Establishing regulatory compliance for information system requirements: an experience report from the health care domain

Authors:
Alberto Siena;Giampaolo Armellin;Gianluca Mameli;John Mylopoulos;Anna Perini;Angelo Susi
Affiliations:
Fondazione Bruno Kessler, Trento, Italy;GPI, Trento, Italy;Fondazione Bruno Kessler, Trento, Italy;University of Trento, Trento, Italy;Fondazione Bruno Kessler, Trento, Italy;Fondazione Bruno Kessler, Trento, Italy
Venue:
ER'10 Proceedings of the 29th international conference on Conceptual modeling
Year:
2010

Citing 9
Cited 3

Modelling strategic relationships for process reengineering

Modelling strategic relationships for process reengineering
Process modelling: the deontic way

APCCM '06 Proceedings of the 3rd Asia-Pacific conference on Conceptual modelling - Volume 53
Fundamental legal concepts: a formal and teleological characterisation

Artificial Intelligence and Law
Semantic parameterization: A process for modeling domain descriptions

ACM Transactions on Software Engineering and Methodology (TOSEM)
Exploring the Effectiveness of Normative i* Modelling: Results from a Case Study on Food Chain Traceability

CAiSE '08 Proceedings of the 20th international conference on Advanced Information Systems Engineering
Using Goal-Oriented Requirements Engineering for Improving the Quality of ISO/IEC 15504 based Compliance Assessment Frameworks

RE '08 Proceedings of the 2008 16th IEEE International Requirements Engineering Conference
Designing Law-Compliant Software Requirements

ER '09 Proceedings of the 28th International Conference on Conceptual Modeling
Towards a framework for tracking legal compliance in healthcare

CAiSE'07 Proceedings of the 19th international conference on Advanced information systems engineering
A Meta-Model for Modelling Law-Compliant Requirements

RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law

Sociotechnical trust: an architectural approach

ER'11 Proceedings of the 30th international conference on Conceptual modeling
Research directions in agent communication

ACM Transactions on Intelligent Systems and Technology (TIST) - Special section on agent communication, trust in multiagent systems, intelligent tutoring and coaching systems
Trust-based specification of sociotechnical systems

Data & Knowledge Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Adherence to laws and regulations imposes important constraints on organizations, for legacy and new systems, both for their design and operation. Nòmos is a framework that supports the development of compliant software systems. In this paper, we report on the application of Nòmos in an industrial project, to provide model-based evidence that a set of requirements for a healthcare information system are compliant with a specific law. Compliance is treated as a collection of assigned responsibilities to social and system actors. The design of compliance pays special attention to auditability, i.e., making sure that design-time compliance is actually being adhered to.