2014 ISECON Proceedings
Baltimore, Maryland

Paper Titles | Authors | Tracks | Best Papers | Abstracts | Panels | Teaching Cases
Workshops Lead By Academic Professionals | Workshops Lead by Industry Professionals
Conference Highlights / Program

Abstract Presentations

Abstract Chair - Michael Smith
Georgia Technical University

(ordered by presentation time)

A Perception Study of Bullying Prevalence in the Information Systems Profession

James Lawler
Pace University

John Molluzzo
Pace University

Friday - 11/7/2014 in Camden 1 at 11:45 am

A Perception Study of Bullying Prevalence in the Information Systems Profession James P. Lawler and John J. Molluzzo Pace University Abstract Bullying is behavior consisting of deliberately harming or humiliating an individual in a palpable or perceived imbalance of power. Bullying is perceived to be omnipresent in business firms and especially prevalent in entrepreneurial firms in information systems and in departments of information systems in the business firms. Cited entrepreneurialism and even narcissism of personalities in the information systems profession may be perceived as prone to bullying. The incompetency of managers not proficient in the minutia of projects, the micro-management of projects, and the inevitability of power politics on projects may be perceived as prevalent settings for bullying in the profession. The impact of bullying in cultures and environments of firms hostile to individuals limits the performance of individuals in the information systems profession if bullying is prevalent in firms, a concern for the authors of the study. The study will evaluate bullying in the information systems profession. The methodology of the study will involve scans of academic and industry literature from 2005; a Likert-like perception survey of information systems professionals in departments of information systems in business firms and in entrepreneurial firms who graduated from the Seidenberg School of Computer Science and Information Systems of Pace University in New York City in 2010 – 2014; and a focus group and a Likert-like perception survey of part-time information systems students in the firms who will graduate from the university in 2015 – 2019. The study will be focused on learning if the evolving literature on the perceived prevalence of bullying in the information system profession is realistic if not rampant. The study will highlight the prevalence or non-prevalence of bullying by demographic populations and incident types and by perpetrator sources and victims. The findings of the study will be published in spring 2015. The findings will benefit educators in instructing students in profession realities of bullying, dependent upon the dimensions of the prevalence of the bullying found in the study. The findings of the study will benefit educators in information systems in the protocol of professional responsibilities of information systems students on project teams. The role of by-stander interventionists in the information systems profession in bullying resolutions will be clarified for educators and students. The role of information systems professionals in organizational social settings will be explored for the students, so that they are sensitive to others and not mere technologists. Lastly, this study will influence reflection on a problem that is perceived to be impacting negatively the productivity of the information systems profession in industry and is therefore timely.

Assessing Critical Thinking Skills in Online and Face-to-Face Platforms for an Interdisciplinary General-Education Science Course

Li-Jen Shannon
Sam Houston State University

Steven Koether
Sam Houston State University

Matthew Rowe
Michigan State University

Marcus Gillespi
Sam Houston State University

Friday - 11/7/2014 in Camden 2 at 11:45 am

College students appear to be failing to develop critical thinking skills in traditional university science courses. The Foundations of Science, an interdisciplinary general-education science course, was developed to improve students’ critical thinking and scientific literacy skills. The course encourages students to apply key scientific facts, concepts, laws and theories; recognize logical fallacies; distinguish science from pseudoscience; and recognize psychological factors that might influence their decision making abilities. The course attempts to accomplish this by analyzing a variety of claims using the collaborative evaluation of case-studies. Students in face-to-face sections of the course have shown consistent significant increases in critical thinking skills for over five years. The purpose of this quasi-experimental study was to see if the course maintained a positive change in critical thinking skills in a fully online platform. Online and face-to-face versions of the course were assessed, in a pre- vs. post-assessment design, with the Critical Thinking Assessment Test. The instructor and course content were consistent in the two platforms. Both online and face-to-face sections showed significant increases in critical thinking skills. Demographic data was not consistent between the two platforms. The results suggest that it is possible to effect positive change in critical thinking skills in an online platform.

