Title : 
Managing changing compliance requirements by predicting regulatory evolution
         
        
            Author : 
Maxwell, Jeremy C. ; Anton, Annie I. ; Swire, Peter
         
        
            Author_Institution : 
Coll. of Eng., North Carolina State Univ., Raleigh, NC, USA
         
        
        
        
        
        
            Abstract : 
Over time, laws change to meet evolving social needs. Requirements engineers that develop software for regulated domains, such as healthcare or finance, must adapt their software as laws change to maintain legal compliance. In the United States, regulatory agencies will almost always release a proposed regulation, or rule, and accept comments from the public. The agency then considers these comments when drafting a final rule that will be binding on the regulated domain. Herein, we examine how these proposed rules evolve into final rules, and propose an Adaptability Framework. This framework can aid software engineers in predicting what areas of a proposed rule are most likely to evolve, allowing engineers to begin building towards the more stable sections of the rule. We develop the framework through a formative study using the Health Insurance Portability and Accountability (HIPAA) Security Rule and apply it in a summative study on the Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology.
         
        
            Keywords : 
formal specification; medical information systems; security of data; standards; HIPAA security rule; Health Insurance Portability and Accountability security rule; United States; adaptability framework; certification criteria; changing compliance requirement management; electronic health record technology; health information technology; implementation specifications; regulatory agency; regulatory evolution prediction; requirements engineers; software development; standard set; Certification; Law; Medical services; Security; Software; Taxonomy; Healthcare IT; Regulatory Compliance; Requirements Engineering; Requirements Evolution;
         
        
        
        
            Conference_Titel : 
Requirements Engineering Conference (RE), 2012 20th IEEE International
         
        
            Conference_Location : 
Chicago, IL
         
        
        
            Print_ISBN : 
978-1-4673-2783-1
         
        
            Electronic_ISBN : 
1090-750X
         
        
        
            DOI : 
10.1109/RE.2012.6345793