oru.sePublications
Change search
Refine search result
12 1 - 50 of 66
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Andersson, Annika
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Grönlund, Åke
    Örebro University, Swedish Business School at Örebro University.
    Learning from e-learning: emerging constructive learning practices2009In: Doing IT research that matters, 2009Conference paper (Refereed)
    Abstract [en]

    This research is situated within the field of Information and Communication Technologies for Development (ICT4D) and asks if ICT use can make learning practices change. While constructive learning practices are critical to both individual and societal development, repetitive learning practices are the norm in many developing countries. The study is based on observations and in-depth interviews and uses a structurational approach to understand if and how students views of learning change during an e-learning program in Sri Lanka. We found four constructive learning practices that emerged through technology use; individual exploring, interaction with peers, interaction with teachers, and taking responsibility of the learning. Many constructive learning practices emerged outside the LMS used, in students’ voluntary uses of publicly available resources on the Internet. The study shows that technology use can play a positive role for development, provided an open environment is available; students learn constructive practicesfrom e-learning.

  • 2.
    Andersson, Annika
    et al.
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Karlsson, Fredrik
    Örebro University, Örebro University School of Business.
    Terminologi och begrepp inom informationssäkerhet: Hur man skapar en språkgemenskap2016Report (Other (popular science, discussion, etc.))
    Abstract [sv]

    Syftet med den här studien är att utvärdera svensk terminologi på informationssäkerhetsområdet med fokus på frågor om målgrupper och grundläggande termer. Baserat på en Delphi-studie, där experter från olika yrkeskategorier har fått definiera en uppsättning grundläggande begrepp, har vi utvärderat både experternas definitioner och processen med att ta fram definitionerna. Vi har identifierat flera problem med svensk terminologi på informationssäkerhetsområdet. För att stödja arbetet med att utveckla svensk terminologi för informationssäkerhet beskriver vi i rapporten förslag på hur arbetet kan bedrivas vidare. De problem vi har identifierat är bl.a. att begrepp som inte finns med i rådande styrdokument blir otydliga och svårtolkade för experter inom området och att det är problematiskt med två olika styrdokument (HB550 och SIS-TR50:2015) i användning med delvis olika definitioner av samma begrepp. Vi har även sett att olika yrkeskategorier ofta definierar begreppen utifrån sin specifika profession, vilket kan innebära att det finns ett behov av att säkerhetsbegrepp kontextualiseras utifrån yrkesroller. Processen med att arbeta med experter enligt Delphi-metoden gav ett bra underlag för att analysera och diskutera olika definitioner av centrala begrepp inom informationssäkerhetsområdet. Dessutom har experterna varit mycket engagerade i processen. Vi föreslår att framtida begreppsutredningar använder sig av denna metod eller varianter av den och att det är experterna, de som i sitt dagliga yrke handhar informationssäkerheten, som ska vara de som skapar definitionerna. Vi ser också ett stort behov av större, effektivare och mer samordnade former för framtida begreppsutredningar.

  • 3.
    Andersson, Annika
    et al.
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Wihlborg, Elin
    School of Management and Engineering, Linköping University, Linköping, Sweden.
    Automated Decision-Making and Legitimacy in Public Administration2018Conference paper (Other academic)
  • 4.
    Andersson, Annika
    et al.
    Örebro University, Örebro University School of Business.
    Karlsson, Fredrik
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Konfliktfylld kultur vid framtagande av informationssäkerhetsstandarder2017In: Informationssäkerhet och organisationskultur / [ed] Jonas Hallberg, Peter Johansson, Fredrik Karlsson, Frida Lundberg, Björn Lundgren, Marianne Törner, Lund: Studentlitteratur AB, 2017Chapter in book (Other (popular science, discussion, etc.))
  • 5.
    Andreasson, Ester
    et al.
    Linköpings universitet, Linköping, Sverige.
    Axelsson, Karin
    Linköpings universitet, Linköping, Sverige.
    Gustafsson, Mariana
    Linköpings universitet, Linköping, Sverige.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Melin, Ulf
    Linköpings universitet, Linköping, Sverige.
    Söderström, Fredrik
    Linköpings universitet, Linköping, Sverige.
    Wihlborg, Elin
    Linköpings universitet, Linköping, Sverige.
    Vem är vem på nätet?: en studie av elektronisk identifiering2014Book (Other (popular science, discussion, etc.))
  • 6.
    Ask, Andreas
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Taking initial steps towards enterprise architecture in local government2011In: Electronic government and the information systems perspective / [ed] Kim Normann Andersen, Enrico Francesconi, Åke Grönlund, Tom M. van Engers, Berlin: Springer Berlin/Heidelberg, 2011, p. 26-40Conference paper (Refereed)
    Abstract [en]

    The purpose of this study is to increase the understanding of immature use of Enterprise Architectures (EAs). In this paper we present results from an eGovernment initiative in a Swedish local government. This longitudinal case study illustrates the problems of taking initial steps of moving towards an EA during the development and implementation an eGovernment initiative. Through an analysis of goal achievements, we develop a better understanding of the challenges of using EA frameworks for local eGovernment-projects. Our results show that the immature use of the EA framework resulted in parts of the organization deviating from plan where individual members began to implement individual solutions, instead of basing decisions on the overall architecture. This impaired project’s possibility to develop towards an EA in an efficient way.

