahead. Inform Syst Res 21(4):796–809CrossRefGoogle Scholar
  2. Ajzen I (1991) The theory of planned behavior. Org Behav Hum Decis Process 50(2):179–211CrossRefGoogle Scholar
  3. Ajzen I, Fishbein M (1980) Understanding attitudes and predicting social behavior. Prentice-Hall, Englewood CliffsGoogle Scholar
  4. Alonso-Zaldivar R (2009) U.S. health care lags in bang for the buck. San Francisco Chronicle, March 12, p. 1Google Scholar
  5. Angst MC, Agarwal R (2006a) Overcoming personal barriers to adoption when technology enables information to be available to others. In: Proceedings of 27th international conference on information systems, MilwaukeeGoogle Scholar
  6. Angst MC, Agarwal R (2006b) Getting personal about electronic health records: modeling the beliefs of personal health record users and non-users. Working Paper, Robert H. Smith School Research Paper No. RHS-06-007. Available at SSRN:
  7. Angst MC, Agarwal R (2009) Adoption of electronic health records in the presence of privacy concerns: the elaboration likelihood model and individual persuasion. MIS Quarterly 33(2):339–370Google Scholar
  8. Bandura A (1982) Self-efficacy mechanism in human agency. Am Psychol 37:122–147CrossRefGoogle Scholar
  9. Bandura A (1986) Social foundations of thought and action. Prentice-Hall, Englewood CliffsGoogle Scholar
  10. Bansal G, Zahedi F, Gefen D (2007) The impact of personal dispositions on privacy and trust in disclosing health information online. In: Proceedings of AMCIS, Paper 57.
  11. Bansal G, Zahedi FM, Gefen D (2010) The impact of personal dispositions on information sensitivity, privacy concern and trust in disclosing health information online. Decis Support Syst 49:138–150CrossRefGoogle Scholar
  12. Beatty RC, Shim JP, Jones MC (2001) Factors influencing corporate Web site adoption: a time-based assessment. Inform Manage 38(6):337–354CrossRefGoogle Scholar
  13. Bishop LS, Holmes BJ, Kelley CM (2005) National Consumer Health Privacy Survey 2005. California Health Care Foundation, Oakland.
  14. Bodenheimer T, Grumbach K (2003) Electronic technology: a spark to revitalize primary care? J Am Med Assoc 290(2):259–264CrossRefGoogle Scholar
  15. Cantor JD (2001) Privacy protections for cybercharts: an update on the law. J Am Med Assoc 285(13):1767CrossRefGoogle Scholar
  16. Caudill ME, Murphy EP (2000) 2000 consumer online privacy: legal and ethical issues. J Public Policy Mark 19(1):7–19CrossRefGoogle Scholar
  17. Chellappa RK, Sin RG (2005) Personalization versus privacy: an empirical examination of the online consumer’s dilemma. Inform Technol Manage 6(2):181–202CrossRefGoogle Scholar
  18. Childers TL, Carr CL, Peck J, Carson S (2001) Hedonic and utilitarian motivations for online retail shopping behavior. J Retail 77(4):511–535CrossRefGoogle Scholar
  19. Choy A, Goldman J (2001) Comparing eHealth Privacy Initiatives, Health Privacy Project. Georgetown University.
  20. Choy A, Hudson Z, Pritts J (2002) Exposed online: why the new federal health privacy regulation doesn’t offer much protection to internet users, the Pew Internet and American Life Project.
  21. Cimino JJ, Patel VL, Kushniruk AWT (2002) The patient clinical information system (PatCIS): technical solutions for and experience with giving patients access to their electronic medical records. Int J Med Inform 68(1–3):113–127CrossRefGoogle Scholar
  22. Culnan MJ (1993) ‘How did they get my name’? An exploratory investigation of consumer attitudes toward secondary information use. MIS Quarterly 17(3):341–364CrossRefGoogle Scholar
  23. Culnan MJ, Armstrong PK (1999) Information privacy concerns, procedural fairness and impersonal trust: an empirical investigation. Organ Sci 10(1):104–115CrossRefGoogle Scholar
  24. Culnan MJ, Bies JR (2003) Consumer privacy: balancing economic and justice considerations. J Soc Issues 59(2):323–342CrossRefGoogle Scholar
  25. Dan JK, Ferrin DL, Rao HR (2008) A trust-based consumer decision-making model in electronic commerce: the role of trust, perceived risk, and their antecedents. Decis Support Syst 44:544–564CrossRefGoogle Scholar
  26. Dinev T, Hart P (2004) Internet privacy concerns and their antecedents—measurement validity and a regression model. Behav Inform Technol 23(6):413–423CrossRefGoogle Scholar
  27. Dinev T, Hart P (2006) An extended privacy calculus model for e-commerce transactions. Inform Syst Res 17(1):61–80CrossRefGoogle Scholar
  28. Dinev T, Bellotto M, Hart P, Russo V, Serra I, Colautti C (2006) Privacy calculus model in e-commerce—a study of Italy and the United States. Eur J Inform Syst 15(4):389–402CrossRefGoogle Scholar
  29. Dinev T, Hu Q, Yayla A (2008) Is there an online advertisers’ dilemma? A study of click fraud in the pay-per-click model. Int J Electron Commerce 13(2):29–59CrossRefGoogle Scholar
  30. Dixon P (2005) Electronic health records and the National Health Information Network: patient choice, privacy, and security in digitized environments, presented before The National Committee on Vital and Health Statistics (NCVHS) Subcommittee on privacy and confidentiality, San Francisco, CA, August 2005.
  31. Earp JB, Payton FC (2006) Information privacy in the service sector: an exploratory study of health care and banking professionals. J Organ Comput Electron Comm 16(2):105–122Google Scholar
  32. Faden RR, Beauchamp LT, King PMN (1986) A history and theory of informed consent. Oxford University Press, New YorkGoogle Scholar
  33. Forsythe S, Liu CL, Shannon D, Gardner LC (2006) Development of a scale to measure the perceived benefits and risks of online shopping. J Interact Market 20(2):55–75CrossRefGoogle Scholar
  34. Gazzetta Ufficiale (2009) Garante per la protezione dei dati personali. Linee guida in tema di Fascicolo sanitario elettronico (Fse) e di dossier sanitario—16 luglio 2009. n. 178 03-08-2009.
  35. Gefen D, Straub DW, Boudreau MC (2000) Structural equation modeling and regression: guidelines for research practice. Commun Assoc Inform Syst 4(7):1–78Google Scholar
  36. Goodwin C (1991) Privacy: recognition of a consumer right. J Public Policy Mark 10(1):149–166Google Scholar
  37. HHS (2006) Personal health records and personal health record systems: a report and recommendations from the National Committee on Vital and Health Statistics. Department of Health and Human Services, Washington DC, February, 2006.
  38. Harris AF (2002) Interactive and Westin, The Harris Poll: #46. Harris Interactive, New YorkGoogle Scholar
  39. Hu X, Wu G, Wu Y, Zhang H (2010) The effects of Web assurance seals on consumers’ initial trust in an online vendor: a functional perspective. Decis Support Syst 48:407–418CrossRefGoogle Scholar
  40. Iacovou CL, Benbasat I, Dexter AS (1995) Electronic data interchange and small organizations: adoption and impact of technology. MIS Quarterly 19(4):465–485CrossRefGoogle Scholar
  41. Jarvenpaa SL, Tractinsky N, Vitale M (2000) Consumer trust in an internet store. Inform Technol Manage 1(12):45–71CrossRefGoogle Scholar
  42. Johnson LJ, Cullen BJ (2002) Trust in cross-cultural relationships. In: Gannon MJ, Newman KL (eds) The Blackwell handbook of cross-cultural management. Blackwell, Oxford, pp 335–360Google Scholar
  43. Karahanna E, Evaristo JR, Strite M (2002) Methodological issues in MIS cross cultural research. J Global Inform Manage 10:13–23CrossRefGoogle Scholar
  44. Kauffman T (2006) Your health records online: OPM: benefits will outweigh risks., May 15 2006.
  45. Kidd MR (2008) Personal electronic health records: MySpace or HealthSpace? Br Med J 336:1029–1030CrossRefGoogle Scholar
  46. Landro L (2004) Electronic medical records are taking root locally. Wall Street J 22:D1Google Scholar
  47. Laufer RS, Wolfe M (1977) Privacy as a concept and a social issue: a multidimensional developmental theory. J Soc Issues 33(3):22–42CrossRefGoogle Scholar
  48. Liu CL (2007) Modeling consumer adoption of the internet as a shopping medium: an integrated perspective. Cambria, YoungstownGoogle Scholar
  49. Lo B, Clayton P, Crowley J, Glaser J, Hunter N, Koss S, Koyanagi C, Nielsen J, Shelton L, Van Amringe M (1999) Best principles for health privacy. Report for the Health Privacy Project, Georgetown University.
