Abstract

Hospitals strive to improve the quality of the healthcare they provide. To achieve this, they require access to health data. These data are sensitive since they contain personal information. Governments have legislation to ensure that privacy is respected and hospitals must comply with it. Unfortunately, most of the procedures meant to control access to health information remain paper-based, making it difficult to trace. In this paper, we introduce a framework based on the User Requirements Notation that models the business processes of a hospital and links them with legislation such as the Ontario Personal Health Information Privacy Act (PHIPA). We analyze different types of links, their functionality, and usefulness in complying with privacy law. This framework will help health information custodians track compliance and indicate how their business processes can be improved.

-- DanielAmyot - 15 Mar 2007

Discussion

FormForVirtualLibrary edit

Title Towards a Framework for Tracking Legal Compliance in Healthcare
Authors S. Ghanavati, D. Amyot, and L. Peyton
Type Conference
Conference/Journal Title 19th Int. Conf. on Advanced Information Systems Engineering (CAiSE'07)
Volume/Number LNCS 4495
Editors A. Opdahl and G. Sindre
Publisher Springer
Month June
Year 2007
Pages 218-232
DOI 10.1007/978-3-540-72988-4_16
Keywords Business Process, Compliance, DOORS, Health Information Custodian, Privacy Legislation, Requirements Engineering, User Requirements Notation
Topic attachments
I Attachment Action Size Date Who Comment
CAISE07.pdfpdf CAISE07.pdf manage 534 K 22 Jun 2007 - 14:24 DanielAmyot Pre-publication version.
CAiSE07.pptppt CAiSE07.ppt manage 1 MB 13 Jun 2007 - 12:46 DanielAmyot CAiSE'07 presentation
Topic revision: r4 - 06 Nov 2009, AzaliaShamsaei
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback