Skip to main content

Table A2 Questionnaire

From: Deterrence approach on the compliance with electronic medical records privacy policy: the moderating role of computer monitoring

Constructs

Items

Source

Sanction severity

My hospital disciplines employees who break EMR privacy rules

Herath & Rao [15]

My hospital terminates employees who repeatedly break EMR privacy rules

Sanction certainty

If I don’t follow EMR privacy policies, I will be penalized

Siponen & Vance [46]

Siponen et al. [38]

I would be formally sanctioned if management learned that I had violated EMR privacy policy

I would be formally reprimanded if management learned that I had violated EMR privacy policy

Computer monitoring

I believe that my hospital monitors any modification or altering of EMR by employees

D’Arcy et al. [14]

I believe that my hospital monitors EMR usage activities to ensure that employees are performing only explicitly authorized tasks

I believes that my hospital reviews logs of employees’ EMR usage activities on a regular basis

Intention to comply with EMR privacy policy

I intend to continue complying with EMR privacy policy in the future.

Venkatesh et al. [47]

I will always try to comply with EMR privacy policy in my daily life.

I plan to continue to adhere with EMR privacy policy frequently.