Trust in Public and Private Providers of Health Apps and Usage Intentions A Sectoral Privacy Calculus and Control Perspective

Mobile health apps, particularly personal health records (PHRs), play a vital role in healthcare digitalization. However, the varying governance approaches for providing PHR platforms have led to a growing debate on the adequate regulation of health technology with regard to their adoption. This article investigates how provider governance, whether public or private, inﬂuences users’ intentions to use and decisions to download a PHR app. Drawing on institutional trust, privacy calculus, and privacy control frameworks, the study develops hypotheses about how provider governance affects the pathways through which trust inﬂuences users’ intentions to adopt the app. Data acquired from an online experiment in the German market reveals that users exhibit a higher level of trust in public providers compared to the same app provided by private companies. Furthermore, provider governance sig-niﬁcantly alters the paths in how trust inﬂuences usage intentions through perceived beneﬁts, perceived risks, and privacy control. These ﬁndings contribute to the development of a sectoral theory of privacy calculus and privacy control in Information Systems (IS). Moreover, they offer practical insights for healthcare regulators and health app providers with the aim of promoting the acceptance and usage of PHRs and other mobile health apps.


Introduction
Mobile health apps such as personal health records (PHR) are considered crucial for healthcare digitalization as they enable individuals to manage their personal health effectively (Archer et al. 2011;George and Kohnke 2018).PHRs assist users in accessing, integrating, and organizing their personal health information, thereby enhancing communication between patients and healthcare providers (Abd-alrazaq et al. 2019;Niazkhani et al. 2020;Tang et al. 2006).However, national health systems employ varying governance approaches for providing PHR platforms (Lee et al. 2021) and there is a small, but growing debate as to which level of regulation, e.g., for privacy in health information exchange, is adequate to drive health technology adoption (e.g., Adjerid et al. 2016;Miller and Tucker 2009;Tertulino et al. 2023).
Certain countries, such as the Scandinavian countries and France, offer centralized PHR platforms through public health authorities (e.g., Appenzeller 2020;Jensen et al. 2017).Similarly, Germany has enacted legislation requiring its public health insurances to provide and activate PHRs for their insured individuals by 2025, while there is also a growing market of health apps from private providers (Retiene 2022; Schrahe 2021).Other countries with pluralistic healthcare systems, such as the U.S., primarily rely on the private market for the development of health apps.A prominent example is Google that is trying to enter and penetrate the healthcare market with several digital offerings (Jercich 2021), such as the Care Studio platform that offers healthcare professionals an integrated perspective of patient records (Balasubramanian 2022;Google Health 2023).These examples illustrate that PHR adoption contexts vary considerably across countries.
Furthermore, a growing number of competing health apps with similar functionalities is being offered by both public and private providers, even within a single market.For instance, in Germany, the startup XO Life integrates a medication checker into their MedWatcher app for automated testing of drug therapy safety (MedWatcher 2023).This functionality is also part of the roadmap for the 'elektronische Patientenakte' (ePA), the PHR provided by public insurance companies in Germany, as outlined in the recent digital strategy of the federal ministry of health (Bundesministerium fu ¨r Gesundheit 2023).While the provision of the ePA will be mandatory for public insurers by 2025, users have the possibility to opt out of its activation.This legally prescribed provision, but voluntary use of PHR apps on the market raises the legitimate need for app providers and healthcare regulators to better understand how provider governance (i.e., whether public or private) itself affects users' intentions to use health apps.
Among the many existing mobile health apps, PHRs face particularly complex challenges across most nations (Roehrs et al. 2017).Despite pertinent privacy regulations such as GDPR in Europe, trust in PHR providers remains a major issue, which has hindered the widespread adoption among consumers (Spil and Klein 2015).Researchers from different fields have observed an institutional trust paradox: although public institutions rely on people's trust to effectively act as their agents (Rothstein and Stolle 2008), consumers in many countries tend to trust private companies and their brands more than their governments (Pesce 2020;Ward et al. 2016).However, it remains to be seen whether this trust paradox extends to the domain of healthcare and the storing of sensitive health data in PHRs.
Previous research has extensively studied the factors that influence the acceptance of information technologies, highlighting the role of privacy-related factors, such as trust (e.g., Carter and Be ´langer 2005;Connolly et al. 2023;Lin et al. 2021), privacy concerns (e.g., Dinev and Hart 2005;Ehrari et al. 2020;Malhotra et al. 2004), and privacy control (e.g., Dinev et al. 2016;Li et al. 2014).Trust, privacy control, and perceived benefits have consistently been found to have a positive impact on the intention to use an app, while perceptions of privacy and security risks tend to decrease it.However, there is a lack of theoretical development regarding the influence of the app providers' governance on the user's behavioral intention to use a health app.This presents a major gap in our knowledge, considering that previous research has demonstrated varying levels of trust in different institutions (Ward et al. 2016).Understanding the impact of provider governance on people's trust perceptions, usage intentions, and decisions to ultimately download and use a health app could be a key to address the persistent trust challenges associated with PHRs in healthcare.Consequently, this study aims to answer the following question: How does provider governance influence the behavioral intention to use and the decision to download a mobile health app?
Taking our vantage point in an institutional trust perspective, we first hypothesize that different governance types (public: health authority and public insurance; private: big company and startup) influence trust in the app provider.Extending the prevalent privacy calculus and privacy control perspectives, we then propose three differential effects by which provider governance may affect the pathways of trust on intentions to use through perceived benefits, perceived risks, and perceived privacy control.To test these hypotheses, we conducted an online experiment in the German market, framing it as a user study of a real PHR app in development.Participants were randomly assigned to one of four provider governance scenarios and asked to evaluate the simulated app.
Contrary to the public/private trust paradox, our results demonstrate that users have higher trust in a public health app provider compared to the same health app provided by a private company, even though public providers are attested to have lower abilities.Furthermore, utilizing partial least squares (PLS) multigroup analysis methods, we find that provider governance significantly alters the pathways through which trust influences intentions to use the app.This is particularly the case with regard to perceived benefits, perceived risks, and perceived control.Usage intentions, in turn, significantly predict the decision to download the app.Our findings suggest that private health app providers, despite generally enjoying lower levels of trust, can influence usage intentions and downloads more strongly by leveraging benefit perceptions and privacy controls compared to public providers.Contrary to our hypothesis, public providers can influence the intention to use and download decision to a higher degree than private ones by mitigating the perceived risks.
Our study contributes a sectoral theory of privacy calculus and privacy control to research in Information Systems (IS) by accounting for the different forms of governance among trusted institutions.In addition, our results also call into question the widespread conceptualization of ability as a trust component.On a practical level, our findings offer insights for health app providers and healthcare regulators to enhance the adoption and usage of PHRs and other health apps.In the following sections, we develop the research hypotheses, describe the methods employed, present the results, and discuss the theoretical and practical implications.

Related Work and Hypothesis Development
This section takes its vantage point in the institutional trust perspective whereby we hypothesize the influence of provider governance on trust in health app providers.We then introduce the privacy calculus (i.e., perceived benefits and perceived risks) and perceived control to explain how trust translates into usage intentions, and develop our hypotheses of how provider governance alters these pathways in the context of PHR apps.

An Institutional Perspective on Trust in the Provider
The construct of trust has motivated many scholars from various disciplines such as psychology, marketing, and IS to explore its various aspects and peculiarities (Ebert 2009).A multitude of conceptualizations, measures, and antecedents of trust have emerged in the literature (So ¨llner and Leimeister 2013).In this study, we follow an adapted version of the widely cited definition proposed by Mayer et al. (1995) and define trust as the willingness of a trustor to be vulnerable to the actions of a trustee based on the expectation that the trustee will perform a particular action relevant and important to the trustor, irrespective of the ability to monitor the respective trustee (So ¨llner and Leimeister 2013).A trustee's specific characteristics are of great relevance in this relationship, as the trustors' willingness to trust is based on their assessment of these characteristics (So ¨llner et al. 2016a).Previous research conceptualized three important components of trusting beliefs: a trustee's ability, benevolence, and integrity (Mayer et al. 1995).Ability reflects the trustor's perception that the trustee's competencies, skills, and task-related activities demonstrate expertise and enable the trustee to succeed in a specific domain (Mayer et al. 1995;So ¨llner 2020).Benevolence reflects the trustor's perception that the trustee demonstrates an overall positive orientation towards the trustor and wants to do good to the trustor (Mayer et al. 1995;So ¨llner 2020).Integrity reflects the trustor's perception that the trustee adheres to a set of principles, values, and ideals that are acceptable to the trustor (Mayer et al. 1995;So ¨llner 2020).This study considers these components as separate constructs in addition to overall trust in the provider.
While prior research has identified multiple trust relationships and trust targets that are relevant for IS research (So ¨llner et al. 2016b), this study specifically examines trust in the provider of a mobile health app.In this context, the app user assumes the role of the trustor, while the app provider constitutes as the trustee.The importance of users' trust in the provider of an information technology for the acceptance has been demonstrated by numerous studies (e.g., Mittendorf 2017;Robin and Dandis 2021;So ¨llner 2020).However, most of the existing research has focused on a single provider and thus neglected possible differences in the individuals' perceptions of different provider types.
Only a limited number of studies have placed emphasis on potential differences between providers.For instance, in an e-commerce context, Jarvenpaa et al. (2000) tested in an experiment how trust perceptions differ between online store types (e.g., online bookstores and online travel sites) and found significant differences.Bansal et al. (2016) used a controlled lab experiment in which they presented users with website stimuli from contexts with different monetary sensitivity (i.e., financial, health, and e-commerce websites) and concluded that context is a salient factor for trust formation which is critical for disclosing personal information online.In a healthcare context, Anderson and Agarwal (2011) explored an individual's trust and decision to disclose personal health information to different stakeholders.The study found significant differences in the willingness to disclose information to hospitals compared to governmental agencies, but not between pharmaceutical companies and governmental agencies.
Given the growing debate on the healthcare technology regulation, this study focuses on the governance between public and private forms as an essential provider characteristic.Specifically, we consider two possible types of public providers of healthcare apps that play a key role in different healthcare system contexts: health authorities and public insurances.Health authorities are governmental bodies responsible for health policy-making which provide oversight of the health sector.By definition, health authorities are public institutions whose operations are financed by tax revenues.Countries like Denmark and France exemplify the provision of PHR infrastructures by health authorities (Appenzeller 2020;Jensen et al. 2017).On the other hand, public insurances are, in the context of this study, classified as corporations under public law that play a vital role in fulfilling public interest tasks such as healthcare service reimbursement.Thus, they are highly regulated, but legally independent entities.In Germany, for instance, there are currently 96 statutory (i.e., public) health insurances covering approximately 90% of the population (GKV Spitzenverband 2023).
In addition, our study considers two types of private providers of PHR apps that represent opposite ends of the 123 B. Binzer et al.: Trust in Public and Private Providers..., Bus Inf Syst Eng 66(3):273-297 (2024) maturity spectrum: big companies and startups.Big companies are conceptualized as large corporations and characterized by their well-established brands and diversified operations, which may include involvement in the healthcare market.These companies are subject to corporate laws and are held accountable not only financially, but also in terms of social responsibility.Examples of big companies in Germany providing health apps (amongst other services) include firms like Siemens and SAP SE.Startup companies are smaller firms focusing on developing innovative mobile health solutions, such as PHR apps.Notable cities like Boston and Berlin boast dynamic startup ecosystems fervently engaged in the burgeoning digital health market (Judah et al. 2020).Both, big companies and startups, are keenly involved in the mobile health sector.For instance, the global software market for PHRs is projected to surpass 15 billion US dollars by 2030 (Zion Market Research 2023).Table 1 presents an overview of the key attributes of these four provider types.
Because a trustee's characteristics are relevant for the trustors' willingness to trust, we propose that the level of trust depends on the distinction between public and private health app providers.A recent survey on mobile apps for pandemic research differentiated between governmental and private organizations, revealing that this distinction was significant for the level of trust that users placed in the apps (Buhr et al. 2022).Public institutions, by definition, have the mandate to serve and take care of the population (Rothstein and Stolle 2008), with healthcare being a part of their responsibilities in most countries.Hence, there is a high degree of coherence between the mission of public institutions to serve the public good (Rainey et al. 2021) and the task to preserve the highly sensitive health data.Their high degree of accountability to the public makes health authorities a generally trusted provider of health technologies, including PHR apps.Private institutions such as companies, in contrast, have inherently different objectives.While many companies consider social responsibility as a part of their mission, their primary focus is on generating profits.This raises concerns that private providers may prioritize profit opportunities over users' privacy (Anderson and Agarwal 2011).For instance, a study related to fears of health data sharing revealed that two of four concerns were explicitly associated with potential data exploitation by private companies (Lounsbury et al. 2021).Therefore, we hypothesize: Hypothesis 1 Trust and its components (ability, benevolence, integrity) will be higher for public providers of health apps and lower for private providers.

Provider Governance Altering the Trust-Usage Intention Pathways
Prior IS research has consistently demonstrated a relationship between trust and usage intentions.For example, trust influences the intended use of a B2C website in ecommerce (Gefen and Straub 2003) and the intentions to use an e-government system (Carter and Be ´langer 2005).In the following, we draw on privacy calculus and privacy control perspectives to explicate the different pathways that explain the trust-usage relationship.Linking back to our provider governance conceptualization, we then develop three hypotheses of how provider governance alters these pathways.Figure 1 displays our research model and hypotheses.
Considering that the storing of sensitive health data in mobile apps may exacerbate people's concerns about potential misuse of their health data, the intention to use a health app involves a privacy calculus (Li et al. 2014).The privacy calculus is a widely accepted model which posits that individuals make privacy decisions based on a process of weighing the anticipated benefits and risks of this decision (Culnan and Bies 2003;Laufer and Wolfe 1977).This implies that individuals, when confronted with the choice of using a health app that necessitates the disclosure of personal information, evaluate the anticipated benefits and potential risks associated with the technology, which ultimately impacts their decision-making process regarding adoption.In this context, it is important to acknowledge the complex interplay between perceived risks, benefits, and the often opaque nature of data usage.Consequently, it is crucial to consider the incomplete information users often have about how their data been used (often perceived as 'black box') and the behavioral biases that may influence their decision-making.Furthermore, when researching privacy decisions, it is essential to consider the context (Acquisti et al. 2015;Yun et al. 2019).Smith et al. (2011) identified four contextual forces related to privacy beliefs: the type of collected information, the use of information by sector, the technological applications, and the political context.In the context of our study, we refer to personal health data such as vital parameters, diagnoses, test results, and medication plans.This data can be used to enhance care processes, improve clinical outcomes, and drive advancement of research within the healthcare sector.The technological application is a PHR, a digital platform that enables individuals to access, manage, and share their personal health information with healthcare professionals within a private, secure, and confidential environment (Tang et al. 2006).The political context of our study is Germany, a country with high privacy sensitivity (Bellman et al. 2004) that has not yet achieved widespread adoption of any PHR platform (Schrahe 2021).In the following, we conceptualize the perceived benefits and perceived risks of PHRs for the context of this study and elaborate on perceived control.

