Department of Information Technology and Analytics
Kogod School of Business | American University
4400 Massachusetts Ave | Washington DC 20016
(202) 885-1832 |
[ LinkedIn ❐ ] [ Google Scholar ❐ ]

Basic Info

Dr. Heng Xu is a Professor of Information Technology and Analytics in the Kogod School of Business at the American University, where she also serves as the Director of the Kogod Cyber Governance Center. Before joining Kogod in 2018, she had a mix of academic and government background, serving as a faculty member at Penn State for 12 years, as well as being a program director at the National Science Foundation for 3 years. She has also served on a broad spectrum of national leadership committees including co-chairing the Federal Privacy R&D Inter-agency Working Group to implement the National Privacy Research Strategy in 2016, and serving on the National Academies Committee on Open Science in 2017-2018.

Dr. Xu’s current research focus is on the interplay between human and technological issues associated with information privacy and cybersecurity, with the overall goal to understand the social, strategic, policy and governance aspects of handling and securing personal data. Her work has received many awards, including the National Science Foundation’s CAREER award in 2010, and a total of 10 best paper awards and nominations at various leading conferences. She has published over 100 research papers on information privacy, security management, human-computer interaction, and technology innovation adoption. Her scholarly work has been published in premier outlets across various fields such as Psychology, Information Systems, Law, and Human-Computer Interaction, including Psychological Methods, Management Information Systems Quarterly, Information Systems Research, Journal of Management Information Systems, Journal of Management, University of Pennsylvania Journal of Constitutional Law, Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI), and many others.

Dr. Xu's research and education have been sponsored by more than ten grants from the National Science Foundation (NSF), the Defense Advanced Research Projects Agency (DARPA), the National Institute of Health (NIH), and the National Security Agency (NSA).

Dr. Xu currently serves as an associate editor for Management Information Systems Quarterly (since 2018) and an associate editor for IEEE Security & Privacy (since 2020).

Selected Publications

  • Zhang, N., Wang, M., & Xu, H. (in press). "“Disentangling Effect Size Heterogeneity in Meta-analysis: A Latent Mixture Approach," Psychological Methods.
  • Xu, H., Zhang, N., & Zhou, L. (2020). "Validity Concerns in Research Using Organic Data," Journal of Management, 46(7), 1257-1274.
  • Luo, X., Li, H., Hu, Q., & Xu, H. (in press). “Why Do Individual Employees Commit Malicious Computer Abuses? A Routine Activity Theory Perspective,” Journal of the Association for Information Systems.
  • Xu, H., & Zhang, N. (2019). "Privacy in Health Disparity Research," Medical Care, 57, S172-S175.
  • Parks, R., Xu, H., Chu, C., & Lowry, B. (2017). Examining the Intended and Unintended Consequences of Organizational Privacy Safeguards Enactment in Healthcare: A Grounded Theory Investigation. European Journal of Information Systems. 26(1), 37-65. (awarded the Operational Research Society’s Stafford Beer Medal in 2018)
  • Jia, H., & Xu, H. (2016). "Measuring Individuals’ Concerns over Collective Privacy on Social Networking Sites," Cyberpsychology: Journal of Psychosocial Research on Cyberspace, 10(1), Article 4.
  • Dinev, T., Xu, H., Smith, H., & Hart, P. (2013). Information Privacy and Correlates: An Empirical Attempt to Bridge and Distinguish Privacy-Related Concepts. European Journal of Information Systems. Vol. 22, No. 3, pp. 295-316.
  • Xu, H. (2012). "Reframing Privacy 2.0 in Online Social Networks," University of Pennsylvania Journal of Constitutional Law, 14(14), 1077-1102.
  • Xu, H., Teo, H., Tan, B., & Agarwal, R. (2012). Effects of Individual Self-Protection, Industry Self-Regulation, and Government Regulation on Privacy Concerns: A Study of Location-Based Services. Information Systems Research. Vol. 23, No. 4, pp. 1342-1363.
  • Smith, H., Dinev, T., & Xu, H. (2011). Information Privacy Research: An Interdisciplinary Review. Management Information Systems Quarterly. Vol. 35, No. 4, pp. 989-1015.
  • Xu, H., Dinev, T., Smith, H., & Hart, P. (2011). Information Privacy Concerns: Linking Individual Perceptions with Institutional Privacy Assurances. Journal of the Association for Information Systems. Vol. 12, No. 12, pp. 518-546.
  • Xu, H., Teo, H., Tan, B., & Agarwal, R. (2010). The Role of Push-Pull Technology in Privacy Calculus: The Case of Location-Based Services. Journal of Management Information Systems. Vol. 26, No. 3, pp. 137-176.


I have taught the following undergraduate and graduate courses at Kogod and Penn State:

© 2018 Heng Xu