Are we neglecting the influence of national culture (individualism–collectivism index) in mitigating the instances of data breach?

Purpose: Based on neo-institutional theory, this study evaluates factors that affect instances of data breaches in a hospital. The authors study the effect of adopting the health information exchange (HIE) initiative on a hospital’s data breach threats. This study integrates formal and information institutional factors to identify the antecedents that influence data breaches when adopting HIE. This study uses a hospital’s entrepreneurial orientation (EO) as a formal institutional factor and national culture (collectivism–individualism) as an informal institutional factor. Design/methodology/approach: Using a Statistical Analysis System, the authors analyze US hospital observations over five years. The data was collected from the Health Information and Management Systems Society (HIMSS) database, the Health and Human Services website and the Vandello and Cohen (1999) collectivism index. Findings: This study finds that when hospitals adopt HIEs, data breaches increase. This study also finds that both EO (formal institutional factor) and the individualism–collectivism index (informal institutional factor) significantly moderate these instances. Research limitations/implications: HIMSS has not updated its data set to reflect recent hospital data, so this study’s data set lacks recent data on US hospitals. Originality/value: This study is one of the few studies to address the impact of cultural variation in US hospitals and how it interacts with entrepreneurial activity to lower data breach threats when adopting new data exchange standards.