Perceived Benefits Pathway and Provider Governance
As patients often receive care from many different healthcare providers, their health data are commonly dispersed over various facilities and stored in different analog and digital formats.In general, PHRs are seen as a major development towards the digitization of healthcare systems, with the purpose of improving quality and lowering the costs of healthcare (Bandyopadhyay et al. 2012), leading to various types of benefits a PHR app may provide to its users.The extent of perceived benefits of an app positively influences users' intentions to download it (Eling et al. 2013;Harris et al. 2016) and also affects their willingness to share personal information with the app (Wottrich et al. 2018).Prior works have emphasized different benefits of PHRs.For example, PHRs enable timely and location-independent access to a wide array of personal health information (Tang et al. 2006).Such health information can stem from different systems used by caregivers and health professionals authorized by the patient (Tang et al. 2006).Access to their information helps patients to manage their health and monitor diseases more effectively in conjunction with their healthcare providers.In addition, PHRs can strengthen the health literacy of patients by providing them with knowledge about their own care.This results in patients' enhanced ability for more effective healthcare management.PHRs give patients control over their health records and data and empower them to become active participants in their own care (Tang et al. 2006).Furthermore, PHRs can improve healthcare quality due to earlier identification of adverse events, defined as injuries that are caused by medical management, such as medication errors (Bandyopadhyay et al. 2012) and avoidance of duplicate examinations.Involving patients in their own care through a PHR can promote prevention and more timely interventions and thus disburden the healthcare system.Lastly, PHRs can enhance the communication between patients and physicians when they are collaboratively tracking the patient's health.This can help overcome information asymmetries and reduce communication barriers.PHRs may even change physician encounters from episodic to continuous, which should make it easier for the patients to ask questions (Tang et al. 2006).Despite the common features of a PHR, each individual will evaluate these benefits depending on the respective context (Smith et al. 2011).Trust in the provider influences an individual's perception of an information system offered by that provider, including its perceived usefulness and benefits (So ¨llner et al. 2016b).The influence of trust on perceived benefits has been substantiated in other contexts such as e-commence (Kim et al. 2009) and e-services (Mou and Cohen 2014).Furthermore, in line with previous research (e.g., Gong et al. 2019;Li et al. 2014), perceived benefits likely increase an individual's usage intention for a PHR app.For example, Gong et al. (2019) highlighted the importance of perceived benefits on the intentions to use an online health consultation service; Li et al. (2014) found a strongly positive effect of benefits on the intention to use a standalone PHR app.Against this background, we expect to find a pathway in which trust positively influences the perceived benefits of a mobile health app and perceived benefits, in turn, positively influence the intention to use.
What is unknown, however, is whether the characteristics of the organization handling personal health information, specifically the provider's governance, will influence this pathway.Such influence could arise from the distinct economic and competence-related characteristics that differentiate these institutions (see Table 1).Private companies, driven by market-differentiation, may have a greater incentive to promote their products (e.g., mobile PHRs) even if these do not yet fully satisfy the benefit expectations, leading to user suspicion.Therefore, users that do not trust a private provider, will not expect the promised benefits to materialize.Low perceived benefits, in turn, will be associated with low usage intentions.Users who do trust a private provider, however, will likely have great benefit expectations and also higher usage intentions due to the private provider's presumed competency in providing innovative services at scale.Higher benefits expectations from the privately provided app should also translate into high usage intentions, as users will anticipate that this market offering will effectively meet their specific needs.It is, therefore, a necessary requirement that users trust the private provider and its offering, before making a positive benefit evaluation and forming their usage intentions.
Innovation and economic incentives are less pronounced in the public sector (Arundel et al. 2019) and public providers are generally seen as having less competence in providing effective solutions than the private sector (Hvidman 2019).Consequently, users might rather expect a 'standard' service from a public provider of a health app regardless of their trust in this public institution.In other words, there is likely less variation in the perceived benefits depending on trust in public providers compared to private providers.Conversely, users' intention to use a publicly provided app may be less influenced by expectations of benefits.This is because public health apps might be viewed more as a societal obligation or a common good rather than a personal consumer choice (Galetsi et al. 2023).Hence, for publicly provided apps, the usage intentions might be less rooted in benefits expectations than for private providers' apps.In summary, we suggest that both, the effect of trust in the provider on perceived benefits and the effect of perceived benefits on intention to use differ between public and private providers.Therefore, we pose: Hypothesis 2 The positive indirect effect of trust on intention to use via perceived benefits will be stronger for private providers and weaker for public providers.

Perceived Risks Pathway and Provider Governance
The second component of the privacy calculus is the perception of risks associated with a privacy-related decision.Perceived risks can be defined as ''the subjective belief that there is some probability of suffering a loss in pursuit of a desired outcome'' (Pavlou and Gefen 2004).Uncertainty about possible consequences can negatively impact the net outcome of the privacy calculus and, consequently, the intention to use (Featherman and Pavlou 2003;Flavia ´n and Guinalı ´u 2006).Depending on the context, certain types of risks can be more important than others.The healthcare domain is characterized by highly sensitive information and a plurality of stakeholders, thus leading to a broad range of risks that need to be considered (Anderson and Agarwal 2011).Moreover, in light of potential hazards such as data abuse or misuse, particularly concerning sensitive health information, and considering the diverse and perhaps unexpected uses of this data, it's crucial to address the 'black box' nature of PHR apps.Individuals often possess limited information regarding organizational practices or the implications of their data sharing.This gap in understanding can lead to an unawareness of the true value and potential consequences of sharing personal information (Deuker 2010).Such lack of awareness hampers individuals' ability to accurately assess risks, thus influencing their decision-making and benefit realization.
Trust has been identified as a significant antecedent of perceived risks (Culnan and Armstrong 1999).When trust in a provider is high, the subjective risks associated with using the system seem lower from a user perspective (e.g., Kim et al. 2009;Mou and Cohen 2014).Perceived risks, in turn, negatively influence the behavioral intentions to use information systems (e.g., Li et al. 2014;Nicolaou and McKnight 2006).For instance, Li et al. (2014) showed that lower perceived risks of a standalone PHR, such as Microsoft HealthVault, increase the users' intentions to use this system.Perceived risks form the second part of the equation of the privacy calculus.Taken together, we expect to find a second pathway in which trust influences the perceived risks of a mobile health app, and perceived risks, in turn, influence intention to use.
Open for investigation is the potential role that provider governance may play for this pathway.The influence of trust on perceived risk might differ between public and private providers due to the economic and regulatory characteristics that distinguish these institutions (see Table 1).Users may feel that profit-driven companies have an incentive to exploit their users' health data (Anderson and Agarwal 2011), especially considering potential regulatory loopholes (Lounsbury et al. 2021).Therefore, trust in the provider is likely a necessary requirement to mitigate risk perceptions with private providers.Furthermore, risk perceptions with private providers can also be expected to play a major role for usage intentions.Due to the black box nature of PHR apps and the lingering fears of potential data exploitation by private companies (Lounsbury et al. 2021), perceived risks are likely to have a great impact on usage intentions.The failure of Google Health, for example, was largely attributed to Google's inability to build trust with consumers (O'Mara 2015).
Public providers, in contrast, are subject to strict regulations and do not operate for profit (Rainey et al. 2021).As a result, whether users trust a public institution or not may have a lower impact on perceived risks, as users may have confidence that regulations will prevent the misuse of their data.Placing high trust in a public institution will have lesser impact on perceived risks, too, because users might not assume negative intentions of that institution in the first place (Buhr et al. 2022).In a similar vein, the strong regulatory oversight and accountability of public providers should generally instill more confidence in data safety and ethical handling.This is likely to lead to less emphasis on perceived risks in individuals' decision-making on potential adoption.In sum, we argue that the nature of the provider impacts how perceived risks influence user intentions.We hypothesize: Hypothesis 3 The positive indirect effect of trust on intention to use via perceived risks will be stronger for private providers and weaker for public providers.

