A Prolog model of the income tax act of Canada
ICAIL '87 Proceedings of the 1st international conference on Artificial intelligence and law
Role-Based Access Control Models
Computer
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Logic, Programming, and PROLOG
Logic, Programming, and PROLOG
Analyzing Website Privacy Requirements Using a Privacy Goal Taxonomy
RE '02 Proceedings of the 10th Anniversary IEEE Joint International Conference on Requirements Engineering
An XPath-based preference language for P3P
WWW '03 Proceedings of the 12th international conference on World Wide Web
On permissions, inheritance and role hierarchies
Proceedings of the 10th ACM conference on Computer and communications security
Specifying privacy policies with P3P and EPAL: lessons learned
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Inside JetBlue's Privacy Policy Violations
IEEE Security and Privacy
Enterprise privacy promises and enforcement
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Privacy and Contextual Integrity: Framework and Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Privacy APIs: Access Control Techniques to Analyze and Verify Legal Privacy Policies
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
HIPAA's Effect on Web Site Privacy Policies
IEEE Security and Privacy
Privacy and Utility in Business Processes
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Experiences in the logical specification of the HIPAA and GLBA privacy laws
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Privacy policies with modal logic: the dynamic turn
DEON'10 Proceedings of the 10th international conference on Deontic logic in computer science
Proceedings of the 1st ACM International Health Informatics Symposium
On the equivalence between the L1 action language and partial actions in transaction logic
RR'11 Proceedings of the 5th international conference on Web reasoning and rule systems
Reasoning with actions in transaction logic
RR'11 Proceedings of the 5th international conference on Web reasoning and rule systems
Policy auditing over incomplete logs: theory, implementation and applications
Proceedings of the 18th ACM conference on Computer and communications security
Declarative privacy policy: finite models and attribute-based encryption
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
An analytical solution for consent management in patient privacy preservation
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Towards HIPAA-compliant healthcare systems
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Understanding and protecting privacy: formal semantics and principled audit mechanisms
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
A dynamic logic for privacy compliance
Artificial Intelligence and Law - Special issue on Deontic Logic and Normative Systems
On XACML's adequacy to specify and to enforce HIPAA
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Privacy is a process, not a PET: a theory for effective privacy practice
Proceedings of the 2012 workshop on New security paradigms
Proceedings of the 18th ACM symposium on Access control models and technologies
International Journal of Reliable and Quality E-Healthcare
Hi-index | 0.00 |
The complexity of regulations in healthcare, financial services, and other industries makes it difficult for enterprises to design and deploy effective compliance systems. We believe that in some applications, it may be practical to support compliance by using formalized portions of applicable laws to regulate business processes that use information systems. In order to explore this possibility, we use a stratified fragment of Prolog with limited use of negation to formalize a portion of the US Health Insurance Portability and Accountability Act (HIPAA). As part of our study, we also explore the deployment of our formalization in a prototype hospital Web portal messaging system.