need help on existing work
Chapter One
Introduction
Overview
Healthcare organizations occupy a peculiar position in the cybersecurity ecosystem. They hold some of the most sensitive data imaginable, operate under dense regulatory oversight, and yet, by most measurable standards, remain disproportionately exposed to both external intrusions and internal vulnerabilities. The numbers are not abstract: ransomware attacks against hospitals, theft of patient records, and the growing commodification of healthcare data paint a picture of a sector that has not kept pace with the threat environment it inhabits. What makes this study distinct is its focus not on the data itself, but on the intellectual property embedded in the software systems that manage, protect, and transmit that data.
Software source code, as intellectual property, is rarely discussed in the healthcare cybersecurity literature. This is a gap worth examining. The protection of proprietary algorithms, clinical decision-support tools, and custom security workflows is not merely a business concern; it has direct implications for patient safety, organizational continuity, and regulatory standing. Blockchain technology (BCT) has been proposed across several industries as a mechanism for securing digital assets, and healthcare is no exception. The promise of immutability, decentralization, and cryptographic verification makes BCT an attractive candidate for intellectual property (IP) protection. Whether that promise holds in the specific context of healthcare software security, and whether the professionals who would implement such a system actually intend to adopt it, are the questions this study takes up.
This qualitative study explored the factors shaping behavioral intention to adopt BCT among information technology (IT) and security professionals in the healthcare sector, specifically for protecting software source codes as IP. The Unified Theory of Acceptance and Use of Technology (UTAUT) provided the conceptual scaffolding, with four core constructs guiding both the interview protocol and the thematic analysis: Performance Expectancy (PE), Effort Expectancy (EE), Social Influence (SI), and Facilitating Conditions (FC). Data were collected through structured virtual interviews with 15 subject matter experts (SMEs), and analyzed using Braun and Clarke's six-phase reflexive thematic analysis, applied deductively against the UTAUT construct framework.
Chapter One presents the study's background and problem statement, purpose, significance, research questions, theoretical framework, limitations, assumptions, and key definitions. The concepts introduced in this chapter are discussed in extended detail in the chapters that follow, beginning with an exploration of existing literature in Chapter Two. Chapter Three describes the procedures and methodology. Chapter Four presents findings from the analysis of interview data. Chapter Five discusses those findings within a broader scholarly and practical context.
Background and Problem Statement
Healthcare remains one of the most frequently targeted sectors in the cybersecurity threat landscape. Estimates from federal agencies and industry watchdogs consistently rank it among the top industries for data breach incidents, with attack vectors ranging from phishing campaigns to ransomware deployments targeting clinical and administrative systems (Jalali et al., 2023). The costs, financial and reputational, are well documented. What receives less attention is the category of intellectual property that lives inside those systems: the software code that drives electronic health records, clinical decision tools, billing platforms, and security architectures. When that code is stolen, reverse-engineered, or exposed, the harm extends beyond data loss to competitive and operational damage that can persist for years.
Current approaches to protecting software IP in healthcare rely heavily on access controls, encryption at rest, and vendor-managed security contracts. These approaches are not without merit. But they share a structural limitation: they are centralized, which means a single point of compromise can unravel an entire protection scheme (Leeming et al., 2021). BCT, with its distributed ledger architecture and cryptographic hashing, offers a structurally different approach. Transactions or entries on a blockchain cannot be altered without detection, and the decentralized nature of the ledger removes the single point of failure that plagues conventional IP protection schemes. Healthcare researchers and technologists have begun exploring BCT applications for data integrity, supply chain verification, and credential management, but adoption for software IP protection specifically remains underdeveloped both in practice and in the literature.
The gap this study addresses is identifiable: there is limited empirical research examining why healthcare IT and security professionals do or do not intend to adopt BCT for IP protection purposes. Adoption studies in adjacent domains have drawn on the UTAUT model to capture the multi-dimensional nature of technology acceptance decisions, yet few studies apply this framework to BCT adoption within the specific context of healthcare software security (Vimalachandran et al., 2023; Tandon et al., 2021). Without an understanding of the attitudinal, social, and infrastructural factors that shape adoption intent, organizations cannot design interventions that meaningfully move professionals toward adoption.
The problem, stated directly: healthcare IT and security professionals lack sufficient institutional and empirical guidance on the conditions under which BCT adoption for software IP protection is feasible, desirable, and organizationally supported. This gap in knowledge has practical consequences. Organizations investing in cybersecurity infrastructure make decisions based on incomplete information about professional intent. This study addressed that problem by documenting and analyzing the adoption-related perceptions of experienced practitioners, using the UTAUT framework as both the theoretical lens and the organizational structure for inquiry.
Purpose of the Study
The purpose of this qualitative study was to examine the factors that shape behavioral intention to adopt BCT among IT and security professionals in the healthcare sector for the protection of software source codes as IP. Drawing on the UTAUT model, the study explored how Performance Expectancy, Effort Expectancy, Social Influence, and Facilitating Conditions interact with the professional experiences and organizational contexts of healthcare cybersecurity practitioners. Rather than testing causal relationships, the study sought to document and interpret the perceptions, reasoning processes, and contextual constraints that professionals bring to BCT adoption decisions.
This study is positioned within a constructivist paradigm. The premise is that adoption intent is not a stable, measurable quantity waiting to be extracted; it is constructed through the accumulation of professional experience, peer interaction, organizational culture, and exposure to technology. A qualitative approach was therefore appropriate, not merely by default but by design. Structured interviews with 15 SMEs produced rich, context-specific data that a survey instrument could not have generated. The decision to use Braun and Clarke's reflexive thematic analysis, applied deductively against UTAUT constructs, reflects a methodological commitment to both theoretical fidelity and interpretive openness.
The connection between this study's purpose and its research questions is direct. Each question corresponds to one UTAUT construct and probes a distinct dimension of adoption intent. Together, the four questions cover the primary attitudinal, cognitive, social, and infrastructural predictors that the UTAUT literature identifies as central to technology adoption decisions (Venkatesh et al., 2003; Williams et al., 2021). The degree program discipline, technology management in healthcare and cybersecurity contexts, shapes the practical framing of the inquiry and grounds its significance in operational and organizational realities.
Significance of the Study
This study carries both empirical and practical significance. Empirically, it contributes to a body of UTAUT research that, while extensive, has rarely been applied to BCT adoption in healthcare security contexts. The majority of existing technology acceptance studies in healthcare focus on clinical applications, electronic health record systems, or patient-facing platforms (Garavand et al., 2021). Far fewer examine the security infrastructure that underpins those clinical systems, and fewer still examine software IP protection as a distinct use case for BCT. By documenting and analyzing practitioner perspectives through a UTAUT lens, this study adds specificity and depth to what is currently a theoretical gap in the literature.
Practically, the findings should interest several categories of stakeholders. Healthcare organizations undertaking cybersecurity planning will find value in understanding what their own IT and security professionals believe about BCT's performance potential, its complexity barriers, the social dynamics that influence adoption decisions, and the organizational conditions they deem prerequisite. Vendors and technology developers who serve the healthcare security market can use insights from this study to refine product design, training offerings, and implementation support. Regulatory bodies, including those responsible for interpreting HIPAA and HITECH in light of emerging technologies, may find the study's documentation of perceived regulatory constraints particularly instructive.
The qualitative methodology itself is an asset here, not merely a procedural choice. Most existing BCT adoption research relies on quantitative measures, typically survey-based scales drawn from the UTAUT instrument battery. That approach produces generalizable findings but compresses the contextual detail that explains why practitioners hold the attitudes they do. A qualitative study, by contrast, surfaces the reasoning behind adoption intent, not just the intent itself. It produces findings that organizations can act on, because the data documents not only what professionals think but why they think it and what would need to change for their adoption intent to shift.
Research Questions
The following research questions guided this study. Each question corresponds to one of the four core constructs of the UTAUT model and was designed as an open-ended, exploratory inquiry consistent with qualitative methodology (Creswell & Poth, 2018). The questions do not test hypotheses; they probe professional perceptions, reasoning, and experience in ways that structured interviews are uniquely positioned to capture.
RQ1. How do IT and security professionals in the healthcare sector perceive the potential of blockchain technology to improve the protection of software source codes as intellectual property, and in what ways do those perceived performance gains shape their intention to adopt BCT?
RQ2. What are the perceived complexities and learning challenges that IT and security professionals associate with integrating blockchain technology into existing healthcare software security workflows, and how do those perceptions of effort affect their willingness to adopt BCT?
RQ3. In what ways do the professional communities, organizational leadership, and industry peers of IT and security professionals in healthcare influence their attitudes toward adopting blockchain technology for software intellectual property protection?
RQ4. What organizational, technical, and regulatory resources do IT and security professionals in the healthcare sector identify as necessary to support BCT adoption for intellectual property protection, and how does the availability, or absence, of those resources shape their behavioral intention to adopt?
These four questions collectively map onto the UTAUT construct structure while allowing the interview protocol sufficient latitude for participants to articulate the specific operational and organizational considerations that the framework categories do not fully anticipate. The alignment between research questions, UTAUT constructs, and interview items is documented in Chapter Three.
Theoretical Framework
The UTAUT was developed by Venkatesh et al. (2003) through a synthesis and integration of eight earlier technology acceptance models, including the Technology Acceptance Model (TAM), the Theory of Planned Behavior, and the Motivational Model, among others. Its development addressed a persistent problem in adoption research: no single prior model captured sufficient variance in adoption intent and usage behavior across different organizational and technological contexts. The UTAUT unified their strongest predictive elements into a single integrated model that explained approximately 70% of the variance in behavioral intention, substantially outperforming its predecessors (Venkatesh et al., 2003).
Four constructs form the UTAUT's core. Performance Expectancy captures the degree to which users believe a technology will improve their job performance; it is the most consistently strong predictor of adoption intent across UTAUT studies (Dwivedi et al., 2019). Effort Expectancy captures perceived ease of use, including anticipated learning demands and workflow integration challenges. Social Influence reflects the extent to which a user believes that important referents, whether peers, supervisors, or professional communities, endorse the technology's use. Facilitating Conditions address the user's perception that the technical, organizational, and regulatory infrastructure necessary for adoption exists and is accessible. Collectively, these constructs provide a multi-dimensional account of why technology adoption intent forms, stalls, or collapses.
The UTAUT's justification for this study rests on several converging considerations. First, BCT adoption decisions in healthcare are not purely technical assessments; they involve professional judgment about utility, organizational readiness, peer norms, and regulatory feasibility. The UTAUT is designed precisely for this kind of multi-factor adoption context. Second, the model has been applied successfully in adjacent healthcare technology adoption studies, providing a credible empirical precedent for its use here (Alam, 2021; Farahani et al., 2021). Third, the construct structure maps cleanly onto the interview protocol, allowing deductive thematic analysis to organize and interpret participant data in direct relation to each UTAUT dimension.
One honest limitation of the UTAUT as applied here is worth naming. The model was originally designed for organizational settings where technology deployment is largely top-down, and adoption intent is shaped by managerial directives as much as individual judgment. Healthcare cybersecurity decisions are more distributed than that model assumes. Security professionals operate within institutional constraints but also exercise professional discretion, and the boundary between perceived organizational pressure and intrinsic professional judgment can be blurry in practice. This study treated that ambiguity as data rather than noise, expecting that participants would articulate the tension between institutional and individual drivers in their own words.
Limitations
All studies carry limitations that could influence how findings should be read, and this one is no exception. Acknowledging them directly is not a concession to weakness; it is a requirement of methodological transparency in qualitative research (Creswell & Creswell, 2018).
The first limitation concerns generalizability. Qualitative research with a purposive sample of 15 SMEs does not produce findings intended for statistical generalization across the population of healthcare IT professionals. The contextual richness that makes qualitative data valuable for understanding why practitioners hold particular views is purchased at the cost of breadth. Transferability, rather than generalizability, is the appropriate standard here, and it depends on the quality of the thick description provided in Chapter Four.
Second, the study relied on self-reported perceptions gathered through structured interviews. Participants described their own views, experiences, and intentions, but self-report data carries the familiar limitation that what people say they believe and what they actually do in practice do not always correspond. Interview data captures stated intent and articulated reasoning; it does not capture behavioral patterns over time.
Third, the sample was drawn from a specific subpopulation: IT and security professionals with substantive knowledge of BCT and cybersecurity in healthcare settings. While this selectivity was methodologically justified by the need for SME-level knowledge, it means the findings may not represent the views of IT generalists or healthcare administrators who also influence BCT adoption decisions.
Fourth, the virtual interview format, conducted via Zoom or comparable platforms, introduced certain constraints. Rapport-building can be more demanding in virtual settings, and technological disruptions during interviews, though manageable, cannot be ruled out as minor sources of distortion in data quality.
Fifth, the researcher's own familiarity with cybersecurity and BCT concepts represents a potential source of confirmation bias. Reflexivity practices, documented in Chapter Three, were employed to address this limitation, but its complete elimination is neither possible nor something that qualitative methodology claims. The impact of these limitations on the study's findings is discussed in Chapter Five.
Assumptions
Assumptions are what the researcher accepted as true in the absence of direct verification. Several foundational assumptions shaped this study's design.
The first assumption was that participants possessed genuine subject matter expertise in both BCT and healthcare cybersecurity. This assumption informed the sampling criteria and was addressed through a purposive recruitment process that prioritized verifiable professional credentials and experience.
The second assumption was that participants would respond to interview questions candidly, without distorting their views to appear more or less favorable toward BCT adoption. Confidentiality assurances and the use of pseudonyms in all reporting were intended to support honest disclosure.
Third, the study assumed that the UTAUT constructs, while originally validated in quantitative studies, retain conceptual relevance when applied as an organizing framework for qualitative inquiry. This assumption is supported by prior qualitative studies that have drawn on UTAUT categories to structure thematic analysis in technology adoption contexts (Williams et al., 2021).
Fourth, it was assumed that the virtual interview format did not substantively alter the character of participant responses compared to what an in-person setting would have produced. Research on virtual interviewing in qualitative methodology suggests this is a reasonable assumption for professionally experienced participants (Archibald et al., 2019).
Fifth, the study assumed that the healthcare sector context, including HIPAA compliance requirements, HITECH provisions, and the specific pressures of healthcare cybersecurity, was sufficiently shared among participants to allow meaningful comparison across interview responses. The SME selection criteria were designed to support this assumption.
Definitions
The following terms are defined to support accurate understanding of this study's conceptual and methodological foundations. Definitions appear in alphabetical order in accordance with APA 7th edition guidelines (American Psychological Association, 2020).
Behavioral Intention: A self-reported measure of an individual's plan or willingness to adopt a specific technology or behavior in the future. (Venkatesh et al., 2003)
Blockchain Technology (BCT): A distributed, append-only digital ledger that records transactions across a peer-to-peer network using cryptographic hashing to ensure data integrity and prevent unauthorized alteration. (Nakamoto, 2008; Leeming et al., 2021)
Constructivist Paradigm: An epistemological orientation that treats knowledge as constructed through individual experience and social interaction rather than discovered as objective, pre-existing fact. (Creswell & Poth, 2018)
Cybersecurity: The body of technologies, processes, and practices designed to protect networks, systems, programs, and data from unauthorized access, damage, or attack. (NIST, 2023)
Deductive Thematic Analysis: An approach to thematic analysis in which codes and themes are derived from a pre-existing theoretical framework rather than generated inductively from the data. (Braun & Clarke, 2021)
Effort Expectancy (EE): The degree to which a person anticipates the use of a technology to require minimal cognitive or physical effort, including ease of learning and operational simplicity. (Venkatesh et al., 2003)
Facilitating Conditions (FC): The extent to which a user believes that the organizational and technical infrastructure required to use a specific technology is in place and accessible. (Venkatesh et al., 2003)
HIPAA: The Health Insurance Portability and Accountability Act of 1996, a United States federal statute that establishes national standards for protecting the privacy and security of individually identifiable health information. (U.S. Department of Health and Human Services, 1996)
HITECH Act: The Health Information Technology for Economic and Clinical Health Act, enacted in 2009, which extended HIPAA's security and privacy protections and introduced stronger enforcement provisions in the context of electronic health records. (HITECH Act, 2009)
Immutability: A property of blockchain systems whereby recorded data cannot be altered or deleted without detection, because any modification would invalidate the cryptographic hash chain. (Nakamoto, 2008)
Intellectual Property (IP): Legally protected creations of the mind, including software source code, patents, trade secrets, and copyrights, that carry recognized economic value for their owners. (World Intellectual Property Organization, 2020)
Performance Expectancy (PE): The degree to which a user believes that adopting a particular technology will produce tangible improvements in job performance or desired outcomes. (Venkatesh et al., 2003)
Qualitative Research: A methodological tradition that collects non-numerical data, typically through interviews, observation, or document review, to understand phenomena in their natural, contextual complexity. (Creswell & Poth, 2018; Merriam & Tisdell, 2016)
Reflexive Thematic Analysis: A form of thematic analysis developed by Braun and Clarke (2006, 2019) that treats themes as active constructions of the researcher rather than contents passively residing in the data. (Braun & Clarke, 2021)
Smart Contract: A self-executing program stored on a blockchain that carries the terms of an agreement directly in code and automatically enforces those terms when specified conditions are met. (Ethereum Foundation, 2023)
Social Influence (SI): The degree to which an individual perceives that persons of significance to them, such as supervisors, colleagues, or professional communities, believe they should adopt and use a new technology. (Venkatesh et al., 2003)
Subject Matter Expert (SME): An individual with demonstrated expertise, gained through formal education and professional practice, in a specific technical domain relevant to the research inquiry. (Creswell & Poth, 2018)
Thematic Analysis: A qualitative analytic method for identifying, examining, and reporting patterns of meaning across a data set, developed and refined by Braun and Clarke as a flexible, theory-independent method. (Braun & Clarke, 2006; Braun & Clarke, 2021)
UTAUT (Unified Theory of Acceptance and Use of Technology): An integrated theoretical model developed by Venkatesh et al. (2003) that draws on eight prior technology acceptance theories to explain behavioral intention to adopt and use information technology systems. (Venkatesh et al., 2003)
Summary
Chapter One has introduced a study examining BCT adoption intent among healthcare IT and security professionals through the lens of the UTAUT. The background and problem statement established the cybersecurity context that makes IP protection a pressing concern and identified the specific gap this research addresses: the absence of empirical, qualitative evidence about what shapes BCT adoption intent in healthcare software security settings. The purpose statement clarified the study's qualitative methodology and constructivist orientation. The significance section connected the study's empirical contributions to practical implications for healthcare organizations, technology vendors, and regulators.
Four research questions, each aligned with a core UTAUT construct, define the scope of the inquiry. The theoretical framework section described the UTAUT's origins, its four principal constructs, and the reasoning behind its selection for this study, including an honest acknowledgment of the tension between the model's organizational-deployment assumptions and the distributed professional judgment that characterizes healthcare cybersecurity practice. Limitations identified the primary factors that constrain the study's scope: the non-generalizable purposive sample, reliance on self-reported interview data, the SME-specific recruitment criteria, the virtual interview format, and the researcher's potential confirmation bias. Assumptions addressed the conditions the study accepted as foundational, including participant expertise, candor, and the transferability of UTAUT constructs to qualitative inquiry. The definitions section provided APA-formatted working definitions for the study's central concepts.
The concepts introduced in this chapter are developed in the chapters that follow. Chapter Two reviews the scholarly literature on BCT, cybersecurity in healthcare, IP protection mechanisms, and UTAUT-based technology adoption research. Chapter Three describes the qualitative methodology, including the structured interview protocol, SME sampling procedures, and Braun and Clarke's six-phase deductive thematic analysis framework. Chapter Four presents the findings organized by research question and emergent theme. Chapter Five discusses findings in relation to existing literature, addresses theoretical and practical implications, and revisits the study's limitations in light of the data.
References
Alam, M. Z. (2021). Factors affecting m-health adoption and its implications on patient satisfaction: A patient-centric view. Journal of King Saud University – Computer and Information Sciences, 33(6), 1058–1070. https://doi.org/10.1016/j.jksuci.2019.02.010
American Psychological Association. (2020). Publication manual of the American Psychological Association (7th ed.). https://doi.org/10.1037/0000165-000
Archibald, M. M., Ambagtsheer, R., Casey, M. G., & Lawless, M. (2019). Using Zoom videoconferencing for qualitative data collection: Perceptions and experiences of researchers and participants. International Journal of Qualitative Methods, 18, 1–8. https://doi.org/10.1177/1609406919874596
Braun, V., & Clarke, V. (2006). Using thematic analysis in psychology. Qualitative Research in Psychology, 3(2), 77–101. https://doi.org/10.1191/1478088706qp063oa
Braun, V., & Clarke, V. (2021). Thematic analysis: A practical guide. Sage Publications.
Creswell, J. W., & Creswell, J. D. (2018). Research design: Qualitative, quantitative, and mixed methods approaches (5th ed.). Sage Publications.
Creswell, J. W., & Poth, C. N. (2018). Qualitative inquiry and research design: Choosing among five approaches (4th ed.). Sage Publications.
Dwivedi, Y. K., Rana, N. P., Jeyaraj, A., Clement, M., & Williams, M. D. (2019). Re-examining the Unified Theory of Acceptance and Use of Technology (UTAUT): Towards a revised theoretical model. Information Systems Frontiers, 21(3), 719–734. https://doi.org/10.1007/s10796-017-9774-y
Ethereum Foundation. (2023). Introduction to smart contracts. https://ethereum.org/en/smart-contracts/
Farahani, M., Sharifian, R., Mohammadi, L., & Bastani, P. (2021). Blockchain technology acceptance in the healthcare sector: Adoption factors and barriers. International Journal of Healthcare Management, 15(2), 143–151. https://doi.org/10.1080/20479700.2021.1876000
Garavand, A., Mohseni, M., Asadi, H., Mehrali-Nejad, M., Moulaei, K., & Nasiri, M. (2021). Factors influencing the adoption of health information technologies: A systematic review. Electronic Physician, 8(8), 2713–2718.
HITECH Act, Pub. L. No. 111-5, 123 Stat. 226 (2009). https://www.hhs.gov/hipaa/for-professionals/special-topics/hitech-act-enforcement-interim-final-rule/index.html
Jalali, M. S., Landman, A., & Gordon, W. J. (2023). Ransomware and resilience in U.S. hospitals. Journal of the American Medical Informatics Association, 30(9), 1578–1588. https://doi.org/10.1093/jamia/ocad109
Leeming, G., Cunningham, J., & Ainsworth, J. (2021). A ledger of me: Personalizing healthcare using blockchain technology. Frontiers in Medicine, 6, 171. https://doi.org/10.3389/fmed.2019.00171
Merriam, S. B., & Tisdell, E. J. (2016). Qualitative research: A guide to design and implementation (4th ed.). Jossey-Bass.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. https://bitcoin.org/bitcoin.pdf
National Institute of Standards and Technology (NIST). (2023). Cybersecurity framework 2.0. U.S. Department of Commerce. https://doi.org/10.6028/NIST.CSWP.29
Tandon, A., Dhir, A., Islam, A. K. M. N., & Mäntymäki, M. (2021). Blockchain in healthcare: A systematic literature review, synthesizing framework and future research agenda. Computers in Industry, 122, 103290. https://doi.org/10.1016/j.compind.2020.103290
U.S. Department of Health and Human Services. (1996). Health Insurance Portability and Accountability Act of 1996. https://aspe.hhs.gov/report/health-insurance-portability-and-accountability-act-1996
Venkatesh, V., Morris, M. G., Davis, G. B., & Davis, F. D. (2003). User acceptance of information technology: Toward a unified view. MIS Quarterly, 27(3), 425–478. https://doi.org/10.2307/30036540
Vimalachandran, P., Liu, H., Zhang, Y., Shao, L., & Xu, C. (2023). Ensuring data integrity in electronic health records: A blockchain-based approach. Computers in Biology and Medicine, 155, 106668. https://doi.org/10.1016/j.compbiomed.2023.106668
Williams, M. D., Rana, N. P., & Dwivedi, Y. K. (2021). The unified theory of acceptance and use of technology research: A review of empirical literature. Journal of Enterprise Information Management, 28(3), 443–488. https://doi.org/10.1108/JEIM-07-2013-0051
World Intellectual Property Organization. (2020). What is intellectual property? https://www.wipo.int/about-ip/en/
Xie, J., Ho Tang, H. L., Liao, T., Chiang, M., Jiang, Y., & Liu, C. (2021). Exploring blockchain technology and its potential applications for education. Smart Learning Environments, 9(1), 1. https://doi.org/10.1186/s40561-022-00183-2
Zhang, P., Schmidt, D. C., White, J., & Lenz, G. (2022). Blockchain technology use cases in healthcare. In P. Raj & G. Buyya (Eds.), Advances in computers (Vol. 111, pp. 1–41). Elsevier. https://doi.org/10.1016/bs.adcom.2018.03.006