Perceived Control Pathway and Provider Governance
A construct frequently mentioned in conjunction with the privacy calculus is perceived (privacy) control.Perceived control refers to ''the individual's perception of being able to control access to and use of their information'' (Bartol et al. 2022).While the actual control allows people to choose what and how much data to reveal, it is often the perceived level of control which determines the (disclosure) behavior (Princi and Kra ¨mer 2020).In prior studies, researchers have found a control paradox.People who feel in control of their personal data tend to reveal more information even though the objective risks may increase.Conversely, people who perceive a lower level of control may disclose less information, even though the actual risks associated with disclosure may be lower (Brandimarte et al. 2013).
Privacy control has been extensively studied in relation to various factors, including perceived risks, privacy concerns, and trust.Especially the relationship between trust and perceived control has been explored from different perspectives and in diverse contexts (e.g., Dinev et al. 2016;Fox et al. 2022;Li et al. 2014;Saengchai et al. 2020).While trust and perceived control can be considered as two factors in the same nomological layer influencing privacy concerns (Dinev et al. 2016) and intention to use (Li et al. 2014), they might also influence each other.For instance, Fox et al. (2022) investigated how perceived control influences the perceived trustworthiness in online interactions.Saengchai et al. (2020) examined the mediating role of perceived control in the relationship between citizen trust and the adoption of e-government services.Moreover, Robin and Dandis (2021) found that a lack of trust can be offset by the presence of perceived control.
In the context of this study on a PHR app, we adopt the perspective that provider trust is an antecedent of perceived control rather than an outcome.We assume that individuals already possess a certain level of trust in the provider organization, which subsequently influences their perception of their ability to control their privacy through the PHR app.In our experiment, participants were initially introduced to the provider organization, allowing their trusting beliefs to form, before testing the prototype app and its privacy controls (see Methodology in Sect.3).Therefore, we expect to find a third pathway wherein trust positively influences the perceived control of a mobile health app, and perceived control, in turn, influences intention to use.
We venture into unexplored theoretical territory by hypothesizing an effect of provider governance on this pathway.There are compelling reasons to believe that the influence of trust on perceived control differs between public and private providers, stemming from the distinctive regulatory and competence-related characteristics that set these institutions apart (see Table 1).Since individuals may associate private organizations with the development of better solutions, those who possess high trust in private providers are more likely to believe that these companies act in the best interest of users and thus know how to provide superior privacy controls.Conversely, individuals with low trust are likely to perceive a dearth of robust privacy controls due to the lack of relevant regulations that compel private providers to provide a minimum standard of adequate controls.These differences in perceived controls are likely to translate into greater variance in the intentions to use market-provided PHR app.When private providers are perceived to offer advanced data handling features that enhance the users' control over their own privacy (Walker 2016), then consumers will be more willing to adopt their solutions.Private providers that do not offer these controls, however, are unlikely to find and grow their user base.
In contrast, due to the regulated environment, trust in public providers might be a less of a decisive criterion for users to base their perceptions of privacy controls and usage intentions in.Individuals who have low trust in public institutions can assume that a minimum level of privacy controls will be ensured due to the regulated environment.Users who do trust public institutions may likewise expect privacy controls that meet standard requirements rather than superior features, due to lower perceived competence of public providers in providing advanced privacy features (Hvidman 2019).In addition, since public providers are generally perceived as offering more secure and standardized privacy practices by default (Dinev et al. 2008), users are also less likely to base their usage intentions in the perceived controls for public providers than for private providers.In sum, we suggest that provider governance influences the effect of trust on the perceived control and the effect of perceived control on the intentions to use of a mobile health app.We pose: Hypothesis 4 The positive indirect effect of trust on intention to use via perceived control will be stronger for private providers and weaker for public providers.

Intention to use and Actual Behavior
Understanding the connection between human intentions and actions is no simple undertaking.While a comprehensive approach to technology adoption research should go beyond mere usage intentions, directly measuring actual adoption or usage of a (hypothetical) technology is often difficult in practice.As a result, the intention to use a technology is commonly employed as a more quantifiable proxy for future usage (Venkatesh et al. 2003).This approach is underpinned by the belief that the intention to use a technology effectively forecasts actual usage (Davis et al. 1989) because it reflects an individual's motivational factors and readiness to perform a specific action (Ajzen 1985;Fishbein and Ajzen 1975).
However, it is crucial to acknowledge the recognized intention-behavior gap in this context (Ajzen 1991;Wu and Du 2012).This gap highlights the phenomenon where individuals do not always act on their stated intentions, meaning that intention can be a precursor but does not invariably lead to behavior in form of corresponding actions (Webb and Sheeran 2006).Therefore, technology adoption might be more accurately viewed as a process (Parmar et al. 2022), where the intention to download an app is an essential indicator of potential behavior, but the progression from these intentions to actual behavior involves various factors and is not as straightforward as it might seem.
Despite this gap, research still underscores the crucial importance of intentions as key psychological predictors of behavior (Sheeran 2002), signifying their primary role in forecasting actions.Building on this with established technology acceptance frameworks (Ajzen 1991;Davis et al. 1989), numerous studies have shown that an individual's intentions are significant and reliable indicators of their actual behavior (Pavlou 2003;Shin 2009).This underscores the notion that initial actions, such as downloading an app, are driven by the user's intention to utilize its features and functions (Gokgoz et al. 2021).In alignment with this body of research, we anticipate that the intention to use a mobile health app influences the decision to download it.
Table 2 summarizes the core model variables of this research.As control variables, we consider a number of general traits that can influence an individual's behavioral intention to use a mobile health app: First, privacy awareness is included as individuals who possess a high level of awareness of existing privacy regulations and issues may have lower usage intentions due to their personal disposition to value privacy (Xu et al. 2008).Second, privacy concerns are commonly considered as a variable influencing behavioral intentions (Smith et al. 2011).In line with prior research, all four dimensions of privacy concerns are considered, including collection, errors, unauthorized access, and secondary use (Angst and Agarwal 2009;Smith et al. 1996).Third, the general willingness to disclose personal health data is included as it has frequently been investigated as a dependent variable in privacy research that is closely related to usage intentions (Entreß-Fu ¨rsteneck et al. 2019).In addition, we consider as control variables a set of socio-demographic characteristics of the users, specifically, gender, age, level of education, frequency of health app use, and insurance status.

Methodology
To address our research objective of investigating the impact of provider governance on the behavioral intention to use a mobile health app, we employed a combination of experimental research and survey methods, thereby responding to calls for greater utilization of the online experiment paradigm in IS research (Fink 2022).In the experimental phase, we developed an interactive clickprototype of a PHR app called 'MeineGesundheitsAkte' (i.e., English: 'MyHealthRecord'), drawing inspiration from a range of existing PHR apps available in the German market.The front-end design and features of the app were created based on these reference apps.Subsequently, by relying on this template app, we created four variants, differing only in the displayed logo and data processor declarations (name and address) in the privacy statement.Thus, each variant represented a distinct type of app provider.
For reasons of external validity, we selected four providers that (could) realistically provide a PHR app in the German market.To represent the health authority provider type, we chose the German Bundesministerium fu¨r Gesundheit (Federal Ministry of Health).This choice aligns with the Ministry's majority ownership of Gematik, the operator responsible for the nationwide health information infrastructure in the German healthcare system (Gematik 2022).For the public insurance provider, we selected Techniker Krankenkasse, one of the largest statutory health insurances in Germany in terms of members (Statista 2024).As a representative example of a big company with operations in the healthcare sector, we chose Siemens Healthineers, a medical device company with headquarters in Erlangen, Germany.As a subsidiary of Siemens corporation, Siemens Healthineers has a strong presence in the German market and gained further recognition when it went public in 2021.To represent the startup provider type, we created a fictitious example of a company named digitalhealth labs with its distinct name, logo, and company background.Startups are typically characterized as small and relatively unknown companies.By adopting this approach, we were able to maintain control over the specific characteristics and attributes of the startup provider in our study.Figure 2 showcases four variations of the simulated app, displaying selected screens from a total of 20 different screens.

Operationalization and Experimental Design
Next, we created a survey to measure our research constructs.The items for the constructs of our research model were taken from existing literature (see Table 2), adapted to our context whenever necessary, and translated into German.All constructs were measured using a 5-point Likert scales ranging from 'I don't agree' to 'I agree' (see Table A1 in online Appendix A; available online via http:// link.springer.com).All factors employed reflective measurement models.
For intention to use, we adapted three items from Venkatesh et al. (2003) to the PHR context and added one self-constructed item (''Once the app is available in the app store, I intend to use MyHealthRecord'').Trust in the provider was operationalized through seven items adapted from Malhotra et al. (2004) (e.g., ''I believe that Provider is trustworthy'', with Provider being replaced by one of the four provider names).We also measured the ability, benevolence, and integrity components of trust needed for hypothesis 1. Ability was measured by adjusting the four items from McKnight et al. (2002) to our study context (e.g., ''Overall, Provider is a capable and proficient provider of MyHealthRecord'').Similarly, we adapted three items for benevolence (e.g., ''I believe that Provider would act in my best interest'') and four items for integrity (e.g., ''I would characterize Provider as honest'') from McKnight et al. (2002).Furthermore, we included one self-developed item for benevolence to enhance the measurement.
To measure perceived benefits, we developed four items appropriate for our research context (e.g., ''Overall, using MyHealthRecord would have a positive impact on my life'').Perceived risks were assessed through four adapted items from Li et al. ( 2014) (e.g., ''Overall, the use of MyHealthRecord would be risky'').Perceived control was measured using the four items proposed by Xu et al. (2008) (e.g., ''I believe I have control over who can access my personal health information stored in MyHealthRecord'').
Regarding the control variables, privacy awareness was measured by four items based on Xu et al. (2008).Privacy concerns were assessed by four constructs using slightly adapted items from Angst and Agarwal (2009) about collection, errors, unauthorized access, and secondary use.Willingness to disclose personal health data was measured by using three items based on Entreß-Fu ¨rsteneck et al. ( 2019).In addition, participants were asked to report their gender (female, male, diverse/undisclosed), age (in years), frequency of health app use (on a 6-point scale from daily to never), education level (i.e., their highest type of degree), and insurance status (whether statutory or private) as additional control variables.
We pre-tested our experiment in think-aloud meetings with nine participants, incorporated the feedback and correspondingly fine-tuned our research design.In the final experiment, participants were presented with a short preintroduction to the study background and were told that they would participate in a user study of a new health records app that is under development.Participants were not informed in advance about the actual objective of our study in order to avoid biases regarding their attitudes towards the app.Study participants were then randomly assigned to one of the four provider type scenarios.Subsequently, an introduction explaining the PHR app in more detail was shown, which included more background information about the respective provider (e.g., headquarter location and number of employees).After reading the introduction, participants were presented with an interactive simulated app and were tasked to familiarize themselves with the app's functionalities by clicking through.Participants had to confirm they had understood the app functions before they could proceed.The survey asked about the participants' intentions to use and to download the app (yes/no) directly after interacting with the app, in order to minimize any bias through privacy-related questions.To capture the download decision, we integrated fictious buttons that claimed to redirect the users to the respective app store upon survey completion.Participants then had to pass through the survey by rating the aforementioned construct items.To ensure that participants understood what they are supposed to evaluate, we included screenshots of the app on each page of the survey.Additional questions about demography, frequency of health-related app usage, and health insurance membership were presented at the end of the survey.On the last page, we debriefed the participants about the true purpose of the study and offered all participants to let us know if, with this additional knowledge, they wanted their answers to be erased (no participant made use of this option).

Data Acquisition and Sample Description
The data for this study was collected by recruiting anonymous German participants through Prolific, an online data collection platform known for its good data quality (Peer et al. 2021).The data collection period spanned from April 2022 to April 2023.Participants were eligible to participate if they met the pre-screening criteria, which included being a resident of Germany and having German as their first language.To ensure gender balance, we stipulated that the panel should be equally divided between females and males.Participants who successfully completed the approximately 20-min long survey received a small monetary compensation as token of appreciation for their time and effort.
In total, 314 participants completed the online experiment.To ensure the quality of our data, we included one manipulation check and one concentration check question.The 27 participants that failed the manipulation check (i.e., participants were tasked to classify the presented app by one of the four provider types) and the 1 participant that did not pass the concentration check (i.e., ''Please indicate that you are still concentrated by selecting 'I agree'.'')were removed from the sample, leaving us with a final dataset of 286 participants.With this sample size, a significance threshold of a = 0.05 and power of 0.80, sensitivity analyses indicate that t-tests detect effect sizes of d [ 0.22 and the ANOVA employed for subgroup differences detects effects of f [ 0.20 (Soper 2024).From the full sample of 286, 151 participants completed a questionnaire on a public provider and 135 participants completed a questionnaire on a private provider.
In terms of demographics, the average age of the participants was 31.4 years, and the gender ratio was almost equal (48.3% women and 50.3% men).Participants reported varying levels of education, and the frequency of using health-related apps was rather low.Most participants reported having public health insurance (90.6%), while 9.4% reported holding a private health insurance.A detailed overview of the demographics of the sample is provided in online Appendix B, Table B1.

Measurement Model Assessment
We followed the construct validation procedures by MacKenzie et al. ( 2011) and assessed measurement model validity for our core model (see Fig. 1).Given our focus on testing the differences in trust under Hypothesis 1, we also scrutinized the factor structure for its ability, benevolence, and integrity components.In a first step, we conducted an exploratory factor analysis (EFA) for all core model variables, which confirmed the expected factor structure (see online Appendix C, Table C1).An additional EFA conducted on all trust-related items revealed that the items of benevolence, integrity, and trust in the provider loaded on the same factor.This can be explained by benevolence and integrity being components of trust itself.However, the items of ability loaded on a separate factor.When the number of factors is set to four, the highest factor loadings corresponded with the four different constructs (see online Appendix I, Tables I1 and I2).
As a next step, we assessed our measurement model.We employed the consistent PLS algorithm (PLSc), which corrects for inconsistencies in the estimates for reflective factor models (Henseler et al. 2015).Through the assessment of convergent and divergent validity criteria, we identified the need to remove the secondary use dimension from the control variable privacy concerns, two items from dimension error, one item from dimension collection, and one item from dimension unauthorized access (see online Appendix E, Fig. E1).Items of the core model constructs were not concerned.The resulting model constructs demonstrate satisfactory convergent validity based on the quality criteria recommended by Hair et al. (2019).All constructs surpass the recommended thresholds (Hair et al. 2019), with Alpha values above 0.7, composite reliability above 0.7, and average variance extracted above 0.5, see Table 3.This indicates the robustness of the constructs employed in this research and suggests that all items are sufficiently related to their respective constructs.Despite the privacy awareness-control variable's resulting AVE value (0.495) being slightly below the recommended threshold, we decided to retain it as a control variable since all other quality criteria were fulfilled.
We assessed the discriminant validity for our core model by the Fornell-Larcker criterion and the heterotrait-monotrait (HTMT) ratio of correlations (see online Appendix D, Table D1) and by the CICFA technique proposed by Ro ¨nkko ¨and Cho (2022) (see online Appendix D, Table D2).All construct correlations are lower than the root of AVE, thus supporting the Fornell-Larcker criterion (Hair et al. 2019).In addition, all HTMT ratios are far below the threshold of 0.90 and all CI CFA values are below the threshold of 0.80, thus indicating that our research constructs are statistically different from each other (Henseler et al. 2015).
We also assessed convergent and discriminant validity of the three trust components.While ability, benevolence, and integrity demonstrate convergent validity (see online Appendix I, Table I3), the results revealed limited discriminant validity between benevolence and integrity according to the Fornell-Larcker criterion (see online Appendix I, Table I4).This, again, can be attributed to the nature of ability, benevolence and integrity being components of trust as an overarching concept.A post-hoc analysis of trust and its components is provided in Sect.4.6, to gain more insight into these relationships.

Data Analysis Procedure
After having established measurement model validity, we followed a two-stage approach to estimate the parameters of our structural model and performed a multigroup analysis.The two-stage approach first determines the standardized latent variable factor scores for each construct by estimating the measurement model.These factor scores can then be employed in subsequent analyses such as moderation and subgroup analyses (Henseler et al. 2010).The two-stage procedure is an adequate one since, in our conceptualization, the measurement model is conceptualized as being invariant of the provider group.Consequently, factor scores were utilized for the subgroup analyses and for the assessment of the structural model.To mitigate model complexity issues with the given sample size, the control variables were tested separately.All calculations were performed in SPSS 22 (IBM 2013) and SmartPLS 4.0 (Ringle et al. 2022).

Results
We first tested the hypothesized provider governance differences in trust and its components (H1), before assessing the structural model and performing a multigroup analysis to test hypotheses H2-H4 of our research model (see Fig. 1).

Provider Governance Differences in Trust
The group means and subgroup means in trust, its components, and intention to use are displayed in Table 4, along with their respective test results for mean differences.Note that these factor scores are normalized (i.e., M = 0 and SD = 1 for the full sample).To test for differences on a group level (i.e., public versus private provider governance), we employed t-tests for independent samples.To test for differences on a subgroup level (i.e., provider types: health authority, public insurance, big company, startup), we performed an ANOVA multigroup analysis using Fisher's least significant difference (LSD) post-hoc tests.Fisher's LSD tests works like a t-test for multiple groups in that it uses the pooled standard deviation from all the groups, which gives it more statistical power compared to other post-hoc comparison methods (Williams and Abdi 2010).
Regarding differences in trust in the provider, we find evidence for significant differences in the group means.Group means are significantly higher for public providers than for private providers (0.289, -0.324, t = 5.346, p \ 0.001).This confirms H1: Trust in public providers is higher than trust in private providers.The post-hoc tests on a subgroup level provide a more detailed picture.Not only are the means significantly higher for the health authority and public insurance scenarios (0.295, 0.284, respectively) than for big company and startup scenarios, the mean for the big company scenario (-0.368) is also lower than for the startup scenario (-0.273), though not significantly.Figure 3 illustrates these group and subgroup differences through boxplots.
While this finding of trust in the provider is broadly consistent with its trust components of benevolence and integrity, there are significant differences between public and private providers in the expected direction (see Table 4).However, it is worth noting that for ability, the differences between the provider governance groups are practically in the opposite direction (-0.043 for public, 0.048 for private), though not significantly.An intriguing observation emerges when analyzing the subgroup differences based on the provider type.Both private providers (i.e., big companies and startups) are attributed with a considerable level of ability in the area of PHR apps.However, health authorities are considered to be the least capable (-0.283), while public insurances are attributed with the highest ability (0.189) (online Appendix F offers boxplots for benevolence, integrity, and ability).
To explore how the differences in trust and its components translate into usage intentions (the dependent variable), Table 4 also provides (sub)group test results for intention to use.It shows that the means are significantly higher for public providers (0.115) than for private providers (-0.129, t = 2.070, p \ 0.01).The subgroup test unveil that the health authority and insurance apps receive the highest intention to use (0.208, 0.026, respectively), while the subgroup means for the big company and startup company scenarios are lower (-0.076,-0.189, respectively), although these subgroup differences are only significant   .., Bus Inf Syst Eng 66(3):273-297 (2024) between the health authority and the startup types.Figure 4 illustrates these (sub)group differences in intention to use.Overall, our results support hypothesis H1 for trust, indicating that the type of provider governance (whether public or private) significantly influences the level of trust that users place in the app provider.Specifically, our results show that users tend to have higher levels of trust in public providers of a health record app, while they perceive private providers as less trustworthy.This difference extends to the benevolence and integrity components of trust.However, the hypothesized difference does not hold for ability.Here, we found significant subgroup differences, with health authorities showing significantly lower levels of ability compared to all other groups (public insurances, big companies, startups).These nuanced findings may explain the measurement issues surrounding ability as a trust component and highlight the variations across provider types.

Structural Model Assessment and Pathways
Before proceeding with the examination of our research hypotheses concerning the differential pathways between trust and intentions to use a PHR app, it is essential to assess the validity of the structural model.We used the entire sample (i.e., public and private provider scenarios) and employed bootstrap analysis with 10,000 samples to this end.Table 5 presents the results of the structural model tests, including the results for the public and private provider subgroups.In addition to the significance levels of these path coefficients (b), we report the p-values obtained from the subgroup analyses (i.e., t-test (Chin 2000) and multigroup analysis (Sarstedt et al. 2011)), which allow for an assessment of the statistical significance of the differences between the provider governance groups.
We find that all paths between the endogenous constructs demonstrate statistical significance and align with our expected directions.This provides evidence for the three pathways in which trust in the provider translates into usage intentions, namely through perceived benefits, perceived risks, and through perceived control.The total effects of trust on intention to use confirm that trust significantly influences the intention to use (b = 0.44 *** , t = 8.92, Table 5).Considering the control variables, only willingness to disclose exerted a significant influence on intention to use the mobile health app.

Path Analysis for Public and Private Providers
Having established the existence of three different pathways through which trust translates into usage intentions, we now shift our focus to the analysis of the hypothesized indirect effects of provider governance (H2-H4).The multigroup analysis focuses on examining the differences in the path coefficients in the public versus private provider subsamples (see Table 5 and Fig. G1 in online Appendix G).
Regarding the indirect effect of trust on intention to use via perceived benefits, our results demonstrate a significantly stronger effect for private providers (b = 0.35 *** , t = 5.31) than for public providers (b = 0.18 ** , t = 3.03, p = 0.031).Thus, our findings provide support for hypothesis H2; provider governance alters the pathway in which trust translates into usage intentions via perceived benefits.Additionally, when looking at the direct effects between trustÝperceived benefits, and perceived bene-fitsÝintention to use, we find that all paths are significant  To adhere to model sample size the control variables were tested separately in both groups.As expected, the effect of trust on perceived benefits is significantly stronger for private providers (b = 0.67 *** , t = 12.31) than for public providers (b = 0.42 *** , t = 6.00, p = 0.003).The effect of perceived benefits on intention to use is also stronger for private providers (b = 0.52 *** , t = 6.37) than for public providers (b = 0.42 *** , t = 4.37), although this difference is not significant.
Concerning the pathway through perceived risks, our results reveal a surprising finding: The indirect path of trust on intention to use via perceived risks is not only significantly stronger for public providers (b = 0.18 ** , t = 2.81) than for private providers (b = 0.00, t = 0.04, p = 0.031), but this indirect effect is not significant at all for private providers.While this provides evidence that provider governance alters the pathway in which trust translates into usage intentions via perceived risks, it is the opposite of what we had hypothesized.Therefore, the results do not support hypothesis H3.A closer look at the direct effects between trustÝperceived risks, and perceived risksÝintention to use shows that the negative effect of trust on perceived risks is significant for both, public providers (b = -0.65 *** , t = 12.45) and private providers (b = -0.68*** , t = 8.93), without a significant group difference.However, the effect of perceived risks on intention to use is only significant for the public group (b = -0.27** , t = 3.05), but not for the private group (b = 0.004, t = 0.04, p = 0.022).
Turning to perceived control, we find evidence that the indirect path of trust on intention to use is significantly stronger for private providers (b = 0.20 ** , t = 3.00) than for public providers (b = 0.02, t = 0.63, p = 0.009), for which the indirect effect is absent.Thus, our findings support hypothesis H4; provider governance alters the pathway in which trust translates into usage intentions via perceived control.Looking at the direct paths, the results show that the effect of trust on perceived control is significantly stronger for private providers (b = 0.73 *** , t = 16.52)than for public providers (b = 0.48 *** , t = 6.64, p = 0.001).The effect of perceived control on intention to use is not only significantly stronger for private providers (b = 0.27 ** , t = 3.20), but there is no effect at all for public providers (b = 0.05, t = 0.64, p = 0.026).
The analysis of the total effect of trust on intention to use summarize these findings by showing that the total effects are significantly stronger for private providers (b = 0.55 *** , t = 7.64) than for public providers (b = 0.38 *** , t = 6.51, p = 0.039).As to control variables, we find that willingness to disclose had a significant effect on intention to use in the full sample and for public providers (b = 0.21 * , t = 1.85), although without a significant group difference.Regarding group differences, only the effect of age on intention to use was significantly different between the public provider and private provider groups (p = 0.048), but neither path was significant for either group (public: b = 0.04; private: b = -0.13).For all other control variables, no significant paths or group differences were detected.

Regression of Usage Intentions on Download Decisions
Regarding the download decision (whether a participant wanted to proceed with the download or not), we conducted a logistic regression including the intention to use and all control variables as predictors.The results showed a moderate to strong relationship of the model predictors with the download decision, as indicated by the Nagelkerke and Cox-Snell pseudo R 2 values of 0.509 and 0.375, respectively.The intention to use emerges as the strongest and significant predictor of the decision to download the app (B = 1.577,Wald statistics = 49.827,p \ 0.001).
Examining the odds ratios, an increase of one standard deviation in the intention to use made a user 4.84 times more likely to decide to download the PHR app in our experiment (95% CI [3.13, 7.50]), regardless of the provider type.Furthermore, the willingness to disclose personal data also influenced the download decision (B = 0.536, Wald statistics = 5.590, p = 0.18) with an odds ratio of 1.709 (95% CI [1. 10, 2.66]).The logistic regression model correctly predicted 85.7% of cases with a positive download decision and 69.4% of cases with a negative download decision, resulting in an overall prediction accuracy of 79.4%. 1

