The Moderating Effect of Working Experience on Health Information System Security Policies Compliance Behaviour

This study was conducted to investigate the moderating effect of health professional’s working experience on the relationship between factors of Health Information System Security Policies Compliance Behaviour (HISSPC) model. A survey (i.e., n = 454) was conducted to test the differences between high experience and low experiencehealth professionals who were Health Information System (HIS) users. The HISSPC model was tested using partial least squares (PLS) approachwith results indicating the coefficient of determination (i.e., R2) for high experience group (i.e., 63 percent)to be slightly higher than the low experience group(i.e., 60 percent). Statistical differences were noted for the relationship between management support and user’s compliance behaviour in both groups,with stronger relationship forlow experienceHIS users compared to high experience HIS users. In contrast, perceived susceptibility was found to significantly influence highly experienced users to comply with HIS security policies, however it had no significant effect for the low experience group.The overall moderating effect size for high experience userswas approximately 0.07 (i.e. small) andno moderating effect was observed for the low experience group (i.e., ƒ2 = 0.01). It was believed that the findings will provide better guidelines to fellow researchers and policy makers in improving information security behaviour among health professionals in hospitals, particularly those with varying working experiences.