  50. Luck J, Chang C, Brown ER, Lumpkin J (2006) Using local health information to promote public health. Health Aff 25(4):979–991CrossRefGoogle Scholar
  51. Masys D, Baker D, Butros A, Cowles KE (2002) Giving patients access to their medical records via the internet: the PCASSO experience. J Am Med Inform Assoc 9(2):181–191CrossRefGoogle Scholar
  52. Mayer RC, Davis JH, Schoorman FD (1995) An integrative model of organizational trust. Academy Manage Rev 20(3):709–734Google Scholar
  53. MacKay N, Parent M, Gemino A (2004) A model of electronic commerce adoption by small voluntary organizations. Eur J Inform Syst 13(2):147–159CrossRefGoogle Scholar
  54. McKnight DH, Choudhury V, Kacmar C (2002) Developing and validating trust measures for e-commerce: an integrative typology. Inform Syst Res 13(3):334–359CrossRefGoogle Scholar
  55. Miller AR, Tucker C (2009) Privacy protection and technology diffusion: the case of electronic medical records. Manage Sci 55(7):1077–1093CrossRefGoogle Scholar
  56. Milne GR, Boza ME (1999) Trust and concern in consumers’ perceptions of marketing information management practices. J Interact Market 13(1):5–24CrossRefGoogle Scholar
  57. Milne GR, Gordon EM (1993) Direct mail privacy-efficiency trade-offs within an implied social contract framework. J Public Policy Mark 12(2):206–215Google Scholar
  58. Moffit R, Manière P, Green DG, Belien P, Hjertqvist J, Breyer F (2001) Perspectives on the European health care systems: some lessons for America. Heritage Lecture #711. care/HL711.cfm
  59. Pagliari C, Detmer D, Singleton P (2007) Potential of electronic personal health records. Br Med J 335:330–333CrossRefGoogle Scholar
  60. Pavlou PA, Fygenson M (2006) Understanding and predicting electronic commerce adoption: an extension of the theory of planned behavior. MIS Quarterly 30(1):115–143Google Scholar
  61. Pavlou PA, Gefen D (2004) Building effective online marketplaces with institution-based trust. Inform Syst Res 15(1):37–59CrossRefGoogle Scholar
  62. Phelps J, Nowak G, Ferrell E (2000) Privacy concerns and consumer willingness to provide personal information. J Public Policy Market 19(1):27–41CrossRefGoogle Scholar
  63. Rindfleish TC (1997) Privacy, information technology, and health care. Commun ACM 40(8):92–100CrossRefGoogle Scholar
  64. Ringle CM, Wende S, Will S (2005) SmartPLS 2.0, Hamburg, Germany.
  65. Sheehan KB, Hoy GM (2000) Dimensions of privacy concern among online consumers. J Public Policy Market 19(1):62–73CrossRefGoogle Scholar
  66. Skinner EA, Chapman M, Baltes PB (1988) Control, means-ends, and agency believes: a new conceptualization and its measurement during childhood. J Personality Social Psychol 54:117–133CrossRefGoogle Scholar
  67. Shortliffe EH (1999) The evolution of electronic medical records. Acad Med 74(4):414–419CrossRefGoogle Scholar
  68. Smith HJ, Milberg JS, Burke JS (1996) Information privacy: measuring individuals’ concerns about organizational practices. MIS Quarterly 20(2):167–196CrossRefGoogle Scholar
  69. Song J, Zahedi FM (2007) Trust in health infomediaries. Decis Support Syst 43:390–407CrossRefGoogle Scholar
  70. Spiro WG, Houghteling LJ (1981) The dynamics of law, 2nd edn. Harcourt Brace Jovanovich, New York, pp 2–10Google Scholar
  71. Stewart KA, Segars AH (2002) An empirical examination of the concern for information privacy instrument. Inform Syst Res 13(1):36–49CrossRefGoogle Scholar
  72. Stone EF, Gueutal GH, Gardner DG, McClure S (1983) A field experiment comparing information—privacy values, beliefs, and attitudes across several types of organizations. J Appl Psychol 68(3):459–468CrossRefGoogle Scholar
  73. Stone EF, Stone DL (1990) Privacy in organizations: theoretical issues, research findings, and protection mechanisms. Res Personnel Human Resources Manage 8(3):349–411Google Scholar
  74. Taylor S, Todd PA (1995) Understanding information technology usage: a test of competing models. Inform Syst Res 6(3):144–176CrossRefGoogle Scholar
  75. Teo TSH, Yeong YD (2003) Assessing the consumer decision process in the digital marketplace. Omega—Int J Manage Sci 31(5):349–363CrossRefGoogle Scholar
