Journal article
Taking stock of organisations' protection of privacy: categorising and assessing threats to personally identifiable information in the USA
European journal of information systems, Vol.26(6), pp.585-604
11/01/2017
Handle:
https://hdl.handle.net/2376/114000
Abstract
Many organisations create, store, or purchase information that links individuals' identities to other data. Termed personally identifiable information (PII), this information has become the lifeblood of many firms across the globe. As organisations accumulate their constituencies' PII (e.g. customers', students', patients', and employees' data), individuals' privacy will depend on the adequacy of organisations' information privacy safeguards. Despite existing protections, many breaches still occur. For example, US organisations reported around 4,500 PII-breach events between 2005 and 2015. With such a high number of breaches, determining all threats to PII within organisations proves a burdensome task. In light of this difficulty, we utilise text-mining and cluster analysis techniques to create a taxonomy of various organisational PII breaches, which will help drive targeted research towards organisational PII protection. From an organisational systematics perspective, our classification system provides a foundation to explain the diversity among the myriad of threats. We identify eight major PII-breach types and provide initial literature reviews for each type of breach. We detail how US organisations differ regarding their exposure to these breaches, as well as how the level of severity (i.e. number of records affected) differs among these PII breaches. Finally, we offer several paths for future research.
Metrics
14 Record Views
Details
- Title
- Taking stock of organisations' protection of privacy: categorising and assessing threats to personally identifiable information in the USA
- Creators
- Clay Posey - Department of Management, College of Business AdministrationUniversity of Central FloridaUzma Raja - Department of Information Systems, Statistics, and Management Science, Culverhouse College of CommerceThe University of AlabamaRobert E Crossler - Department of Management, Information Systems, and Entrepreneurship, Carson College of BusinessWashington State UniversityA. J Burns - Department of Computer Science, College of Business and TechnologyThe University of Texas at Tyler
- Publication Details
- European journal of information systems, Vol.26(6), pp.585-604
- Academic Unit
- Management, Information Systems, and Entrepreneurship, Department of
- Publisher
- Taylor & Francis
- Identifiers
- 99900547446901842
- Language
- English
- Resource Type
- Journal article