A Framework for Extracting and Modeling HIPAA Privacy Rules for Healthcare Applications

Some organizations use software applications to manage their customers' personal, medical, or financial information. In the United States, those software applications are obligated to preserve users' privacy and to comply with the United States federal privacy laws and regulations. To formally guarantee compliance with those regulations, it is essential to extract and model the privacy rules from the text of the law using a formal framework. In this work we propose a goal-oriented framework for modeling and extracting the privacy requirements from regulatory text using natural language processing techniques.

• Publication year

  2016

• Venue

  arXiv.org

• Publication date

  2016-03-09

• Fields of study

  Law, Computer Science, Medicine

• Identifiers
  DOI 10.5121/hiij.2016.5101arXiv 1603.02964
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• Extracting security requirements from relevant laws and regulations

  2012cited by this paper
• Sarbanes-Oxley Act of 2002

  2012cited by this paper
• Health Insurance Portability and Accountability Act

  2011cited by this paper
• Eliciting security requirements and tracing them to design: an integration of Common Criteria, heuristics, and UMLsec

  2010cited by this paper
• SOME FUNDAMENTAL LEGAL CONCEPTIONS AS APPLIED IN JUDICIAL REASONING

  2008cited by this paper
• Analyzing Regulatory Rules for Privacy and Security Requirements

  2008cited by this paper
• From Laws to Requirements

  2008cited by this paper
• Addressing Legal Requirements in Requirements Engineering

  2007cited by this paper
• Health Insurance Portability and Accountability Act Security Rule

  2007cited by this paper
• Goal-oriented Analysis of Regulations

  2006cited by this paper
• THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT

  2004cited by this paper
• Towards an Analytical Role Modelling Framework for Security Requirements

  2002cited by this paper
• Privacy promises, access control, and privacy management. Enforcing privacy throughout an enterprise by extending access control

  2002cited by this paper
• Sarbanes-Oxley Act of 2002

  2002cited by this paper
• A scenario-driven role engineering process for functional RBAC roles

  2002cited by this paper
• The role of policy and stakeholder privacy values in requirements engineering

  2001cited by this paper
• Health Insurance Portability and Accountability Act of 1996: lessons from the States.

  1999cited by this paper
• Towards a UML based approach to role engineering

  1999cited by this paper
• Health Insurance Portability and Accountability Act of 1996.

  1998cited by this paper

• Towards Enhanced Accountability in Complying with Healthcare Regulations

  2019cites this paper
• PRESERVING HIPAA-COMPLIANT ACCESS CONTROL MODEL FOR WEB SERVICES

  year unknowncites this paper