Search results

The purpose of this paper is to study how employee representatives in European Works Councils (EWCs) treat confidential information and how such strategies might improve the EWC functioning.

Building on interviews of several case studies of EWCs, this paper brings together insights from industrial relations and occupational psychology literature.

The results show that through actively challenging the management, an EWC can reduce the amount of information labelled as confidential and become freer to communicate with their rank and file. Actively challenging management, however, does not seem to impact the openness of the management to give early and complete information.

The paper is based on several case studies, which limits the generalisability of the findings. The results, however, indicate that research is required on how challenging confidentiality can incite managements to provide earlier information.

The research show clearly the potential but also limitations for employee representatives in actively challenging the management over what information is confidential.

This study studies a universally difficult topic for employee representatives: how to handle confidential information. The findings show that EWCs have little levers to force management to provide early information. For this, more structural change is needed.

This study is the first to focus exclusively on the issue of confidentiality in EWCs. This is a central concern for employee representatives, but research, until now, has not given much insight in which strategies work.

This study has two primary objectives. First, it analyzes the information content of confidentiality strictness in corporate loan credit agreements. Second, it examines how confidentiality strictness impacts covenant design, lending syndicate structure and loan pricing.

Using a sample of 6,327 loan credit agreements originated by US public firms in the period of 1996–2017, this study measures the confidentiality strictness in loan contracts using textual analyses that capture the appearance of confidentiality-related words and the length of confidentiality provision. All regressions include relevant loan characteristics, firm-specific accounting variables, industry and year fixed effects. To address the endogeneity concern, the paper uses borrowing firms' rival cash holdings and R&D expenditures to instrument for confidentiality strictness in two-staged least square regressions.

Borrowers which have higher R&D and operate in more competitive product markets have tighter confidentiality policies. Furthermore, this study reveals that confidentiality strictness is negatively associated with the imposition of financial covenants, especially performance covenants. Loan contracts for borrowers with stricter confidentiality on average have more relaxed covenant intensity, measured by the number of covenants. The study also shows that stricter confidentiality attracts finance companies, which have strong expertise in product markets of their parent firms, into the lending syndicate. However, confidentiality-conscious borrowers with higher degree of information asymmetry are subject to higher loan spreads.

This study provides the first examination of confidentiality policies in loan contracts and supports the idea that loan provisions are not simply made of “boilerplate” language. The results suggest that, for confidentiality-sensitive borrowers, the greater exposure to product market competition helps control managerial slack and substitute monitoring from financial markets.

This study sought to investigate a framework for ensuring the confidentiality and security of information at the public health-care facilities to curb HIV/AIDS trauma among patients in Africa. In most instances, trauma to HIV/AIDS patients accelerate because of their personal information relating to the state of illness leaks to public people.

This qualitative study used literature to study confidentiality and security of information at the public health-care facilities to curb HIV/AIDS trauma among patients in Africa.

The study revealed that confidentiality and security of information has been neglected, in most instances, at the health-care facilities, and this has, to some extent, affected HIV/AIDS patients negatively, leading to trauma, stigma and skipping of treatment by patients resulting in accelerated mortality among chronic patients. The study recommends that patients’ information be always strictly controlled and kept confidential and secured at all the times, especially that of HIV/AIDS patients.

The proposed framework can be used by health-care facilities to guide the management and promotion of the confidentiality and security of information in the public health-care facilities to curb additional trauma to HIV/AIDS patients in the context of Africa, and even beyond.

The study provides a framework to ensure the confidentiality and security of information at the public health-care facilities to curb additional trauma to HIV/AIDS patients.

The principle of offshore financial confidentiality is a controversial issue in offshore law. On the one hand, offshore jurisdictions view confidentiality in financial matters as an essential ingredient in the offshore industry which deserves to be protected. On the other, onshore states are increasingly hostile to confidentiality and have been willing to take drastic measures to undermine it.

Directive 91/308/EEC has been hailed by many European Union commentators as an extraordinary advance in the cause of EU integration, not least because it is still one of the few Directives actually in force in the field of EU criminal law. From the point of view of money laundering control, the Directive has been the EU's main weapon in its endeavours to ensure that the liberalisation of the financial markets and the consequent freedom of capital movements ‘is not used for undesirable purposes, such as money laundering’. Notwithstanding the undoubtful success of the Directive to introduce a minimum level of money laundering control mechanisms in all 15 EU member states (some of which had not even criminalised money laundering before transposing the Directive), however, Directive 91/308/EEC is no longer considered an adequately progressive legislative text for the advancement of further money laundering prevention to a pace equal to the one currently in force both at the international level and within some of the EU member states. The legislative response of the EU to the need for increasingly progressive legislation has been the Draft Money Laundering Directive, which having been passed by the Council and the Parliament is in the final stages of becoming part of EU legislation.

As part of their continuing efforts to establish effective information security management (ISM) practices, information security researchers and practitioners have proposed and developed many different information security standards and guidelines. Building on these previous efforts, the purpose of this study is to put forth a framework for ISM.

This framework is derived from the development of an a priori set of objectives and practices as suggested by literature, standards, and reports found in academia and practice; the refinement of these objectives and practices based on survey data obtained from 354 certified information security professionals; and the examination of interrelationships between the objectives and practices.

The empirical analysis suggests: four factors (information integrity, confidentiality, accountability, and availability) serve as critical information security objectives; most of the security areas and items covered under ISO 17799 are valid with one new area – “external” or “inter‐organizational information security”; and for moderately information‐sensitive organizations, “confidentiality” has the highest correlation with ISM practices; for highly information‐sensitive organizations, “confidentiality”, “accountability”, and “integrity” are the major ISM objectives. The most important contributor to information security objectives is “access control”.

This study contributes to the domain of information security research by developing a parsimonious set of security objectives and practices grounded in the findings of previous works in academia and practical literature.

These findings provide insights for business managers and information security professionals attempting to implement ISM programs within their respective organizational settings.

This paper fulfills a need in the information security community for a parsimonious set of objectives and practices based on the many guidelines and standards available in both academia and practice.

This paper discusses how the features of blockchain technology impact supply chain transparency through the lens of the information security triad (confidentiality, integrity and availability). Ultimately, propositions are developed to encourage future research in supply chain applications of blockchain technology.

Propositions are developed based on a synthesis of the information security and supply chain transparency literature. Findings from text mining of Twitter data and a discussion of three major blockchain use cases support the development of the propositions.

The authors note that confidentiality limits supply chain transparency, which causes tension between transparency and security. Integrity and availability promote supply chain transparency. Blockchain features can preserve security and increase transparency at the same time, despite the tension between confidentiality and transparency.

The research was conducted at a time when most blockchain applications were still in pilot stages. The propositions developed should therefore be revisited as blockchain applications become more widely adopted and mature.

This study is among the first to examine the way blockchain technology eases the tension between supply chain transparency and security. Unlike other studies that have suggested only positive impacts of blockchain technology on transparency, this study demonstrates that blockchain features can influence transparency both positively and negatively.

This paper aims to examine the influence of organization culture on the effectiveness of implementing information security management (ISM).

Based on a literature review, a model of the relationship between organizational culture and ISM was formulated, and both organizational culture characteristics and ISM effectiveness were measured empirically to investigate how various organizational culture traits influenced ISM principles, by administrating questionnaires to respondents in organizations with significant use of information systems.

Four regression models were derived to quantify the impacts of organizational culture traits on the effectiveness of implementing ISM. Whilst the control‐oriented organizational culture traits, effectiveness and consistency, have strong effect on the ISM principles of confidentiality, integrity, availability and accountability, the flexibility‐oriented organizational culture traits, cooperativeness and innovativeness, are not significantly associated with the ISM principles with one exception that cooperativeness is negatively related to confidentiality.

The sample is limited to the organizational factors in Taiwan. It is suggested to replicate this study in other countries to reconfirm the result before adopting its general implications. Owing to the highly intrusive nature of ISM surveys, a cautious approach with rapport and trust is a key success factor in conducting empirical studies on ISM.

A culture conducive to information security practice is extremely important for organizations since the human dimension of information security cannot totally be solved by technical and management measures. For understanding and improving the organization behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM.

A research model was proposed to study the impacts of organizational factors on ISM, after a broad survey on related researches. The validated model and its corresponding study results can be referenced by enterprise managers and decision makers to make favorable tactics for achieving their goals of ISM – mitigating information security risks.

This study aims at investigating the extent of SysTrust’s framework (principles and criteria) as an internal control approach for assuring the reliability of accounting information system (AIS) were being implemented in Jordanian business organizations.

The study is based on primary data collected through a structured questionnaire from 239 out of 328 shareholdings companies. The survey units were the shareholding companies in Jordan, and the single key respondents approach was adopted. The extents of SysTrust principles were also measured. Previously validated instruments were used where required. The data were analysed using t-test and ANOVA.

The results indicated that the extent of SysTrust being implemented could be considered to be moderate at this stage. This implies that there are some variations among business organizations in terms of their level of implementing of SysTrust principles and criteria. The results also showed that the extent of SysTrust principles being implemented was varied among business organizations based on their business sector. However, there were not found varied due to their size of business and a length of time in business (experience).

This study is only conducted in Jordan as a developing country. Although Jordan is a valid indicator of prevalent factors in the wider MENA region and developing countries, the lack of external validity of this research means that any generalization of the research findings should be made with caution. Future research can be orientated to other national and cultural settings and compared with the results of this study.

The study provides evidence of the need for management to recognize the importance of the implementation of SysTrust principles and criteria as an internal control for assuring the reliability of AIS within their organizations and be aware which of these principles are appropriate to their size and industry sector.

The findings would be valuable for academic researchers, managers and professional accounting to acquire a better undemanding of the current status of the implementation of the SysTrust principles (i.e., availability, security, integrity processing, confidentiality, and privacy) as an internal control method for assuring the reliability of AIS by testing the phenomenon in Jordan as a developing country.

The paper's aim is to present a novel anonymity quantification method, LooM (loosely managed privacy protection method) for achieving privacy protection in pervasive computing environments.

The main feature is that the method quantitatively controls anonymity by a single value (disclosure threshold value) using a classification algorithm of the decision tree. The value is not affected by the set size of users or the distribution of users' private information. The effectiveness of this method is confirmed by simulation using sample databases of attribute‐value pairs. Proposes a model of privacy information disclosure that achieves a balance between users' privacy protection requirements and service providers' disclosure requirements and applies web questionnaire survey data to this model.

LooM can be applicable to a variety of pervasive computing and communication services handling a huge amount of data containing privacy information.

The paper proposes a model of privacy information disclosure that achieves a balance between users' privacy protection requirements and service providers' disclosure requirements.