  76. Tittle CR (1980) Sanctions and social deviance: the question of deterrence. Praeger, New YorkGoogle Scholar
  77. TSE (2005) Tavolo di Sanità Elettronica—Italian National Board for eHealth. A shared policy for e-Health.
  78. TSE (2006) Tavolo di Sanità Elettronica—Italian National Board for eHealth, Architectural Strategy for Electronic Health care.
  79. Venkatesh V, Morris MG, Davis GB, Davis FD (2003) User acceptance of information technology: toward a unified view. MIS Quarterly 27(3):425–478Google Scholar
  80. Westin AF (2003) Social and political dimensions of privacy. J Soc Issues 59(2):431CrossRefGoogle Scholar
  81. Wetzels M, Odenkerken-Schroder G, van Oppen C (2009) Using PLS path modeling for assessing hierarchical construct models: guidelines and empirical illustration. MIS Quarterly 33(1):117–195Google Scholar
  82. Xin L, Li H, Zhang J, Shim JP (2010) Examining multi-dimensional trust and multi-faceted risk in initial acceptance of emerging technologies: an empirical study of mobile banking services. Decis Support Syst 49:222–234CrossRefGoogle Scholar
  83. Xu H (2007) The effects of self-construal and perceived control on privacy concerns. In: Proceedings of the 28th annual international conference on information systems (ICIS 2007), Montréal, Canada, Paper 125Google Scholar
  84. Xu H, Teo HH (2004) Alleviating consumer’s privacy concern in location-based services: a psychological control perspective. In: Proceedings of the twenty-fifth annual international conference on information Systems (ICIS 2004), Washington, DC, pp 793–806Google Scholar
  85. Xu H, Teo HH, Tan BCY (2005) Predicting the adoption of location-based services: the roles of trust and privacy risk. In: Proceedings of 26th annual international conference on information systems (ICIS 2005) Las Vegas, pp 897–910Google Scholar
  86. Xu H, Dinev T, Smith J, Hart P (2008) Examining the formation of individual’s privacy concerns: toward an integrative view. In: Proceedings of the international conference of information systems (ICIS 2008), Paris, Paper 6Google Scholar
  87. Xu H, Teo HH, Tan BCY, Agarwal R (2009) The role of Push-Pull technology in privacy calculus: the case of location-based services. J Manage Inform Syst 26(3):137–176CrossRefGoogle Scholar
  88. Xu, H., Teo, H. H., Tan, B.C.Y., and Agarwal, R. (2012). Effects of Individual Self-Protection, Industry Self-Regulation, and Government Regulation on Privacy Concerns: A Study of Location-Based Services, Information Systems Research, 23(4): 1342–1363.CrossRefGoogle Scholar
  89. Yamaguchi S (2001) Culture and control orientations. In: Matsumoto D (ed) The handbook of culture and psychology. Oxford University Press, New York, pp 223–243Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Tamara Dinev
    • 1
    Email author
  • Valentina Albano
    • 2
  • Heng Xu
    • 3
  • Alessandro D’Atri
    • 4
  • Paul Hart
    • 5
  1. 1.Department of Information Technology and Operations ManagementCollege of Business, Florida Atlantic UniversityBoca RatonUSA
  2. 2.Department of Business StudiesRoma Tre UniversityRomeItaly
  3. 3.College of Information Sciences and TechnologyThe Pennsylvania State UniversityPAUSA
  4. 4.the Research Center on Information Systems (CeRSI)LUISS University of RomeRomeItaly
  5. 5.Department of Information Technology and Operations ManagementCollege of Business, Florida Atlantic UniversityBoca RatonUSA

Personalised recommendations