The Community for Technology Leaders
RSS Icon
Subscribe
Minneapolis/St. Paul, Minnesota, USA
Sept. 11, 2006 to Sept. 15, 2006
ISBN: 0-7695-2555-5
pp: 49-58
Travis D. Breaux , North Carolina State University
Matthew W. Vail , North Carolina State University
Annie I. Ant? , North Carolina State University
ABSTRACT
In the United States, federal and state regulations prescribe stakeholder rights and obligations that must be satisfied by the requirements for software systems. These regulations are typically wrought with ambiguities, making the process of deriving system requirements ad hoc and error prone. In highly regulated domains such as healthcare, there is a need for more comprehensive standards that can be used to assure that system requirements conform to regulations. To address this need, we expound upon a process called Semantic Parameterization previously used to derive rights and obligations from privacy goals. In this work, we apply the process to the Privacy Rule from the U.S. Health Insurance Portability and Accountability Act (HIPAA). We present our methodology for extracting and prioritizing rights and obligations from regulations and show how semantic models can be used to clarify ambiguities through focused elicitation and to balance rights with obligations. The results of our analysis can aid requirements engineers, standards organizations, compliance officers, and stakeholders in assuring systems conform to policy and satisfy requirements.
INDEX TERMS
null
CITATION
Travis D. Breaux, Matthew W. Vail, Annie I. Ant?, "Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations", RE, 2006, 2013 21st IEEE International Requirements Engineering Conference (RE), 2013 21st IEEE International Requirements Engineering Conference (RE) 2006, pp. 49-58, doi:10.1109/RE.2006.68
51 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool