Introduction: While nurses have access to confidential information of patients' records and history, it is still unknown that how information security training and their awareness with information security policy can influence their perceived certainty and severity of sanctions. To examine the Impact of Nurses’ Perceived Information Security Training and Information Security Policy Awareness on their Perceived Severity and Certainty of Information Security Breach Penalties in the Educational Specialized Hospitals.
Method: This research was a descriptive, corelational study. The population was consisted all nurses working in the specialized training hospitals, Isfahan city and at last, 181 usable questionnaires were collected. The data was collected by four questionnaires, namely information security training (D’Arcy et al.), security policy awareness (Sohrabi Safa et al.) and perceived certainty and severity of sanctions (Cheng et al.) and formatted into 5 point Likert scale and the data was collected using non-random sampling. For validity, content, face and construct validity methods and for reliability, Cronbach’s alpha method were used. Descriptive statistics, including frequency and percentage were analyzed by SPSS 19 and hypotheses were analyzed by partial least square technique; using SmartPLS M2.0.
Result: The average for security training, security awareness, perceived certainty and severity of sanctions were 3.78, 3.41, 3.63 and 3.18 respectively. Nurses' awareness of security policies had a positive significant influence on their perceived severity (t= 9.1, P < 0.01, β=0.41) and certainty (t= 7.3, P < 0.01, β=0.35) of breach penalties. Training programs had also a significant influence on their perceived severity (t= 2.3, P < 0.05, β=0.37) and certainty (t= 2.8, P < 0.01, β=0.44) of breach penalties.
Conclusion: Security training and nurses' awareness of security policies significantly predict their perceived certainty and severity of sanctions for security breach.