The Comparative Advantage of Using Introductory Economics Courses to Integrate Excel Across Business School Curriculum

Gerald Prante
Lynchburg College

Eric Kyper
Lynchburg College

Saturday - 11/8/2014 in Lock Raven 2 at 4:15 pm

Microsoft Excel is arguably the number one computer program that potential employers require of entry-level business school graduates. Because of this importance in the job market, undergraduate business school faculties often seek to incorporate Excel projects into the curriculum. One of the challenges facing business school faculty is that students often enter upper-level business courses with disparate levels of Excel knowledge, including some students that lack even basic skills. In an ideal world, all students would enter 300 and 400-level business courses with a sufficient level of Excel proficiency. The question facing many business schools is where in the curriculum should students be expected to obtain such proficiency. One common solution is to have a lower level course dedicated to just Excel (or Microsoft Office). One drawback to this solution is that many students lose the skills they acquire before their upper level courses. Furthermore, adding additional courses to the curriculum can be costly. On the other hand, expecting students to gain proficiency on their own is fraught with issues ranging from student inability to lack of direction as to which skills are important. In this paper, we lay out a series of small Excel projects that allows business school students to learn introductory Excel skills via applications in the earliest two classes that most business school students complete: principles of microeconomics and principles of macroeconomics. The assignments are structured in a way that students' Excel skills progress throughout the semester. Additionally, the assignments are sequenced in a way that matches the typical semester schedule of introductory economics courses. Because microeconomics and macroeconomics are not necessarily pre-requisites for one another (varies by school), both the micro and macro courses begin with an assumption of little prior Excel knowledge. While this paper focuses specifically on how Excel can be incorporated into introductory economics courses, this project is part of a broader effort to incorporate continuous integration of Excel throughout the business curriculum, which we believe will lead to both a broader range of skills and better retention/mastery of learned skills compared to the existing ad hoc approach. The flow chart below outlines this plan, classifying specific Excel skills into four categories (data organization, functions, tools, and presentation) and identifies where in the business school curriculum students would attain each skill. The desired Excel skills were identified based on employer and faculty feedback. Once the implementation of this new curriculum is completed, we expect to see a change in upper level Excel knowledge and skills. We already have course and student assessment data at the upper level related to Excel. Furthermore, because intermediate courses like finance and operations management already incorporate Excel into the curriculum, we expect to see a significant positive return from simply improving Excel skills at the introductory level as these intermediate courses will no longer be required to play “catch up.” Ultimately the success of this project will be determined three years out (freshman/sophomores to juniors/seniors) when we expect to see a marked improvement in upper level skills.

Examining the challenges of using IT in Health Care Organizations.

Prashanth Reddy
Towson University

Saturday - 11/8/2014 in Camden 1 at 4:45 pm

Examining the challenges of using IT in Health Care Organizations. Prashanth Reddy Computer Science Department Towson University preddy1@students.towson.edu Abstract The Healthcare Information Technology (HIT) is an area of Information Technology that has come to lime light because of American federal law. Information Technology (IT) community is less aware of HIT and workflows within a Healthcare organization contrary to core software development organization. This paper illustrates the role of Information Technology in health care organizations, by analyzing the current HIT development life cycle, current issues identification and the role of HIT in addressing the issues. Keywords: Health Care, information technology product-line engineering, safety analysis. Introduction The health care field has been subject to many kinds of innovations and developments, when people presented their ideas that required changes such an introduction of new technology, development of new systems and making changes to the existing systems to health care units. The demand for improved patient care as well as improved efficiency in the delivery of health care has increased dramatically in recent years. According to Porter & Lee (2013), the days of health care business as usual are over, the transformation to value-based health care is well under way, and some organizations are still at the stage of pilots and initiatives in individual practice areas. During this transition from paper to electronic age, number of challenges and issues confront patients' care. Around the world, health care system and practices are struggling with rising costs and uneven quality despite the hard work of well-trained clinicians and non-clinicians. Health care leaders and policy makers have tried countless incremental fixes attacking fraud, reducing errors, enforcing practice guidelines, making patients better “Consumers”, implementing electronic medical records but none has had much impact (Porter & Lee, 2013). Although we acknowledge the many improvements in quality and outcomes that have occurred in recent years, we believe that the aging population and increased prevalence of long term conditions require a change in thinking and action that goes well beyond arguments about how to improve the performance of the existing system and how health care services are organized and delivered (Ham, 2012). The importance of patients' privacy in current global health care organizations has been widely discussed and is still undisputed. Researchers should aim to explore the link between individual privacy perception and institutional privacy assurances. Investigating privacy issues requires researchers to identify the root causes of privacy concerns (Xu, Dinew, Smith & Hart, 2013). Patients personal health information is not utilized to its full potential to provide effective and efficient care, due to fragmented information creation and storage. Some health information systems are typically isolated within hospitals, physicians practices, and laboratories. Health care leaders, professionals and policy makers identify exchanging patient health information across different entities as the best solution to these problems. Still, collecting personal health information into a single repository causes security and privacy concerns from patients and usage concerns from providers (Vest & Gamm, 2012). The adoption of information systems has been described as an organization's decision to acquire a technology and make it available to the users, adoption of IS in health care IT is critical (Mantzana, Themistocleous, Irani & Morabito, 2007). Most familiar principle in business management to measure the improvement in any field requires measuring and evaluating the outcome along with the costs. Indeed rigorous measurement of value (outcomes and costs) is perhaps the single most important step in improving healthcare. (Porter & Lee, 2013) Conclusion: In order to achieve the best outcome of the implementation of electronic medical records, now it’s time for implementing fundamental new strategies to fix health care issues. It will require thorough research, involvement of health care leaders, restructuring health care delivery is organized, measured and reimbursed. Every organization still has some room for improvement in value for patients, and always will. References 1. Ham, C., Dixon, A. & Brooke, B. (2012). “Transforming the delivery of health and social care”, The King’s fund, 1-61. 2. Mantzana, V., Themistocleous, M., Irani, Z & Morabito, V. (2007). “Identifying health care actors involved in the adoption of information systems, European Journal of Information systems, 16, 91-102. 3. Porter, M. & Lee, T. (2013). “ The strategy that will fix health care”, Harvard Business Review. 4. Vest, J. & Gamm, L. (2012). “Health information exchange: persistent challenges and new strategies”, Journal of American Medical Information Association, 17, 288-294 5. Xu, H., Dinew, T., Smith, J and Hart, P. (2011). “Information privacy concerns: Linking individual perceptions with institutional privacy assurances”, Journal of the association for information systems, 12, 798-824.

The Process of Transforming a Microcomputer Usage Course into a General Education Credit Course

Ewuuk Lomo-David
North Carolina A&T State University

Sherrie Cannoy
North Carolina A&T State University

Saturday - 11/8/2014 in Camden 2 at 4:45 pm

This paper describes the process of transforming a microcomputer usage in business course into a general education requirement option. The microcomputer usage course at this university involves teaching computer concepts and Microsoft Office applications (Word, Excel, Access, and PowerPoint). The students who take the course are generally freshmen and sophomores. General education goals have evolved to include “civic responsibility and social understanding” (Wehlburg, 2010, p. 9). Distinguishing general education and major courses as separate entities “does a disservice to the student” because general education should be integrated into the major curriculum (Wehlburg, 2010, p. 3). This integration can enable the “transfer of learning” so that students gain a richer foundation of knowledge (Wehlburg, 2010, p. 10). Studies have also shown that faculty who teach general education credits utilize methods which emphasize deeper and more reflective learning by students (Laird & Garver, 2010). Several studies have specifically addressed general education in the computing field (Cutts et al, 2011, Dierbach et al, 2011, Williams, 2011) The motivation to pursue a general education credit was to incorporate general education topics into the course within the business context, which would provide a broader background for students to apply their skills. Another reason to go through the process was to provide a larger population of students with an introduction to these software packages. The general education class credits are approved by the Faculty Senate curriculum committee. Classes proposed as general education credits must have documented components that measure specific objectives in a chosen cluster. The general education components and how they are assessed should be clearly outlined in the course syllabus. The cluster that fit closely for the microcomputer usage course was Social and Behavioral Sciences. An integrated portfolio project was developed to measure students’ knowledge in applying computer skills to topics in the social and behavioral sciences area. The integrated project consists of individual projects such as creating a report in Word, manipulating and creating spreadsheets in Excel, creating a new database in Access, and developing a PowerPoint presentation. A theme which relates to both social and behavioral sciences and business is given to the students and each of these projects incorporates the same theme. For example, the theme may be about microfinance to help third-world entrepreneurs. The Word report would describe microfinance as well as information about entrepreneurs in third-world countries from a microfinance site such as Kiva. The Excel sheets would report data about microfinance, entrepreneurship, or related data such as the poverty rate in countries around the world. The database would manipulate data about microfinance loans and about the entrepreneurs, and the PowerPoint presentation would describe what the student has learned about microfinance through the projects. Since there are multiple sections of the microcomputer usage class, a standard rubric was created to measure both the application of computer skills for each software package and how well the students incorporated the content from the social and behavioral sciences area. The assessment data is reported each semester to the university for reaccreditation purposes.

Massive Digitization of Patient Records Brews Electronic Cankerworms in Healthcare Provision

Ewuuk Lomo-David
North Carolina A&T State University

Saturday - 11/8/2014 in Lock Raven 2 at 4:45 pm

Track: IS Integration with other disciplines. The legal requirement Health Insurance Portability and Accountability Act (HIPAA) enacted in August 1996 mandates the protection of “individually identifiable health information held by covered entities.” (US Department of Health and Human Services, 2014). Covered entities are of three categories: 1) health care providers e.g. doctor’s offices, 2. health plan e.g. health insurance companies, and 3) health care clearinghouses e.g. “entities that process nonstandard health information they receive from another entity into a standard electronic format.” The primary purpose of HIPAA is to provide the legal support against unscrupulous health information handling entities that may take individual health data for granted. To help HIPAA relate directly to the vulnerability inherent in electronic transmission of health information because of data breaches, the Health Information Technology for Economic and Clinical Health Act (HITECH Act) (13402(e)(4)) was enacted on February 17, 2009. This strengthened HIPAA and mandated that covered health care entities must report breaches of unsecured protected health information affecting 500 or more individuals to the Secretary of the Department of Health and Human Services (HHS) who, in turn, must publicize them its website. Introduction: The incessant incident of data breaches that plaque corporate America is almost weekly episodes of some strange nightmare. A recent information breach that caught widespread attention is the one that affected 40 million customers’ credit cards in the second largest retail organization in US – Target Corporation (Alexander & Bjorhus, 2013). That incident eventually led to the resignation of the CEO of Target, Mr. Stanhafel (Malcom, 2014). In October 2013, Adobe Systems was hacked, leading to the compromise of more than 2.9 million records of Adobe users (Kocscieniewski, 2013). In the same year, the University of Maryland information breach affected more than 300,000 stakeholders on February 24, 2013 (Svitek & Anderson, 2014). The revelation that the data compromise dates back to 1998 shocked the university population. In the health care industry, information breaches are more widespread than one would think. In 2010, vital health information of 6,800 patients of New York Presbyterian Hospital and Columbia University were inadvertently left unprotected online (Friedman, 2014). HHS fined the two institutions $4.8 million. The current (Health and Human Services Department , 2009) prediction is that the health care industry will produce an alarming number of consumer data breaches in 2014, (Carr, 2014), as reported on data provided from (Experian, 2013). The primary reason, I deduce, for this dire prediction is that health care is a colossal industry and vulnerable because of massive digitization of health information and the complacency of employees. The purpose of this paper is to compare data breaches between health care providers and health plan organizations. Result from this study seem to indicate that massive amounts of fines from the Office for Civil Rights and massive law suits have arisen because of the exposure of patients' information and the opportunity created by ease of access. Bibliography Alexander, S., & Bjorhus, J. (2013, December 20). Target says breach may affect 40 million credit, debit cards. Minneapolis StartTribune. Retrieved February 27, 2014, from Star Tribune: www.startribune.com Carr, D. F. (2014, May 16). Health Data Breaches to Surge in 2014. Information Week. Retrieved May 27, 2014 Experian. (2013). Is Your Company Ready for Big Data Breach. Experian Data Breach Resolution. Retrieved May 27, 2014, from http://www.experian.com/assets/data-breach/brochures/databreach-preparedness-study-v3.pdf Friedman, L. (2014, May 9). Hospital to Pay Millions After Embarrassing Data Breach Put Patient Info on Google. Retrieved May 27, 2014, from http://www.businessinsider.com/new-york-presbyterian-columbia-hipaa-settlement-2014-5 Health and Human Services Department . (2009). Health Information Technology for Economic and Clinical Health Act. Washington DC: U.S. Department of Health and Human Services. Retrieved May 24, 2014, from http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html Kocscieniewski, D. (2013, March 3). New York Times. Adobe Systems Security Breach. New York. Retrieved May 13, 2014, from http://www.nytimes.com/2003/10/04/technology/adobe-announces-security.breaches.html?_r=0 Malcom, H. (2014, May 5). Target CEO Out as Data Breach Fallout goes on. USA Today. Retrieved from http://www.usatoday.com/story/money/business/2014/05/05/target-ceo-steps-down/8713847/ Svitek, P., & Anderson, N. (2014, Februaty 25). U-Md Computer Security Breach Exposes 300,000 Records. Washington, Washington D.C., USA: Washington Post. Retrieved May 13, 2014, from http://www.washingtonpost.com/local/college-park-shady-grove-campuses-affected-by-university-of-maryland-security-breach/2014/02/19/ed438108-99bd-11e3-80ac-63a8ba7f7942_story.html US Department of Health and Human Services. (2014, May 27). U.S. Department of Health can Human Services. Retrieved from U.S. Department of Health can Human Services: www.hhs.gov

An Innovative Approach to Information Security and Digital Crime Interdisciplinary Studies.

