Title :
Toward a privacy preserving HIPAA-compliant access control model for web services
Author :
Alshugran, Tariq ; Dichter, Julius
Author_Institution :
Univ. of Bridgeport, Bridgeport, CT, USA
Abstract :
Most of the modern health-related information is collected, maintained, and accessed through computerized systems. However, the interaction with this information needs to comply with the U.S. federal regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Due to the complexity of healthcare regulations, it´s not easy to deploy a complaint system, especially for heterogeneous systems designed to allow data transfer and communication. Web services can be used to solve the problem of incompatible systems intercommunication; however, a generic model for HIPAA enforcement is required. In this paper we propose a generic HIPAA complaint privacy access control model for web services that can be easily applied to any existing covered entity web services.
Keywords :
Web services; authorisation; data privacy; health care; medical administrative data processing; HIPAA enforcement; Health Insurance Portability and Accountability Act of 1996; US federal regulations; United States; Web services; computerized systems; data communication; data transfer; health care regulations; health-related information; heterogeneous systems; privacy preserving HIPAA-compliant access control model; Access control; Data models; Data privacy; Medical services; Privacy; Web services; Access control; Data privacy; HIPAA; Web services;
Conference_Titel :
Electro/Information Technology (EIT), 2014 IEEE International Conference on
Conference_Location :
Milwaukee, WI
DOI :
10.1109/EIT.2014.6871755
