Skip to Main Content
HIPAA security compliance in academic medical centers is a central concern of researchers, academicians, and practitioners. Despite increasing accounts of data security breaches, greater numbers of information technology implementations, and new HIPAA Security Rule requirements and audits, academic medical centers have shown limited HIPAA security compliance. Based on a literature review of technology acceptance and security effectiveness, this study investigated the factors that affect HIPAA security compliance. A theoretical model using management support, security awareness, security culture, and computer self-efficacy to predict security behavior and security effectiveness was proposed. Multiple linear regression and correlation analysis demonstrated that security awareness, management support, and security culture were significant predictors of security effectiveness and security behavior, with security awareness being the most significant predictor. The results of this research provide guidance to those involved with HIPAA security compliance initiatives in health care.