Petter Lovaas
Niagara University

Suzanne Wagner
Niagara University

Saturday - 11/8/2014 in Severn I at 4:45 pm

Information security officers plan and implement security measures to protect an entity’s information and assets. The responsibilities for these specialists are continually expanding as the number of informational threats increases and technology changes. As a result, the scope of attacks broadens to encompass national and global targets. Employment of information security officers is projected to grow 37 percent from 2012 to 2022; this is at a faster rate than the average for all occupations. “Demand for information security analysts is expected to be very high as these analysts will be needed to come up with innovative solutions to prevent hackers from stealing critical information or creating havoc on computer networks” (US DOL, Bureau of Labor Statistics, May 7, 2014, http://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm). Academic programs prepare individuals to assess the security needs of network systems, and develop and implement solutions to maintain security. Several programs nationwide are interdisciplinary, combining information security expertise with business and mathematical approaches with an application designed for organizations. Successful information security programs are designed to prepare students to have an understanding of general information security proficiencies in computer architecture, programming, systems analysis, networking, telecommunications, cryptography, and security system design. The increase of security breaches into national/global corporations and in particular its effect on the US Critical Infrastructure, governmental agencies are indicating the need for security specialists to have command of applicable law and regulatory requirements, risk assessment, policy analysis, contingency planning, and broader investigation techniques. The authors propose the development of a unique interdisciplinary graduate program in information security encompassing information technology expertise combined with expertise in the field of criminal justice. The information security curriculum would broaden the scope of an information security specialist to include legal analysis, policy development, crime investigation and other areas drawn from the field of criminal justice in an effort to design a curriculum model that meets the demands at the national/governmental and global level.

What's the Price of Privacy? A Study of the Perceptions of College Students and Industry Professionals on the Costs of Information Privacy

Philip Kim
Walsh University

Richard Metzer
Robert Morris University

Robert Agnor

Joseph Homan
Cornerstone Consulting

Jennifer Breese-Vitelli
Robert Morris University

Saturday - 11/8/2014 in Severn II/III at 4:45 pm

Information privacy issues have been garnering national and international headlines recently. From Julian Assange’s WikiLeaks to former CIA and NSA computer professional Edward Snowden’s leaked documents, to the release of Donald Sterling’s racist rants and the subsequent lifetime ban from the NBA, the landscape and expectation of information privacy is rapidly changing. According to a recent poll by the Pew Research Internet Project, almost 60% of internet users “do not believe it is possible to be completely anonymous online” [8, p.2]. Most students and industry professionals rely on the internet, e-mail, electronic documents, databases, and social media websites to communicate and interact with one another [2]. The role of Web 2.0 collaborative technologies (e.g., wikis, blogs and micro-blogging platforms) continues to grow within a social as well as professional setting [4]. For example, wikis can be used to facilitate knowledge management, and both synchronous and asynchronous communication within a team-based learning environment. Research has shown the benefits of using wikis and blogs in the classroom. Students are familiar with the technology and the learning curve is relatively short [1]. This study will further explore if the use of internet technologies impact the perceptions and practices of information privacy. It has been well documented that millennial students are very familiar with Web 2.0 technologies, especially the dynamic and instantaneous communication platforms provided by Facebook and Twitter [3; 9]. With the integration of social media networks in corporate settings, there are less distinct boundaries between work and social communication. And yet, there is clearly an expectation of privacy security among some Internet users [6]. However, several studies indicate that while everybody wants privacy when it is free, when they are given a choice between paying a small fee for additional privacy or pay nothing for unsecure access, most choose the latter [5; 10]. Are there differences in perceptions and practices of students versus industry professionals as it relates to information privacy? “The latest national survey by the Pew Research Center and the Washington Post… finds no indications that the government’s collection of phone records and internet data have altered fundamental public views about the tradeoff between investigating possible terrorism and protecting personal privacy” [7, p.2]. This research will examine the perceptions, attitudes, and practices of information privacy among students and industry professionals. The proposed study population will include traditional undergraduate and graduate students within both the on-ground and e-learning course delivery modes as well as industry professionals across various backgrounds.