Title :
Reusable Security Requirements for Healthcare Applications
Author :
Jensen, Jostein ; Tondel, Inger Anne ; Jaatun, Martin Gilje ; Meland, Per Håkon ; Andresen, Herbjørn
Abstract :
Healthcare information systems are currently being migrated from paper based journals to fully digitalised information platforms. Protecting patient privacy is thus becoming an increasingly complex task, where several national and international legal requirements must be met. These legal requirements present only high-level goals for privacy protection, leaving the details of security requirements engineering to the developers of electronic healthcare systems. Our objective has been to map legal requirements for sensitive personal information to a set of reusable technical information security requirements. This paper presents examples of such requirements extracted from legislation applicable to the healthcare domain.
Keywords :
data privacy; formal specification; health care; legislation; medical information systems; security of data; software reusability; electronic healthcare system development; healthcare information system; legal requirement; patient privacy protection; security requirements engineering reusability; Data mining; Information security; Information systems; Law; Legal factors; Legislation; Medical services; National security; Privacy; Protection; healthcare; legislation; reuse; security requirements;
Conference_Titel :
Availability, Reliability and Security, 2009. ARES '09. International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4244-3572-2
Electronic_ISBN :
978-0-7695-3564-7
DOI :
10.1109/ARES.2009.107