Post-hoc Mediation Analysis
Our structural model revealed three indirect effects of trust on intention to use, namely through perceived benefits, perceived risks and perceived control.Following Zhao (2010), we also conducted a post hoc mediation analysis to understand the extent to which these indirect effects mediate a possible direct effect of trust on intention to use.We estimated two different models to test for possible mediation.First, we analyzed the three variables in separate models to extract the mediating effect of each individual potential mediator.The total effect of trust on intention to use was significant with a coefficient of b = 0.578 (t = 11.859,p \ 0.001), and the direct effects were b = 0.338 (t = 5.934, p \ 0.001) for the path via perceived benefits, b = 0.445 (t = 6.648, p \ 0.001) for the path via perceived risks, and b = 0.462 (t = 8.195, p \ 0.001) for the path via perceived control.Regarding the indirect effects, all paths were significant with 1 More comprehensive results are provided in online Appendix H. b = 0.240 (t = 5.364, p \ 0.001), b = 0.132 (t = 2.591, p = 0.005), and b = 0.116 (t = 3.219, p = 0.001) respectively.These results show that when considered individually, all three constructs partially mediate the effect of trust on intention to use, perceived benefits mediating 42%, perceived risks 23%, and perceived control 20% of the total effect.Second, we estimated a mediation model according to Hair et al. (2022) that included all three potential mediators simultaneously.Here, the total effect of trust on intention to use was significant with a coefficient of b = 0.589 (t = 11.856,p \ 0.001) and the direct effect of trust on intention to use when including all three mediators was significant with a coefficient of b = 0.284 (t = 4.301, p \ 0.001).Regarding the indirect effects, perceived benefits partially mediated the effect of trust on intention to use (b = 0.224, t = 4.888, p \ 0.001) with 39% of the total effect, while the indirect effects of perceived risks and perceived control were insignificant (see Table 6).This was as expected, because high correlations between the mediating constructs lead to an omission of the competing effects (see Table C1).That is, the presence of more mediators masks the effect of other potential mediators when considered simultaneously (Hair et al. 2022).

Post-hoc Analysis of Trust and Its Components
We conducted a second post-hoc analysis to investigate how ability, benevolence, and integrity influence the overall trust of individuals in an app provider, and analyzed the relationships between the constructs more in depth (see Figure I1 in online Appendix I).After applying the consistent PLS algorithm, R 2 in trust was 0.736 (adjusted: 0.733), indicating that almost three quarters of the variance in these components is shared with trust.For the full dataset, we found that the effects of benevolence on trust and those of integrity on trust were statistically significant (b = 0.39 *** , t = 7.43 and b = 0.50 *** , t = 9.33 respectively).The path coefficient of ability on trust was close to zero (b = 0.018) and lacked statistical significance (see Table 7), suggesting that ability does not contribute to trust in a health app provider in the context of this study.When analyzing the public and private datasets separately, the paths between benevolence and integrity on trust are significant for both groups, and multigroup analyses reveal no significant difference between them.However, the path of ability on trust in the app provider becomes significant only for the private group (b = 0.13*, t = 2.03), and not for the public group, although multigroup analysis reveals that this difference is not significant.

Discussion
In the light of the ongoing debate surrounding adequate governance approaches to the digitalization of healthcare, the objective of this research was to examine whether and how provider governance has a bearing on the behavioral intention to use a mobile health app and the consequent decision of consumers to download such an app.By means of an online experiment using the case of a newly developed PHR app, we found that whether the provider of the health app is a public or a private institution matters not only for the perceived trustworthiness of this provider, but also for the intentions to use the health app and thus, in turn, for the decision to download it.Drawing on privacy calculus and privacy control perspectives, we developed three hypotheses that capture the differential effects in the strength of the pathways by which trust translates into usage intentions through perceived benefits, perceived risks, and perceived privacy control.
Specifically, we examined provider governance not only as a direct influence on trust (H1), but also as a moderator of the effects of trust on intention to use through perceived benefits (H2), perceived risks (H3), and perceived privacy control (H4).Our findings show that, while trust in private app providers is significantly lower than in public providers providing the same app, trust has a stronger positive total effect on the intention use through perceived benefits and perceived control for private providers than for public providers.Contrary to H3, however, the effect through perceived risks is stronger for public providers than for private providers.Overall, our study holds two important implications for privacy calculus theory and healthcare IS.

Implication 1: Towards a Sectoral Theory of Privacy Calculus and Control
Our study represents a first step towards a sectoral theory of privacy calculus and privacy control that accounts for the contextual differences in private versus public sectors.
Our research thus subscribes to the calls that context matters in the study of trust and privacy phenomena (e.g., Acquisti et al. 2015;Bansal et al. 2016;Chong et al. 2022;Yun et al. 2019).Privacy calculus theory has received widespread attention since the early 2000s in the context of e-commerce research.Since then, it has been used in different areas concerning consumer trust in online interactions with businesses, including social networking (Yun et al. 2019).It is therefore not surprising that the overwhelming majority of privacy studies in IS have (implicitly) taken a private sector context as a premise.Privacy in the highly regulated field of healthcare, however, is arguably more complex than in the traditional playing field of privacy research.This is because, depending on the national health system context, in healthcare there are multiple (public and private) institutions involved in providing healthcare services and processing consumer data (Dash et al. 2019).Moreover, this data can have different levels of sensitivity (Rahman 2019).Previous research in healthcare has considered privacy calculus in either private sector (e.g., Li et al. 2014) or in public sector (e.g., Princi and Kra ¨mer 2020) contexts.The differences between trust and privacy in the interaction with public institutions and private companies, however, have to date not been adequately reflected in the healthcare IS literature.In this spirit, our study supports theory portability of privacy calculus and privacy control theory to the field of healthcare IS.
Our support for the hypothesis that trust has a significantly stronger effect on intention to use via perceived benefits when the provider is a private company as opposed to a public institution (H2) is a first element of this sectoral theory.This finding means that for private providers of health apps, trust is essential to support the perception of consumer benefits, such as improved access to health data, support of their health literacy, better healthcare quality, and improved communication with physicians.Conversely, for a public app provider, consumers base their

123
expectations of benefits to a much lesser extent on their trust in this provider.Our theoretical explanation for this sectoral difference is grounded in institutional trust perspective and a proposed effect of public regulation as a trust-enhancing and trust-substituting mechanism.During the Covid-19 pandemic, for example, consumers adopted tracing apps more widely when they were recommended or even mandated by government regulation (Riemer et al. 2020).Our data show that, while consumers put greater trust in public providers, they have on average the same level of perceived benefits from the public provider's app as they do from the private provider's app.Usage intentions are, again, significantly lower with the private provider's app (Table 4).Our sectoral results suggest that, even if consumers lose trust in the public providers, this will hardly harm the benefit expectations and usage of the app to the same extent as it would for the private provider.
It is thus likely that consumers base their benefit expectation of health apps by public providers on other beliefs than trust, such as the belief in the provider's mission to contribute to the public good (Galetsi et al. 2023;Lounsbury et al. 2021).
The second element of our differential theory of privacy calculus and privacy control can be seen in the findings regarding H4.Trust has a significantly stronger effect on intention to use via perceived control when the provider is a private company; the effect is insignificant when the provider is public (Table 5).Perceived control relates to the belief that the individual can control which other parties (e.g., physicians, insurances, third parties) obtain access to the data, and for which purposes.The perception that consumers can control their privacy when interacting online has been confirmed as an important criterion that drives IS usage intentions, including those in a healthcare context (e.g., Princi and Kra ¨mer 2020).Here, we do not only see an indication for public governance acting as a trust-substituting, but also as a control-substituting mechanism.For private providers, consumers believe to have this control only if they trust the provider.For public providers, in contrast, trust is not a prerequisite to the same extent.More important, however, is the second leg of the pathway.Perceived control does not seem to be a relevant criterion for users to anchor their usage intentions when the provider is public.To put it differently, for public health apps, consumers do not seem to prioritize the presence of privacy controls in their decision to adopt the app, while for private health apps they do.This suggests that public providers are not expected to provide the same level of privacy controls as private providers.
The third and last element of a sectoral privacy calculus theory is given by our unexpected findings regarding hypothesis H3: Trust has a stronger effect on intention to use via perceived risks when the provider is public than when it is private; the effect is insignificant, when the provider is private.This finding is surprising as one could have expected the level of regulation inherent to public governance to have the same trust substitution effect for perceived risks as for the perceived benefits and controls.Delving deeper into this path, it is evident that the lack of significance observed for private providers can be attributed to the insignificant direct effect of perceived risk on intention to use (Table 5).In other words, for private providers, privacy risks did not have an effect on intention to use the health app evaluated in our study.On the one hand, this finding contrasts with the literature that has found perceived risks as a central predictor of usage intentions in private sector contexts, including in healthcare (e.g., Li et al. 2014;Nicolaou and McKnight 2006).One possible explanation could be that the high risks inherent to the context of healthcare data are already factored into users' intentions, regardless of the perception of these risks.An alternative explanation could be that in the light of the comparatively high perceived benefits of healthcare apps from private providers, potential users of health apps base their calculus solely on these benefits and tend to disregard the risks.Further research is warranted to explore which of these possible explanations holds true for private providers of health apps.On the other hand, the privacy risk part of the calculus turns out to be highly relevant for apps from public providers.Hence, risk perceptions can apparently not be mitigated through regulation and public governance.It might be rooted in the psychology of the individual that fears of data loss and data misuse cannot be mitigated by the fact that the other party is a trusted and regulated institution (Lounsbury et al. 2021).The perceived lesser ability of public providers might imply that users may be particularly concerned about their data being compromised by third parties if it is stored with public providers.Overall, our H3 finding contributes to the debate on policy approaches in healthcare digitalization by teasing out a new boundary of public governance for health technology adoption.Users apparently need to trust public institutions as much as they need to trust private institutions to become convinced that their data is securely and privately stored, and this perception is even more crucial here for their usage intentions than with private providers.
In sum, our findings suggest that private providers of mobile health services can translate users' trust into usage intentions by strengthening the benefits and control perceptions of their health apps.Public providers, in contrast, can proactively strive to attract users by addressing and lowering the perceived risks of their offerings.The overarching theoretical implication is that we provide a nuanced picture of how privacy calculus and privacy control theory apply to public sector healthcare IS as opposed to the predominantly studied setting in private sector (i.e., business) contexts.Public governance and regulation act as partial substitutes for trust in relation to the positive drivers of usage intentions while exacerbating the role of perceived risks, as our sectoral privacy calculus and privacy control perspective suggests.

Implication 2: Reconsidering Ability as a Trust Component
Second, our study questions the notion of ability as a necessary component of institutional trust, particularly in the context of healthcare digitalization.Previous trust research in IS has conceptualized ability, defined as the competencies, skills, and task-related activities that enable the trustee to succeed in a specific domain (Becker et al. 2014), as one of the three important components of institutional trust, next to benevolence and integrity (Mayer et al. 1995).Although this tripartite conceptualization has received wide recognition, researchers have also encountered problems with its operationalization.For example, So ¨llner et al. (2010) found that integrity was not a significant trust component in the context of mobile phone services.In our study of mobile health apps, ability did not prove to be a significant component of trust in a mobile health provider, although both constructs, trust and ability, taken by themselves demonstrated psychometric validity.
We argue that the non-significance of ability in the context of trust in a mobile health app provider, as demonstrated in our post-hoc analysis, is not a product of randomness or error, but indicative of the dilemma we face in the healthcare context, specifically in the market like the one that was studied (Germany).While consumers still have relatively high trust in public authorities and believe in their integrity and benevolence, they have somewhat lost faith in the government's capability to effectively deliver mobile health services, such as a PHR, to all citizens.This sentiment is clearly reflected in the subgroup means for H1, where trust in the public health authority significantly surpasses that in both private providers, while perceived ability of the public health authority is significantly lower than that of both private types (and also lower than the public insurance type, see Table 4).Germany, in particular, has a history of slow progress in healthcare digitalization with regards to publicly provided infrastructure (Blu ¨mel et al. 2020;Retiene 2022).
While ability was not associated with trust for public providers, we found a weak association for private providers (Table 7).The key theoretical implication is that institutional trust and ability are not always and in any case correlated.This challenges the assumption that institutional trust can be universally specified through the three components of ability, integrity, and benevolence.Thus, there is a need to be aware of the context when studying the components that potentially form trust in institutions and providers of health IS services.In healthcare digitalization, consumers may trust certain parties although they do not consider them as able (e.g., governments), while conversely, they might distrust others (e.g., companies), whom they perceive as more competent in delivering effective digital health services.Thus, our research unveils a novel trust-ability dilemma in the context of healthcare digitalization that warrants future exploration.

Limitations
The generalizability of the research implications is constrained by the following limitations.First, since healthcare is an inherently complex field subject to specific cultural and regulatory conditions, we focused on one specific market (Germany) and one specific app (a PHR) to keep these conditions constant.Trust in public versus private organizations and its relative effects on usage intentions might be weighed differently by users from other national contexts, depending on the specific mobile health app.Second, we deliberately excluded healthcare providers as a provider type, since healthcare providers (e.g., hospitals) are unlikely to provide PHR apps in the market that was studied (Germany).Third, although we included a set of control variables, there is a possibility that additional variables outside the scope of this study could have an effect on the intention to use a PHR.
Fourth, while our sample was fairly balanced in terms of gender, the average age of the participants was relatively young, with 31.4 years.A more balanced sample in terms of age distribution may have yielded different results.Fifth, to operationalize the two provider governance types for the purpose of our online experiment, we chose four specific entities and labels.Although we have argued how and why each of these entities adequately represents the two governance types, it is possible that participants of our experiments would have rated the study variables differently, had we chosen other entities and labels.Sixth, our sample was acquired using the online platform Prolific, which may imply certain self-selection biases to our sample beyond the factors we were able to control for.
Seventh, participants of our study were exposed to a simulated PHR app that was presented to them as a genuine app under development, which may limit the external validity of our research.Eighth, our study uses downloading as a proxy for app usage, mainly highlighting initial adoption of PHR apps and neglecting to understand long-term usage.Future research should explore what drives both initial downloads and ongoing, effective use of PHR apps for (sensitive) health data management.Lastly, our cross-sectional user data only ascertains statistical association, not the causality that is inherent to our theorizing and hypotheses.

Practical Implications
Similar to many other countries, the recent plans in Germany to expand the nationwide health infrastructure through PHRs (the ePA) have sparked ongoing debates concerning the potential benefits and risks, with adoption levels remaining minimal (Schrahe 2021).The findings of our study advocate that public stakeholders step up their efforts to promote the implementation and provision of nationwide PHRs through publicly governed digital infrastructures.Despite a frequently noted institutional trust paradox (Rothstein and Stolle 2008), our research demonstrates that users in Germany place significantly higher levels of trust in public providers to manage their personal health data compared to private companies, including big companies and startups.These findings starkly contrast with studies conducted in other countries, such as the US, that have evidenced distrust toward government involvement in the sharing of health data (Anderson and Agarwal 2011).Hence, our research reinforces the notion that in the sphere of European healthcare, publicly regulated providers are viewed as the most reliable stewards of health data.
Second, our study informs public and private providers about the mechanisms through which they can sustain and increase people's intentions to adopt mobile health apps.In particular, private providers should prioritize the promotion of the application's health management benefits and its privacy controls.Conversely, public providers ought to concentrate their efforts on addressing the perceived risks associated with the application.Regarding the German ePA implementation, it stands to reason that insufficient information about the measures to mitigate privacy and security threats may have been one of the key factors that hindered the widespread acceptance of the PHR in Germany in the past.In this sense, we hope that our study can provide an impetus for stakeholders to design more user-centric PHR apps and complement these with effective communication strategies for a positive change.

Conclusions
Mobile health apps play a crucial role in the future provision of care, with a notable surge in the number of publicly and privately governed apps entering the market.In an effort to investigate how app provider governance influences PHR usage intentions, this study developed a sectoral theory of privacy calculus and perceived control, which was tested in an online experiment with a sample of potential users of a PHR app in Germany.Our results provide evidence of a partially trust-substituting effect in public sector: While public providers exhibit higher levels of trust and lower levels of ability than private providers, this trust alone is not as crucial for creating perceived benefit and control expectations in users as it is for private providers.However, trust remains a more critical factor for mitigating perceived privacy and security risks for public providers than for private providers.In addition to contributing to the ongoing debate regarding the governance for health technology adoption, our research also challenges the assumption that trust is always associated with ability, particularly in a public sector context.Healthcare regulators and app providers can glean insights from our study regarding the technology and communication levers through which they can effectively enhance the widespread acceptance and usage of their mobile health offerings.

Fig. 2
Fig. 2 Example screenshots of the simulated PHR app

H
Fig. 3 Boxplot of trust in the provider for Provider Governance and provider type

Fig. 4
Fig. 4 Boxplot of intention to use for Provider Governance and provider type

Table 1
Provider governance and provider type conceptualization

Table 3
Internal consistency and convergent validity criteria

Table 4
Group and subgroup means and differences (T-Tests and ANOVA)

Table 6
Mediation analysis