Title :
Measuring Privacy Compliance with Process Specifications
Author :
Banescu, Sebastian ; Zannone, Nicola
Author_Institution :
Eindhoven Univ. of Technol., Eindhoven, Netherlands
Abstract :
Enforcement relies on the idea that infringements are violations and as such should not be allowed. However, this notion is very restrictive and cannot be applied in unpredictable domains like healthcare. To address this issue, we need conformance metrics for detecting and quantifying infringements of policies and procedures. However, existing metrics usually consider every deviation from specifications equally making them inadequate to measure the severity of infringements. In this paper, we identify a number of factors which can be used to quantify deviations from process specifications. These factors drive the definition of metrics that allow for a more accurate measurement of privacy infringements. We demonstrate how the proposed approach can be adopted to enhance existing conformance metrics through a case study on the provisioning of healthcare treatment.
Keywords :
data privacy; health care; software metrics; conformance metrics; healthcare; privacy compliance; privacy infringements; process specifications; Atmospheric measurements; History; Medical services; Particle measurements; Privacy; Security;
Conference_Titel :
Security Measurements and Metrics (Metrisec), 2011 Third International Workshop on
Conference_Location :
Banff, AB
Print_ISBN :
978-1-4673-1245-5
DOI :
10.1109/Metrisec.2011.10
