Welcome to my website! I am a PhD candidate at University of Texas at Dallas in the Department of Economics.
I am on the job market during the 2023-2024 academic year.
I am working under the supervision of Daniel G. Arce, Catherine Tucker, Anne Burton, and Anton Sobolev.
My research focuses on the Economics of Digitization with an emphasis on Cybersecurity, Privacy, Cloud, Health IT, and Responsible AI.
Prior to graduate school, I was a business data platform test engineer at China Construction Bank Supply Chain Finance Company and an assistant researcher at Investment Research Institute in Beijing. I hold an MS in Accountancy (Data Analytics) from University of Illinois Urbana-Champaign. I am an award-wining teacher with a wide range of teaching interests in Business Analytics, Cloud Platforms, AI, Platform Economics, Microeconomics, Digital Economics, Game Theory, and Health Economics.
A copy of my CV is available HERE. Email me at nclement@utdallas.edu
Job Market Paper
Data breaches in hospitals disrupt care, potentially leading to fatal consequences, violating privacy rights, and incurring significant costs to remedy. Mergers and acquisitions serve as an essential source of financing but also induce substantial management challenges. I study whether and how hospital mergers increase the probability of a data breach. Using proprietary hospital merger records and the archived data breach reporting from the Department of Health and Human Services from 2010 to 2022, I implement a stacked difference-in-differences estimation strategy to show that in the two-year window after hospital consolidation, incidents of data breaches in merger targets, buyers, and sellers more than double as compared to the pre-treated groups. The effect is robust to changes of the two-year window. The effect is also robust to the changes in sample size due to the data availability of the control variables and in how standard errors are clustered. The incompatibility of the merging information systems causes an increase in hacking in the post-signing period. Health systems, especially the large and experienced health systems, suffer greater such elevated post-signing breaches. In recent years, cyber attacks have shorter attack cycles than traditional malware attacks and catch hospitals that haven't gotten integration in order by surprise. The signaling effect that reduces hackers’ information asymmetry about the hospitals causes an even larger increase in pre-signing hacks, especially in recent years through ransomware attacks. Such signaling effect does not spill over to the post-signing period. Conversely, the complementary effect of organizational capital that improves internal risk control reduces the increase in data breaches. For example, mergers involving publicly traded hospitals can experience a decrease in data breaches during mergers. The dynamic analysis shows that the data breach situation during mergers is getting worse because of soaring cases of hacks, even though the insider misconduct have become less a problem since 2014.
Working Paper
Cloud services exist under a shared security environment; both cloud services providers (CSPs) and users contribute to overall security. We investigate the nature of shared security in a dynamic game where users’ security contributions and cloud usage figure into their CSP’s vulnerability. Furthermore, CSPs’ own security contributions take their users into account as well as competition with other CSPs. We characterize the Markov Perfect Equilibrium time path of security in the cloud. In particular, we identify a novel form of time-path strategic complementary between usage and a CSP’s Markov state of security. This implies that cloud security is an unusual form of impure public good whereby individual contributions bolstering a CSP’s security endow a selective incentive (benefit) on others, rather than providing a selective benefit to the contributor themselves. Consequently, CSP vulnerability increases over time.