Title :
Extracting and modeling the privacy requirements from HIPAA for healthcare applications
Author :
Alshugran, Tariq ; Dichter, Julius
Author_Institution :
Dept. of Comput. Sci. & Eng., Univ. of Bridgeport, Bridgeport, CT, USA
Abstract :
In the U.S. healthcare software applications, the patient privacy is protected under the public law 104-191, also known as the Health Insurance Portability and Accountability Act (HIPAA). To ensure compliance with the law, it´s crucial to extract and model the privacy requirements as early as possible in the software development life cycle, as the cost to implement in later stages will be higher. The main challenge for such a task is the ability to interpret the letter of the law in a format that can then be easily implemented due HIPAA rules being too complex and dense to be used as is by software developers. In this paper we propose a method to analyzes, extracts, and models the privacy requirements in HIPAA.
Keywords :
data privacy; law; medical administrative data processing; HIPAA; US healthcare software applications; health insurance portability and accountability act; healthcare applications; law compliance; patient privacy; privacy requirements; public law 104-191; software development life cycle; Access control; Context; Law; Privacy; Unified modeling language; Access control model; Data modeling; Data privacy; HIPAA; Role engineering;
Conference_Titel :
Systems, Applications and Technology Conference (LISAT), 2014 IEEE Long Island
Conference_Location :
Farmingdale, NY
DOI :
10.1109/LISAT.2014.6845198
