Towards a framework for tracking legal compliance in healthcare

Authors:
Sepideh Ghanavati;Daniel Amyot;Liam Peyton
Affiliations:
SITE, University of Ottawa, Canada;SITE, University of Ottawa, Canada;SITE, University of Ottawa, Canada
Venue:
CAiSE'07 Proceedings of the 19th international conference on Advanced information systems engineering
Year:
2007

Citing 7
Cited 20

Analyzing Website Privacy Requirements Using a Privacy Goal Taxonomy

RE '02 Proceedings of the 10th Anniversary IEEE Joint International Conference on Requirements Engineering
Towards Modeling and Reasoning Support for Early-Phase Requirements Engineering

RE '97 Proceedings of the 3rd IEEE International Symposium on Requirements Engineering
Introduction to the user requirements notation: learning by example

Computer Networks: The International Journal of Computer and Telecommunications Networking - ITU-T system design languages (SDL)
Using roles and business objects to model and understand business processes

Proceedings of the 2005 ACM symposium on Applied computing
Ensuring Compliance between Policies, Requirements and Software Design: A Case Study

IWIA '06 Proceedings of the Fourth IEEE International Workshop on Information Assurance
Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations

RE '06 Proceedings of the 14th IEEE International Requirements Engineering Conference
Towards integrated tool support for the user requirements notation

SAM'06 Proceedings of the 5th international conference on System Analysis and Modeling: language Profiles

Managing the Alignment between Business and Software Services Requirements from a Capability Model Perspective

ServiceWave '08 Proceedings of the 1st European Conference on Towards a Service-Based Internet
From Laws to Requirements

RELAW '08 Proceedings of the 2008 Requirements Engineering and Law
Comparative Analysis between Document-based and Model-based Compliance Management Approaches

RELAW '08 Proceedings of the 2008 Requirements Engineering and Law
Mining and analysing security goal models in health information systems

SEHC '09 Proceedings of the 2009 ICSE Workshop on Software Engineering in Health Care
Social Modeling and i*

Conceptual Modeling: Foundations and Applications
Towards a compliance support framework for global software companies

SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
Designing Law-Compliant Software Requirements

ER '09 Proceedings of the 28th International Conference on Conceptual Modeling
Governance Requirements Extraction Model for Legal Compliance Validation

RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law
Modeling, Analyzing and Weaving Legal Interpretations in Goal-Oriented Requirements Engineering

RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law
A Meta-Model for Modelling Law-Compliant Requirements

RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law
The production rule framework: developing a canonical set of software requirements for compliance with law

Proceedings of the 1st ACM International Health Informatics Symposium
Establishing regulatory compliance for information system requirements: an experience report from the health care domain

ER'10 Proceedings of the 29th international conference on Conceptual modeling
A framework to support alignment of secure software engineering with legal regulations

Software and Systems Modeling (SoSyM)
Using protocols and domain specific languages to achieve compliance of administrative processes with legislation

EGOVIS'11 Proceedings of the Second international conference on Electronic government and the information systems perspective
Towards semantic methodologies for automatic regulatory compliance support

Proceedings of the 4th workshop on Workshop for Ph.D. students in information & knowledge management
Establishing regulatory compliance for software requirements

ER'11 Proceedings of the 30th international conference on Conceptual modeling
Requirements, intentions, goals and applicable norms

ER'12 Proceedings of the 2012 international conference on Advances in Conceptual Modeling
Capturing variability of law with nómos 2

ER'12 Proceedings of the 31st international conference on Conceptual Modeling
Choosing compliance solutions through stakeholder preferences

REFSQ'13 Proceedings of the 19th international conference on Requirements Engineering: Foundation for Software Quality
Arguing regulatory compliance of software requirements

Data & Knowledge Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Hospitals strive to improve the quality of the healthcare they provide. To achieve this, they require access to health data. These data are sensitive since they contain personal information. Governments have legislation to ensure that privacy is respected and hospitals must comply with it. Unfortunately, most of the procedures meant to control access to health information remain paper-based, making it difficult to trace. In this paper, we introduce a framework based on the User Requirements Notation that models the business processes of a hospital and links them with legislation such as the Ontario Personal Health Information Privacy Act (PHIPA). We analyze different types of links, their functionality, and usefulness in complying with privacy law. This framework will help health information custodians track compliance and indicate how their business processes can be improved.