  • 7.
    Avdic, Anders
    et al.
    Örebro University, Department of Business, Economics, Statistics and Informatics.
    Hedström, KarinÖrebro University, Department of Business, Economics, Statistics and Informatics.Rose, JeremyGrönlund, ÅkeÖrebro University, Department of Business, Economics, Statistics and Informatics.
    Understanding eParticipation: Contemporary PhD eParticipation Research in Europe2007Collection (editor) (Other academic)
    Abstract [en]

    This book presents contemporary European research on eParticipation by means of a 13 chapters each describing a PhD research project as well as analyses of this research. The book both reflects the field and contributes to shaping it by discussing both long-standing and emerging issues. Contributions include three chapters on issues of DEVELOPMENT, including communities of practice, user-centred development, and safety & privacy issues, four chapters on IMPLEMENTATION, including spatial planning, participatory budgeting, and transformation processes, and five chapters on issues of USE, focusing on local government, developing countries, EU, civil society and NGO.

  • 8.
    Bernhard, Irene
    et al.
    University West, Trollhättan, Sweden.
    Gustafsson, Mariana
    Linköping University, Linköping, sweden.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Sefyrin, Johanna
    Linköping University, Linköping, Sweden.
    Wihlborg, Elin
    Linköping University, Linköping, Sweden.
    A Digital Society For All?: Meanings, Practices and Policies for Digital Diversity2019In: Proceedings of the 52nd Hawaii International Conference on System Sciences, 2019, p. 3067-3076Conference paper (Refereed)
    Abstract [en]

    The concept of digital divides has been on the agenda in research and policy making for at least the last 20 years. But it is still, a challenge to grasp this concept that is so elusive and transforming. Inclusion, access and equality are still key values for democratic governance and must be addressed in particular when forming and contributing to a digital government. This paper seeks to intervene in current debates on digital divides and digital inclusion by analyzing two cases of responses among street-level public administration in relation to e-government services in Sweden. The case studies are strategically chosen and conducted in national agencies and in local public libraries. Three lines of contributions are discussed, firstly the importance to care for equality secondly the need to see the non-users, and thirdly to discuss the potential of putting focus on digital diversity.

  • 9.
    Bernhard, Irene
    et al.
    University West, Trollhättan, Sweden.
    Gustafsson, Mariana
    Linköping University , Linköping, Sweden.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Seyferin, Johanna
    Linköping University, Linköping, Sweden.
    Whilborg, Elin
    Linköping University, Linköping, Sweden.
    A Digital Society For All?: Meanings, Practices and Policies for Digital Diversity2019In: 52nd Hawaii International Conference on System Sciences (HICSS-52): Emerging Topics in Digital Government, Honolulu, HI, USA, 2019, p. 3067-3076Conference paper (Refereed)
    Abstract [en]

     The concept of digital divides has been on the agenda in research and policy making for at least the last 20 years. But it is still, a challenge to grasp this concept that is so elusive and transforming. Inclusion, access and equality are still key values for democraticgovernance and must be addressed in particular whenforming and contributing to a digital government. This paper seeks to intervene in current debates on digital divides and digital inclusion by analyzing two cases of responses among street-level public administration in relation to e-government services in Sweden. The case studies are strategically chosen and conducted in national agencies and in local public libraries. Three lines of contributions are discussed, firstly theimportance to care for equality secondly the need to see the non-users, and thirdly to discuss the potential of putting focus on digital diversity.

  • 10.
    Denk, Thomas
    et al.
    Örebro University, School of Humanities, Education and Social Sciences.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Karlsson, Fredrik
    Örebro University, Örebro University School of Business.
    Medborgarna och automatiserat beslutsfattande2019In: Storm och Stiltje: SOM-institutets 74:e forskarantologi / [ed] Ulrika Andersson, Björn Rönnerstrand, Patrik Öhberg och Annika Bergström, Göteborg: SOM-institutet , 2019, 1, p. 183-196Chapter in book (Other (popular science, discussion, etc.))
    Abstract [sv]

    I allt större utsträckning införs automatiserat beslutsfattande i offentlig sektor. Det innebär att datorer ersätter handläggare som beslutsfattare. Flera av de ärenden som avgörs med automatiserat beslutsfattande berör medborgarna. Detta kapitel undersöker om medborgarna är medvetna om denna förändring och hur de tror att besluten förändras när datorer ersätter handläggare som beslutsfattare. Resultaten visar att det är en minoritet (20 procent) som har kännedom sedan tidigare om automatiserat beslutsfattande i offentlig sektor. En majoritet tror att besluten förvisso blir mer opartiska när datorer istället för handläggare fattar beslut, men inte att besluten blir mer tillförlitliga. De tror också att automatiska beslut kommer att ta mindre hänsyn till människornas situation och minska insynen i beslutsfattandet. De som har kännedom om automatiserat beslutsfattande är mer positiva när det gäller beslutens opartiskhet och tillförlitlighet, men anser i samma utsträckning som de utan kännedom att besluten medför mindre hänsynstagande till människors situation och minskad insyn i beslutsfattandet.

  • 11.
    Dhillon, Gurpreet
    et al.
    University of North Carolina, Greensboro, USA .
    Karlsson, FredrikÖrebro University, Örebro University School of Business.Hedström, KarinÖrebro University, Swedish Business School at Örebro University.Zúquete, AndréUniversity of Aveiro, Aveiro, Portugal .
    ICT Systems Security and Privacy Protection2019Conference proceedings (editor) (Refereed)
  • 12.
    Dhillon, Gurpreet
    et al.
    The University of North Carolina at Greensboro, USA.
    Smith, Kane
    The University of North Carolina at Greensboro, USA.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Ensuring Core Competencies for Cybersecurity Specialists2019In: Cybersecurity Education for Awareness and Compliance / [ed] Ismini Vasileiou and Steven Furnell, Hershey, Pennsylvania, USA: IGI Global, 2019, p. 121-133Chapter in book (Refereed)
    Abstract [en]

    Within an organization, it is critical that all employees possess a security awareness and thus play a part in the protection of said organization's information assets. Some employees will have key roles and responsibilities and require specific skills to support them. However, organizations can face challenges in regard to recognizing the required specialized skills as well as where to obtain them. For this reason, whether an organization chooses to hire new staff, developing existing staff, or outsource the activities altogether, it is necessary to know the type and level of expertise required. To this end, this chapter discusses the need for organizations to understand and identify the essential skills related to cybersecurity in order for their employees to develop core competencies in these areas.

  • 13.
    Eliason, Emma
    et al.
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Mediated values in Swedish Municipality Website Design2005In: The ethicomp decade 1995-2005, 2005Conference paper (Refereed)
    Abstract [en]

    Not only in Sweden are governments designing and maintaining web sites, this to be able to improve interaction with their citizens. It is therefore important to choose the best suiting website design, communicating the intended values. In this paper two Swedish municipality front pages are compared with respect to mediated user roles, user groups, action space (action possibilities and restrictions), and communicated producer intent. This highlights how values can be mediated in website design.

  • 14.
    Frostenson, Magnus
    et al.
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Helin, Sven
    Örebro University, Örebro University School of Business.
    Karlsson, Fredrik
    Örebro University, Örebro University School of Business.
    Kolkowska, Ella
    Örebro University, Örebro University School of Business.
    Prenkert, Frans
    Örebro University, Örebro University School of Business.
    Samverkan mellan aktörer i industriella nätverk skapar nya utmaningar för informationssäkerheten2017In: Informationssäkerhet och organisationskultur / [ed] J. Hallberg, P. Johansson, F. Karlsson, F. Lundberg, B. Lundgren, M. Törner, Lund: Studentlitteratur AB, 2017, 1, p. 61-75Chapter in book (Refereed)
  • 15.
    Grönlund, Åke
    et al.
    Örebro University, Department of Business, Economics, Statistics and Informatics.
    Andersson, Annika
    Örebro University, Department of Business, Economics, Statistics and Informatics.
    Hedström, Karin
    Örebro University, Department of Business, Economics, Statistics and Informatics.
    Right on time: understanding eGovernment in developing countries2006In: Social inclusion: societal and organizational implications for information systems / [ed] Eileen M. Trauth, Debra Howcroft, Tom Butler, Brian Fitzgerald, Janice I. DeGross, New York: Springer , 2006, p. 73-87Conference paper (Refereed)
    Abstract [en]

    Many, if not most, developing countries today engage in Electronic Government (eGovernment) pojects. There are big hopes, not just modernizing government and making it more ffective and efficient, but also eGovernment is expected to drive the general development owards the information society, both by examples of good practice and by major investment. However, many sources claim project failure rate is high. Reasons are found in many places,but it is reasonable to summarize them by saying that project goals are too ambitious given existing production capacity. Hence there is need to find ways of choosing and defining projects in a way that meets the conditions in the country and sector where they are going to be implemented. To do so, this paper presents two tools, a checklist and a maturity model, for assessing the preconditions for eGovernment projects in developing countries. The underlying data sources are threefold: e-government readiness indexes, project experiences and assessments of social and political conditions. The checklist matches requirements for successful eGovernment against supply and demand side factors, hence providing a guide in choosing which of projects to initiate and which to avoid. The maturity model supports in mapping projects on a wider development agenda, hence helping avoiding dead ends such as investing in unused technology, supporting dysfunctional processes with ICT (Information and Communication Technology) instead of first redesigning them and then putting in ICT in support for the new and better processes etc. In particular, the tools show the close relation between eGovernment and other development agendas, for example education, investment policies or telecom (de)regulation – without alignment with such programmes, eGovernment is likely to fail. The two tools help making factors pertinent to success and failure more explicit and hence improve decision making.

  • 16.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    IT i äldreomsorgen - en fråga om värden2006Book (Other (popular science, discussion, etc.))
  • 17.
    Hedström, Karin
    Örebro University, Department of Business, Economics, Statistics and Informatics.
    Socio-political construction of CareSys: how interests and values influence computerization2004In: Networked information technologies: diffusion and adoption / [ed] Jan Damsgaard, Helle Zinner Henriksen, Norwell, Mass.: Kluwer , 2004, p. 1-18Conference paper (Refereed)
    Abstract [en]

    The purpose of this paper is to describe an analytical framework, which can be used for comparing how different groups experience the value of IT. As the actors’ interests and values are uncovered the framework illuminates the socio-political process of computerization. In order to validate the framework the paper exemplifies how it has been used in one case study involving the introduction of a new IT system in elderly care. For pedagogical reasons, the analysis is limited to comparing two actor groups’ experiences of the introduction of the new system – the politicians, and the home-help assistants. The result also shows that non-action is very important as a way to influence the usage and construction of a new IT system.

  • 18.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    The importance of understanding IT values in elderly care2008In: eHospital, Vol. 10, no 2, p. 26-27Article in journal (Other (popular science, discussion, etc.))
  • 19.
    Hedström, Karin
    Örebro University, Department of Business, Economics, Statistics and Informatics.
    The values of computerization in elderly care2005In: Promote IT 2005: proceedings of the fifth Conference for the Promotion of Research in IT at New Universities and University Colleges in Sweden : Borlänge, Sweden 11-13 May, 2005 / [ed] Janis Bubenko, Owen Eriksson, Hans Fernlund, Mikael Lind, Lund: Studentlitteratur, 2005, p. 209-218Conference paper (Other academic)
  • 20.
    Hedström, Karin
    Örebro University, Department of Business, Economics, Statistics and Informatics.
    The values of IT in elderly care2007In: Information Technology and People, ISSN 0959-3845, E-ISSN 1758-5813, Vol. 20, no 1, p. 72-84Article in journal (Refereed)
    Abstract [en]

    Purpose – The purpose of this paper is to analyze the values of IT in elderly care.Design/methodology/approach – The paper is an empirical investigation based on four in-depth case studies concerning IT in elderly care. The study draws on Actor-Network Theory (ANT) and Social Construction of Technology (SCOT) with a focus on different actor groups' sense-making regarding the role of IT in elderly care. The empirical analysis is, however, influenced by Grounded Theory (GT). Values are studied through the concept of “value areas”, which is a categorization of various actor groups' anticipated and experienced effects of developing, implementing, and using IT in elderly care.Findings – The paper finds that the values of IT in elderly care can be organized in four related value areas: administration values, integration values, care values, and professional values.Research limitations/implications – Although the findings in this paper are related to elderly care it is believed that the value areas could be valid for all kinds of care work.Practical implications – The paper illustrates how different values are present during the development of IT, and discusses the importance of not only including, but also permitting, various actor groups' interests and values to influence the design process.Originality/value – This paper examines the value of IT in elderly care, as well as presenting an approach for analyzing the values of IT. The paper and its findings should be valid for researchers, as well as for practitioners

  • 21.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Values of an electronic social record2008In: Ethical, legal and social issues in medical informatics / [ed] Penny Duquenoy, Carlisle George, Kai Kimppa, Hershey, PA: IGI Global , 2008, p. 65-84Chapter in book (Other academic)
    Abstract [en]

    This chapter analyses the effects of introducing ICT as a support for the social record in elderly care. The effects of the electronic social record are assessed by analysing the different values the electronic social record supports. These values are discussed in terms of ‘value areas’ (values related to administration, integration, professional, and care) which is a categorization of anticipated and experienced effects of using ICT in elderly care. This is a case study where the analysis is a comparison of the social record before and after the introduction of ICT as a support for using the social record. Furthermore, the study also assesses how valuable it is to use ‘value areas’ as an analytical tool when evaluating the effects of ICT.

  • 22.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Dhillon, Gurpreet
    Virginia Commonwealth University, Richmond, USA.
    Karlsson, Fredrik
    Örebro University, Swedish Business School at Örebro University.
    Using actor network theory to understand information security management2010In: Security and privacy: silver linings in the cloud / [ed] Kai Rannenberg, Vijay Varadharajan, Christian Weber, Berlin, Germany: Springer, 2010, p. 43-54Conference paper (Refereed)
    Abstract [en]

    This paper presents an Actor Network Theory (ANT) analysis of a computer hack at a large university. Computer hacks are usually addressed through technical means thus ensuring that perpetrators are unable to exploit system vulnerabilities. We however argue that a computer hack is a result of different events in a heterogeneous network embodying human and non-human actors. Hence a secure organizational environment is one that is characterized by ‘stability’ and ‘social order’, which is a result of negotiations and alignment of interests among different actants. The argument is conducted through a case study. Our findings reveal not only the usefulness of ANT in developing an understanding of the (in)security environment at the case study organization, but also the ability of ANT to identify differences in interests among actants. At a practical level, our analysis suggests three principles that management needs to pay attention to in order to prevent future security breaches.

  • 23.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Grönlund, Åke
    Örebro University, Swedish Business School at Örebro University.
    The quest for development: reviewing ICT4D research2008In: GlobDev 2008: Proceedings annual workshop of the AIS special interest group for ICT in global development, 2008, p. Paper 24-Conference paper (Refereed)
    Abstract [en]

    Electronic Government (eGovernment) has attracted considerable investment over many years but there is little agreement on how to measure success. This is problematic as eGovernment has ambitions beyond project success – in particular in developing countries it is expected to yield development. There is also both an academic and a practitioner debate on eGovernment assessment in which social and political values are included, meaning an external perspective is beginning to take root. This paper reports a literature study of ICT4D (Information and communications technologies for development) journals, where the focus on development should be the greatest. Our study investigates to what degree case study research on eGovernment and ICT4D focuses on ICT’s role for development in developing countries or regions. This means that we examine to what degree evaluations of ICT4D-projects focus development assessment. We find that while a majority of the papers include social factors only a few take an external, i.e. development, perspective. It seems that instead of focusing research on the critical factors in developing countries today, on which we need new knowledge, the majority of the research is repeating studies done in the industrialized world in the past twenty years to which we cannot expect to find neither the solution to the problems in the developing world nor radically new findings to enrich the body of research already existing. This said, the few papers that did have a development focus introduced challenging issues, research on which holds promises of relevance to target countries as well as improving the knowledge base of IS research.

  • 24.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Jäger, Kerstin
    Krasniqi, Hanife
    Linderoth, Henrik
    Nohlberg, Marcus
    Högskolan Skövde, Skövde, Sweden.
    Anne, Persson
    Högskolan Skövde, Skövde, Sweden.
    Åhlfeldt, Rose-Mharie
    Högskolan Skövde, Skövde, Sweden.
    Vårdens framtida informationssystem - vision i form av en demonstrator: Slutrapport januari 20102010Report (Other (popular science, discussion, etc.))
  • 25.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Karlsson, Fredrik
    Developing Information and Communication Technologies for Health Care - Design Principles2006Conference paper (Other academic)
  • 26.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Karlsson, Fredrik
    Örebro University, Swedish Business School at Örebro University.
    Facing moving targets?2008In: Electronic government: proceedings of ongoing research and projects of EGOV 08 / [ed] Enrico Ferro, H. Jochen Scholl, Maria A. Wimmer, Linz: Trauner Verlag , 2008, p. 62-69Conference paper (Refereed)
    Abstract [en]

    It is widely acknowledged that requirements change during systems development projects. The reasons are usually explained by changes in lower-level goals, while high-level goals are expected to be stable. In this paper we analyse, and compare, how two electronic government projects use goals as a basis for procuring new Information Technology systems. The high-level goals of these projects have evolved differently, where high-level goals changed in one project, but remained stable in the second project. This can be explained by the fact that the two cases have interpreted the concept of high-level goals differently. We believe that goal-stability increases when values are related to high-level goals during goal-oriented requirements engineering. This illustrates the importance of taking political values into consideration when defining the high-level goals for electronic government projects.

  • 27.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Karlsson, Fredrik
    Örebro University, Swedish Business School at Örebro University.
    Shooting on a moving target?2008In: EGOV 2008, 2008Conference paper (Refereed)
    Abstract [en]

    It is widely acknowledged that requirements change during systems development projects. The reasons are usually explained by changes in lower-level goals, while high-level goals are expected to be stable. In this paper we analyse, and compare, how two electronic government projects use goals as a basis for procuring new Information Technology systems. The high-level goals of these projects have evolved differently, where high-level goals changed in one project, but remained stable in the second project. This can be explained by the fact that the two cases have interpreted the concept of high-level goals differently. We believe that goal-stability increases when values are related to high-level goals during goal-oriented requirements engineering. This illustrates the importance of taking political values into consideration when defining the high-level goals for electronic government projects.

     

     

  • 28.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Karlsson, Fredrik
    Örebro University, Swedish Business School at Örebro University.
    Kolkowska, Ella
    Örebro University, Swedish Business School at Örebro University.
    Managing information systems security: compliance between users and managers2009In: E-Hospital, ISSN 1374-321X, Vol. 11, no 2, p. 30-31Article in journal (Other (popular science, discussion, etc.))
  • 29.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Karlsson, Fredrik
    Örebro University, Örebro University School of Business.
    Kolkowska, Ella
    Örebro University, Örebro University School of Business.
    Social action theory for understanding information security non-compliance in hospitals: the importance of user rationale2013In: Information Management & Computer Security, ISSN 0968-5227, E-ISSN 1758-5805, Vol. 21, no 4, p. 266-287Article in journal (Refereed)
    Abstract [en]

    Purpose – Employees' compliance with information security policies is considered an essential component of information security management. The research aims to illustrate the usefulness of social action theory (SAT) for management of information security.

    Design/methodology/approach – This research was carried out as a longitudinal case study at a Swedish hospital. Data were collected using a combination of interviews, information security documents, and observations. Data were analysed using a combination of a value-based compliance model and the taxonomy laid out in SAT to determine user rationality.

    Findings – The paper argues that management of information security and design of countermeasures should be based on an understanding of users' rationale covering both intentional and unintentional non-compliance. The findings are presented in propositions with practical and theoretical implications: P1. Employees' non-compliance is predominantly based on means-end calculations and based on a practical rationality, P2. An information security investigation of employees' rationality should not be based on an a priori assumption about user intent, P3. Information security management and choice of countermeasures should be based on an understanding of the use rationale, and P4. Countermeasures should target intentional as well as unintentional non-compliance.

    Originality/value – This work is an extension of Hedström et al. arguing for the importance of addressing user rationale for successful management of information security. The presented propositions can form a basis for information security management, making the objectives underlying the study presented in Hedström et al. more clear

  • 30.
    Hedström, Karin
    et al.
    Örebro University, Örebro University School of Business.
    Karlsson, Fredrik
    Örebro University, Örebro University School of Business.
    Kolkowska, Ella
    Örebro University, Örebro University School of Business.
    Utveckling av praktikanpassad informationssäkerhetspolicy2017In: Informationssäkerhet och organisationskultur / [ed] Jonas Hallberg, Peter Johansson, Fredrik Karlsson, Frida Lundberg, Björn Lundgren, Marianne Törner, Lund: Studentlitteratur AB, 2017Chapter in book (Other (popular science, discussion, etc.))
  • 31.
    Hedström, Karin
    et al.
    Örebro University, Örebro University School of Business. Department of Management and Engineering, Linköping University, Linköping, Sweden.
    Karlsson, Fredrik
    Örebro University, Örebro University School of Business.
    Söderström, Fredrik
    Department of Management and Engineering, Information Systems Division, Linköping University, Linköping, Sweden .
    Challenges of introducing a professional eID card within health care2016In: Transforming Government: People, Process and Policy, ISSN 1750-6166, E-ISSN 1750-6174, Vol. 10, no 1, p. 22-46Article in journal (Refereed)
    Abstract [en]

    Purpose: The purpose of this paper is to examine the challenges that arise when introducing an electronic identification (eID) card for professional use in a health-care setting.

    Design/methodology/approach: This is a case study of an eID implementation project in healthcare. Data were collected through interviews with key actors in a project team and with eID end users. The authors viewed the eID card as a boundary object intersecting social worlds. For this analysis, the authors combined this with an electronic government initiative challenge framework.

    Findings: The findings of this paper illustrate the interpretative flexibility of eID cards and how eID cards as boundary objects intersect social worlds. The main challenges of implementing and using eID cards in healthcare are usability, user behaviour and privacy. However, the way in which these challenges are interpreted varies between different social worlds.

    Practical implications: One of the implications for future practice is to increase our understanding of the eID card as a socio-technical artefact, where the social and technical is intertwined, at the same time as the eID card affects the social as well as the technical. By using a socio-technical perspective, it is possible to minimise the potential problems related to the implementation and use of eID.

    Originality/value: Previous research has highlighted the need for more empirical research on identity management. The authors contextualise and analyse the implementation and use of eID cards within healthcare. By viewing the eID card as a boundary object, the authors have unveiled its interpretative flexibility and how it is translated across different social worlds.

  • 32.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Kolkowska, Ella
    Örebro University, Swedish Business School at Örebro University.
    Karlsson, Fredrik
    Örebro University, Swedish Business School at Örebro University.
    Allen, J. P.
    School of Management, University of San Francisco, San Francisco, USA.
    Value conflicts for information security management2011In: Journal of strategic information systems, ISSN 0963-8687, E-ISSN 1873-1198, Vol. 20, no 4, p. 373-384Article in journal (Refereed)
    Abstract [en]

    A business’s information is one of its most important assets, making the protection of information a strategic issue. In this paper, we investigate the tension between information security policies and information security practice through longitudinal case studies at two health care facilities. The management of information security is traditionally informed by a control-based compliance model, which assumes that human behavior needs to be controlled and regulated. We propose a different theoretical model: the value-based compliance model, assuming that multiple forms of rationality are employed in organizational actions at one time, causing potential value conflicts. This has strong strategic implications for the management of information security. We believe health care situations can be better managed using the assumptions of a value-based compliance model.

  • 33.
    Hedström, Karin
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Melin, Ulf
    Linköping University, Linköping, Sweden .
    Karlsson, Fredrik
    Örebro University, Swedish Business School at Örebro University.
    Kolkowska, Ella
    Örebro University, Swedish Business School at Örebro University.
    Availability in Practice2011Conference paper (Other academic)
  • 34.
    Hedström, Karin
    et al.
    Örebro University, Örebro University School of Business.
    Melin, Ulf
    Söderström, Fredrik
    Identitet, arbete och privatliv: smarta ID-kort2018In: Ett smartare samhälle: sju perspektiv på digitaliseringen av vår vardag / [ed] Gröning, Lotta & Wihlborg, Elin, Linköping: Linköping University Electronic Press, 2018, p. 112-128Chapter in book (Other (popular science, discussion, etc.))
  • 35.
    Hedström, Karin
    et al.
    Örebro University, Örebro University School of Business.
    Persson, Anne
    Högskolan i Skövde, Skövde, Sweden.
    Karlsson, Fredrik
    Örebro University, Swedish Business School at Örebro University.
    Swedish e-health: from policy to practice2012Conference paper (Refereed)
  • 36.
    Hedström, Karin
    et al.
    Örebro University, Örebro University School of Business.
    Wihlborg, Elin
    Department of Management and Engineering, Linköping University, Linköping, Sweden.
    Gustafson, Mariana S.
    Department of Management and Engineering, Linköping University, Linköping, Sweden.
    Söderström, Fredrik
    Department of Management and Engineering, Linköping University, Linköping, Sweden.
    The construction of identity: the use of eID in public organisations2014Conference paper (Refereed)
  • 37.
    Hedström, Karin
    et al.
    Örebro University, Örebro University School of Business. Linköpings universitet, Linköping, Sweden.
    Wihlborg, Elin
    Linköpings universitet, Linköping, Sweden.
    Gustafsson, Mariana
    Linköpings universitet, Linköping, Sweden.
    Söderström, Fredrik
    Linköpings universitet, Linköping, Sweden.
    Constructing identities: professional use of eID in public organisations2015In: Transforming Government: People, Process and Policy, ISSN 1750-6166, E-ISSN 1750-6174, Vol. 9, no 2, p. 143-158Article in journal (Refereed)
    Abstract [en]

    Purpose: The purpose of the paper is to reveal how identities are constructed when electronic identification (eIDs) cards are introduced through information systems in public organisations. 

    Design/methodology/approach: Through two case studies, the authors generate rich data on the construction of identities through use of eID within public organisations. The author’s analysis, based on actor network theory, focusses on the translation of eIDs in these two settings. 

    Findings: ID can be viewed as an artefact where the public and private spheres meet. The authors found at least three mixed roles in employees’ use of eID: as a purely private person; as a private person in the work place; and as a professional in the work place. Research limitations/implications– There is a need for further research on how eID is translated into organisational contexts and how institutional settings define the openings for local translation processes. However, the results are based on two small cases, meaning that broad generalisations are difficult to make. 

    Practical implications: EID is so much more than technology. The technical framing of the identification system appears to be subordinated to organisational arrangements and cultures, making it important to apply a socio-technical perspective when working with eID. 

    Originality/value: The empirical cases have offered a unique chance to study implementation and use of eID in two very different public service organisations. The findings illustrate how eID translated into organisational contexts, and how identity management within an organisational setting is linked to the employees’ private and professional roles.

  • 38.
    Hellberg, Ann-Sofie
    et al.
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    The story of the sixth myth of open data and open government2015In: Transforming Government: People, Process and Policy, ISSN 1750-6166, E-ISSN 1750-6174, Vol. 9, no 1, article id 35-51Article in journal (Refereed)
  • 39. Hellquist, Fredrik
    et al.
    Ibrahim, Samir
    Jatko, Robin
    Andersson, Annika
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Getting their Hands Stuck in the Cookie Jar: students’ security awareness in 1:1 laptop schools2013In: International Journal of Public Information Systems, ISSN 1653-4360, Vol. 9, no 1, p. 1-18Article in journal (Refereed)
    Abstract [en]

     This paper presents results from an ongoing research project studying schools that have implemented oneto-one-laptops (1:1). The research is interpretative and builds on interviews and survey-responses fromstudents and teachers in two public 1:1 schools in Sweden. We are focusing on the students’ security awareness and compliance by researching into whether the students in 1:1 schools comply with the school’s information security policy (ISP). Theoretically, a security awareness perspective is drawn up based o three parts - formal, cognitive and behavioral awareness - that should be in parity with each other. This means that the students’ psychological perception and actual behavior should be in parity with the schools’ ISP. Our findings show that the schools have communicated their ISPs well and that the students’ security awareness in most areas is equivalent to the schools’ ISPs. However, we also found many instances where  it was not the case that the formal, cognitive and behavioral security awareness were in parity with each other. In the analysis of the students’ behavioral security awareness we found that despite the fact that they were aware of the rules they occasionally violated them –  most notably when file-sharing and the downloading of software were involved. We conclude by arguing that non-compliance can only be understood based on an understanding of the students’ underlying reason for following or not following the policies and regulations, and that in order to create a secure information environment, school manager must talk to the students to understand their reasoning. In a situation where 1:1 is spreading rapidly among schools, studies regarding students’ security awareness and behavior are urgent, but so far the field is under-examined.

  • 40.
    Holgersson, Jesper
    et al.
    Högskolan Skövde, Skövde, Sweden.
    Söderström, Eva
    Högskolan Skövde, Skövde, Sweden.
    Karlsson, Fredrik
    Örebro University, Swedish Business School at Örebro University.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Towards a roadmap for user involvement in e-government service development2010In: Electronic government / [ed] Maria A. Wimmer, Jean-Loup Chappelet, Marijn Janssen, Hans J. Scholl, Berlin, Germany: Springer , 2010, p. 251-262Conference paper (Refereed)
    Abstract [en]

    New technology means new ways of both developing, providing and consuming services. In the strive for government organizations to build and maintain relationships with its citizens, e-presence is highly important. E-services are one way to go, and it has been argued that user participation is an important part of developing said services. In this paper we analyze a selection of user participation approaches from a goal perspective to see how they fit in an e-government service development context., In doing so, we identify four challenges that need to be addressed when including users in the development: 1) Identifying the user target segment, 2) Identifying the individual user within each segment, 3) Getting users to participate, and 4) Lacking adequate skills

  • 41.
    Karlsson, Fredrik
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Orebro University School of Business, Örebro University, Sweden.
    Att analysera värderingar bakom informationssäkerhet2011Report (Other (popular science, discussion, etc.))
  • 42.
    Karlsson, Fredrik
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Dhillon, GurpreetVirginia Commonwealth University, Richmond VA, USA.Harnesk, DanLuleå Tekniska Universitet, Luleå, Sweden.Kolkowska, EllaÖrebro University, Örebro University School of Business.Hedström, KarinÖrebro University, Örebro University School of Business.
    Proceedings of the 2011 European Security Conference (ESC’11): Exploring emergent frontiers in identity and privacy management2011Conference proceedings (editor) (Other academic)
  • 43.
    Karlsson, Fredrik
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Goldkuhl, Göran
    Linköping University, Linköping, Sweden.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Practice-Based Discourse Analysis of Information Security Policy in Health Care2014Conference paper (Refereed)
    Abstract [en]

    Information security is an understudied area within electronic government. In this study, we examine the quality of information security policy design in health care. Employees cause a majority of the security breaches in health care, and many of them are unintentional. In order to support the formulation of practical, from the employees’ perspective, information security policies, we propose eight tentative quality criteria. These criteria were developed using practice-based discourse analysis on three information security policy documents from a health care organisation.

  • 44.
    Karlsson, Fredrik
    et al.
    Örebro University, Örebro University School of Business.
    Goldkuhl, Göran
    Department of Management and Engineering, Linköping University, Linköping, Sweden.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Practice-Based Discourse Analysis of InfoSec Policies2015In: ICT systems security and privacy protection: 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26-28, 2015, Proceedings / [ed] Hannes Federrath, Dieter Gollmann, Boston: Springer International Publishing , 2015, p. 297-310Conference paper (Refereed)
    Abstract [en]

    Employees' poor compliance with information security policies is a perennial problem for many organizations. Existing research shows that about half of all breaches caused by insiders are accidental, which means that one can question the usefulness of information security policies. In order to support the formulation of practical, from the employees' perspective, information security policies, we propose eight tentative quality criteria. These criteria were developed using practice-based discourse analysis on three information security policy documents from a health care organisation.

  • 45.
    Karlsson, Fredrik
    et al.
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Örebro University School of Business. End user development and information security cultureDepartment of Management and Engineering, Linköping University, Linköping, Sweden.
    End user development and information security culture2014In: Human Aspects of Information Security, Privacy, and Trust / [ed] Theo Tryfonas, Ioannis Askoxylakis, Springer publications , 2014, p. 246-257Conference paper (Refereed)
    Abstract [en]

    End user development has grown strong during the last decades. The advantages and disadvantages of this phenomenon have been debated over the years, but not extensively from an information security culture point of view. We therefore investigate information security design decisions made by an end user during an end user development. The study is interpretative and the analysis is structured using the concept of inscriptions. Our findings show that end user development results in inscriptions that may induce security risks that organizations are unaware of. We conclude that it is a) important to include end user development as a key issue for information security management, and include end user developers as in important group for the development of a security-aware culture, and b) that information security aspects are addressed in end user development policies.

  • 46.
    Karlsson, Fredrik
    et al.
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Evaluating end user development as a requirements engineering technique for communicating across social worlds during systems development2013In: Scandinavian Journal of Information Systems, ISSN 0905-0167, E-ISSN 1901-0990, Vol. 25, no 2, article id 3Article in journal (Refereed)
    Abstract [en]

    Requirements engineering is a key activity in systems development. This paper examines six systems development projects that have used end user development (EUD) as a requirements engineering technique for communicating across social worlds. For this purpose, we employed the theoretical lens of design boundary object in order to focus on functional and political ecologies during the development process. Four features were investigated: (1) the capability for common representation, (2) the capability to transform design knowledge, (3) the capability to mobilise for design action, and (4) the capability to legitimise design knowledge across social worlds. We concluded that EUD means a high degree of end user involvement and takes advantage of end users’ know-how. It has the ability to capture requirements and transfer them into the final information system without the need to make an explicit design rationale available to the systems developers. However, systems developers have little or no influence on business requirements. Their role is mainly as technical experts rather than business developers. The systems developers took control and power of technical requirements, while requirements that relate to business logic remained with the end users. Consequently, the systems developers did not act as catalysts in the systems development process

  • 47.
    Karlsson, Fredrik
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Exploring the conceptual structure of security rationale2008Conference paper (Refereed)
    Abstract [en]

    Working with a socio-technical view on information systems security is a challenge. Existing studies show that a great number of security incidents are caused by trusted personnel within organizations due to the tension between the design of information systems security policies, guidelines, rules and tools, and how they actually are used. This paper describes a framework for anlyzinging users’ compliance with the creator’s intentions that underlie an information systems security design. This framework is anchored in the concept of rationality, and the result can be used, for example, to facilitate the task of analyzing security incidents, to verify existing information systems security approaches, and to match information systems security approaches with organizational requirements. We have illustrated the use of the framework with data on health-care information systems security.

  • 48.
    Karlsson, Fredrik
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Negotiating a systems development method2010In: Information systems development: towards a service provision society / [ed] George A. Papadopoulos ..., Heidelberg: Springer, 2010, p. 491-499Conference paper (Refereed)
    Abstract [en]

    Systems development methods (or methods) are often applied in tailored version to fit the actual situation. Method tailoring is in most the existing literature viewed as either (a) a highly rational process with the method engineer as the driver where the project members are passive information providers, or (b) as an unstructured process where the systems developer makes individual choices, a selection process without any driver. The purpose of this paper is to illustrate that important design decisions during method tailoring are made by project members through negotiation. The study has been carried out using the perspective of Actor-Network Theory. Our narratives depict method tailoring as more complex than (a) and (b) show: the driver role rotates between the project members and design decisions are based on influences from several project members. However, these design decisions are not consensus decisions.

  • 49.
    Karlsson, Fredrik
    et al.
    Örebro University, Swedish Business School at Örebro University.
    Hedström, Karin
    Örebro University, Swedish Business School at Örebro University.
    Var är perspektivet?: Systemutvecklingsforskning inom e-government2010In: Förvaltning och medborgarskap i förändring: etablerad praxis och kritiska perspektiv / [ed] Katarina Lindblad-Gidlund, Lund: Studentlitteratur AB, 2010, p. 121-138Chapter in book (Other academic)
  • 50.
    Karlsson, Fredrik
    et al.
    Örebro University, Örebro University School of Business.
    Hedström, Karin
    Örebro University, Örebro University School of Business.
    Goldkuhl, Göran
    Information Systems, Linköpings Universitet, Linköping, Sweden.
    Practice-based discourse analysis of information security policies2017In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 67, p. 267-279Article in journal (Refereed)
    Abstract [en]

    To address the “insider” threat to information and information systems, an information security policy is frequently recommended as an organisational measure. However, having a policy in place does not necessarily guarantee information security. Employees’ poor compliance with information security policies is a perennial problem for many organisations. It has been shown that approximately half of all security breaches caused by insiders are accidental, which means that one can question the usefulness of current information security policies. We therefore propose eight tentative quality criteria in order to support the formulation of information security policies that are practical from the employees’ perspective. These criteria have been developed using practice-based discourse analysis on three information security policy documents from a health care organisation.

12 1 - 50 of 66
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf