Search results

This study aims to conduct a survey in a bank to measure the perception of employees towards the effective governance of information privacy and at the same time validating the information privacy governance questionnaire (IPGQ) used in this study.

A quantitative research approach was followed using an online survey questionnaire to collect data in a bank in South Africa.

The survey results showed that employees perceived the governance of privacy in the organisation in a positive way. Three significant differences were identified, namely, Generation-Y being significantly more positive than Generation-X regarding privacy control assessment. Also, that the contractor/vendor group was significantly more positive than permanent employees regarding organisational commitment and privacy control assessment. Exploratory factor analysis was used to validate the IPGQ and four factors were identified: privacy control assessment, personal information awareness assessment, privacy governance reporting and organisational commitment towards privacy. Cronbach’s alpha was used to establish the internal reliability of the factors and indicated good internal consistency.

One of the potential empirical research limitations for this study is that the study was conducted in a single organisation; therefore, when generalising the results, caution must be taken.

Organisations, academics and the industry may find the questionnaire useful to determine employee perception towards privacy governance and to identify recommendations that could be used to improve their privacy policies, privacy programme controls and organisational commitment towards privacy. In this study, it was identified that for Generation-X employees to be more accepting towards the privacy controls, the organisation needs to implement focussed awareness training for them. To ensure permanent employees’ commitment and accountability, internal audits, monitoring and risk assessment measures need to be implemented. These can be directed through the outcomes of the survey.

The IPGQ can aid organisations in determining if they are governing privacy effectively, and thus assist them in meeting the accountability condition of data protection regulation.

The purpose of this study was to investigate the roles of employee experience and top management commitment in the relationship between human resource (HR) records management culture and HR records privacy control in organisations in Ghana.

Structural equation modelling was used in analysing the data. Following the specification of the model, three main types of analyses were carried out. They were reflective measurement model analyses to test reliability and validity; formative measurement model analyses to test redundancy, collinearity, significance and relevance of the lower-order constructs; and structural model analyses to ascertain the explanatory and predictive powers of the model, significance of the hypotheses and their effect sizes.

The study confirmed that communication, privacy awareness and training and risk assessment are dimensions of HR records management culture. Concerning the hypotheses, it was established that HR records management culture is related to HR records privacy control. Also, the study showed that employee experience positively moderated the relationship HR records management culture has with HR records privacy control. However, top management commitment negatively moderated the relationship HR records management culture has with HR records privacy control.

Organisations committed to the privacy control of HR records need to ensure the retention of their employees, as the longer they stay with the organisation, the more they embody the HR records management culture which improves the privacy control of HR records. For top management commitment, it should be restricted to providing strategic direction for HR records privacy control, as the day-to-day influence of top management commitment on the HR records management culture does not improve the privacy control of HR records.

This study demonstrates that communication, privacy awareness and training and risk assessment are dimensions of HR record management culture. Also, the extent of employee experience and top management commitment required in the relationship between HR records management culture and HR records privacy control is revealed.

This paper aims to address research gaps around third party data flows in education by investigating governance practices in higher education with respect to learning management system (LMS) ecosystems. The authors answer the following research questions: how are LMS and plugins/learning tools interoperability (LTI) governed at higher education institutions? Who is responsible for data governance activities around LMS? What is the current state of governance over LMS? What is the current state of governance over LMS plugins, LTI, etc.? What governance issues are unresolved in this domain? How are issues of privacy and governance regarding LMS and plugins/LTIs documented or communicated to the public and/or community members?

This study involved three components: (1) An online questionnaire about LMS, plugin and LTI governance practices from information technology professionals at seven universities in the USA (n = 4) and Canada (n = 3). The responses from these individuals helped us frame and design the interview schedule. (2) A review of public data from 112 universities about LMS plugin and LTI governance. Eighteen of these universities provide additional documentation, which we analyze in further depth. (3) A series of extensive interviews with 25 university data governance officers with responsibilities for LMS, plugin and/or LTI governance, representing 14 different universities.

The results indicate a portrait of fragmented and unobtrusive, unnoticed student information flows to third parties. From coordination problems on individual college campuses to disparate distributions of authority across campuses, as well as from significant data collection via individual LTIs to a shared problem of scope across many LTIs, the authors see that increased and intentional governance is needed to improve the state of student privacy and provide transparency in the complex environment around LMSs. Yet, the authors also see that there are logical paths forward based on successful governance and leveraging existing collaborative networks among data governance professionals in higher education.

Substantial prior work has examined issues of privacy in the education context, although little research has directly examined higher education institutions’ governance practices of LMS, plugin and LTI ecosystems. The tight integration of first and third-party tools in this ecosystem raises concerns that student data may be accessed and shared without sufficient transparency or oversight and in violation of established education privacy norms. However, these technologies and the university governance practices that could check inappropriate data handling remain under-scrutinized. This paper addresses this gap by investigating the governance practices of higher education institutions with respect to LMS ecosystems.

The purpose of this study is to explore the effects of recommendation algorithm, product reputation, new product novelty, privacy concern and privacy protection behavior on users’ satisfaction and continuance intention to use short-form video application (APP).

Based on the existing theories, the research model of this study was developed and 445 valid data were collected through a questionnaire survey. The partial least squares structural equation modeling (PLS-SEM) was employed for data analysis to test the research model and hypotheses.

The results reveal that the recommendation algorithm has a significant positive effect on user satisfaction, new product novelty and privacy concern. The influence of recommendation algorithm on privacy concern is negatively moderated by product reputation. Privacy concern has a significant and positive impact on privacy protection behavior, and privacy protection behavior has a significant and positive impact on user satisfaction. New product novelty also has significant impact on user satisfaction.

This study is one of the earliest studies to incorporate recommendation algorithm as a construct into the college students’ continuance intention to use short-form video APP. The influence of reputation as a moderator variable on the relationship between algorithm and privacy concerns is also investigated.

The purpose of this study is to investigate the impacts of regulations and governance of artificial intelligence (AI) on personal data sharing (PDS) in the context of sociolegal, technology and policy perspective.

With the help of theories and literature review, some hypotheses have been formulated and a conceptual model has been developed. These are statistically validated. The validated model has been compared again using impact of regulation and governance of AI as a moderator. The validation has been done using survey by PLS analysis.

The study found that there is a high level of positive impact of regulation and governance of AI on the online PDS by the users.

This study has provided a statistical model which can provide the antecedents of PDS by the online users with the impact of AI regulation and governance as a moderator. The proposed model has explanative power of 92%.

The study highlighted that there is a necessity of having appropriate AI regulations so that users could share their personal data online without any hesitation. Policymakers and legal fraternity should work together to formulate a comprehensive AI regulation and governance framework.

To the best of the authors’ knowledge, there is no study on the impact of AI regulation and governance towards PDS and how it impacts on the security, privacy and trust of the online users.

This paper seeks to empirically examine the existence and implementation of information security governance (ISG) in Saudi organizations.

An empirical survey, using a self‐administered questionnaire, is conducted to explore and evaluate the current status and the main features of ISG in the Saudi environment. The questionnaire is developed based on ISG guidelines for boards of directors and executive management issued by the Information Technology (IT) Governance Institute and other related materials available in the literature. A total of 167 valid questionnaires are collected and processed using the Statistical Package for Social Sciences, version 16.

The results of the study reveal that although the majority of Saudi organizations recognize the importance of ISG as an integrant factor for the success of IT and corporate governance, most of them have no clear information security strategies or written information security policy statements. The majority of Saudi organizations have no disaster recovery plans to deal with information security incidents and emergencies; information security roles and responsibilities are not clearly defined and communicated. The results also show that alignment between ISG and the organization's overall business strategy is relatively poor and not adequately implemented. The results also show that risk assessment procedures are not adequately and effectively implemented, ISG is not a regular item in the board's agenda, and there are no properly functioning ISG processes or performance‐measuring systems in the majority of Saudi organizations. Accordingly, appropriate actions should be taken to improve implementing and measuring the ISG performance in Saudi organizations.

From a practical standpoint, managers and practitioners alike stand to gain from the findings of this study. The results of the paper enable them to better understand and evaluate ISG and to champion IT development for business success in Saudi organizations.

The purpose of this paper is to identify and analyze challenges and to discuss proposed solutions for innovative public governance through cloud computing. Innovative technologies, such as federation of services and cloud computing, can greatly contribute to the provision of e-government services, through scaleable and flexible systems. Furthermore, they can facilitate in reducing costs and overcoming public information segmentation. Nonetheless, when public agencies use these technologies, they encounter several associated organizational and technical changes, as well as significant challenges.

We followed a multidisciplinary perspective (social, behavioral, business and technical) and conducted a conceptual analysis for analyzing the associated challenges. We conducted focus group interviews in two countries for evaluating the performance models that resulted from the conceptual analysis.

This study identifies and analyzes several challenges that may emerge while adopting innovative technologies for public governance and e-government services. Furthermore, it presents suggested solutions deriving from the experience of designing a related platform for public governance, including issues of privacy requirements, proposed business models and key performance indicators for public services on cloud computing.

The challenges and solutions discussed are based on the experience gained by designing one platform. However, we rely on issues and challenges collected from four countries.

The identification of challenges for innovative design of e-government services through a central portal in Europe and using service federation is expected to inform practitioners in different roles about significant changes across multiple levels that are implied and may accelerate the challenges' resolution.

This is the first study that discusses from multiple perspectives and through empirical investigation the challenges to realize public governance through innovative technologies. The results emerge from an actual portal that will function at a European level.

The continuous impact of the pandemic and the downturn of the global economy have brought new challenges to the tourism industry. In this context, effectively attracting consumers and improving user stickiness are the top priorities of tourism platform companies. This study explores the impact of ethical concerns raised by new issues under the multi-governance environment on user stickiness. Based on the trust theory, the authors provide solutions for tourism platforms.

This study adopted a quantitative approach, gathering survey data via an online platform. A total of 400 participants were investigated, and 356 valid questionnaires were returned, with a recovery rate of 89%. Questionnaires that did not meet the inclusion criteria were excluded, leaving 298 valid responses.

Studies have found that consumers' ethical concerns about platform companies are key factors affecting user stickiness, and among these, consumer trust plays a mediating role. They have found that corporate social responsibility (CSR) behaviours help alleviate ethical concerns and improve trust in enterprises. At the same time, enterprises should properly control the number of platform collaborators, and excessive platform cooperation negatively moderates the impact of consumer ethical concerns on competence-based trust.

This study complements the deficiency of previous research with regard to ethical concerns in a multi-governance environment. These findings indicate that subject diversity exacerbates the negative impact of ethical concerns on consumer trust; however, CSR alleviates the impact of ethical concerns on consumer trust.

General data protection regulation (GDPR) entered into force in May 2018 for enhancing personal data protection. Even though GDPR leads toward many advantages for the data subjects it turned out to be a significant challenge. Organizations need to implement long and complex changes to become GDPR compliant. Data subjects are empowered with new rights, which, however, they need to become aware of. GDPR compliance is a challenging matter for the relevant stakeholders calls for a software platform that can support their needs. The aim of data governance for supporting GDPR (DEFeND) EU project is to deliver such a platform. The purpose of this paper is to describe the process, within the DEFeND EU project, for eliciting and analyzing requirements for such a complex platform.

The platform needs to satisfy legal and privacy requirements and provide functionalities that data controllers request for supporting GDPR compliance. Further, it needs to satisfy acceptance requirements, for assuring that its users will embrace and use the platform. In this paper, the authors describe the methodology for eliciting and analyzing requirements for such a complex platform, by analyzing data attained by stakeholders from different sectors.

The findings provide the process for the DEFeND platform requirements’ elicitation and an indicative sample of those. The authors also describe the implementation of a secondary process for consolidating the elicited requirements into a consistent set of platform requirements.

The proposed software engineering methodology and data collection tools (i.e. questionnaires) are expected to have a significant impact for software engineers in academia and industry.

It is reported repeatedly that data controllers face difficulties in complying with the GDPR. The study aims to offer mechanisms and tools that can assist organizations to comply with the GDPR, thus, offering a significant boost toward the European personal data protection objectives.

This is the first paper, according to the best of the authors’ knowledge, to provide software requirements for a GDPR compliance platform, including multiple perspectives.

The purpose of this paper is to understand the effects of successful adoption of information technology (IT)-enabled services to be provided in the proposed smart cities of India from end-user-experience perspective.

This paper has taken a sincere endeavor to understand to what extent the success of the smart cities depends on the users’ experience of the IT-enabled services, the backbone of smart cities, and how using IT-enabled services can improve the quality of the users’ lifestyle. Initially, few hypotheses have been developed from literature review, followed by structured questionnaires. Once the data were collected, they were analyzed using different statistical tools. This paper will be useful for the policymakers, specifically those who are involved in technology and IT-governance-related areas, in policymaking for the proposed smart cities in India.

This study tries to find how the IT-enabled services would transform the lives of residents both socially and technologically; to what extent the prospective citizens will be engaged to use the modern services; to what extent the threat of privacy and security issues affects the overall performance of the proposed smart cities of India; and how gaining trust of the citizens could help in successful adoption of IT services. This paper tries to find out few of these questions from the city residents’ perspective.

This study is undertaken keeping Indian smart cities in perspective. However, in India, the proposed smart cities are in different states. In fact, the respondents selected by the authors are not the true representatives of the whole population, which is spread covering all parts of India. This paper could have implications for policymakers in drafting the smart city policy in India especially from IT-governance and user-experience perspective.

As this study discusses proposed smart cities of India from IT-enabled services and from the citizens’ perspective, it will have a huge practical implication once these smart cities become operational in India.

This study discusses the IT-enabled services expected to be provided to the citizens of the proposed smart cities of India. As the paper discusses about the citizens’ perspective and the proposed smart cities of India, it definitely has social implications especially since the study is related to the citizens of proposed smart cities of India.

The research reported in this manuscript is the outcome of in-depth study on proposed Indian smart cities especially from IT adoption and from users’ perspective. Very few studies have been carried out on proposed Indian smart cities from IT adoption perspective and how that could improve the lifestyle of the residents.