Extracting and modeling the privacy requirements from HIPAA for healthcare applications

Author

Alshugran, Tariq ; Dichter, Julius

Author_Institution

Dept. of Comput. Sci. & Eng., Univ. of Bridgeport, Bridgeport, CT, USA

fYear

2014

fDate

2-2 May 2014

Firstpage

1

Lastpage

5

Abstract

In the U.S. healthcare software applications, the patient privacy is protected under the public law 104-191, also known as the Health Insurance Portability and Accountability Act (HIPAA). To ensure compliance with the law, it´s crucial to extract and model the privacy requirements as early as possible in the software development life cycle, as the cost to implement in later stages will be higher. The main challenge for such a task is the ability to interpret the letter of the law in a format that can then be easily implemented due HIPAA rules being too complex and dense to be used as is by software developers. In this paper we propose a method to analyzes, extracts, and models the privacy requirements in HIPAA.

Keywords

data privacy; law; medical administrative data processing; HIPAA; US healthcare software applications; health insurance portability and accountability act; healthcare applications; law compliance; patient privacy; privacy requirements; public law 104-191; software development life cycle; Access control; Context; Law; Privacy; Unified modeling language; Access control model; Data modeling; Data privacy; HIPAA; Role engineering;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems, Applications and Technology Conference (LISAT), 2014 IEEE Long Island

Conference_Location

Farmingdale, NY

Type

conf

DOI

10.1109/LISAT.2014.6845198

Filename

6845198