• DocumentCode
    2943463
  • Title

    Supporting Evidence-Based Compliance Evaluation for Partial Business Process Outsourcing Scenarios

  • Author

    Miseldine, Philip L. ; Flege, Ulrich ; Schaad, Andreas

  • Author_Institution
    SAP Res., Karlsruhe
  • fYear
    2008
  • fDate
    9-9 Sept. 2008
  • Firstpage
    31
  • Lastpage
    34
  • Abstract
    We present the challenges facing businesses wishing to outsource processes to service providers who must maintain regulatory compliance via data access control procedures. We argue that it is not currently possible to capture the necessary agreements, and supporting evidence, pertaining to the usage of data a client may send to a service provider. As a result, the richness of evidence and controls a client has available to it reduces when they choose to use an outsourcer, therefore lessening the business value of considering service outsourcing. The paper introduces a model to clarify these issues, which is implemented against a health-care scenario, to show how data usage in an outsourcing scenario can be better captured and controlled.
  • Keywords
    authorisation; business data processing; outsourcing; data access control; evidence-based compliance evaluation; health-care scenario; partial business process outsourcing scenario; Access control; Concrete; Contracts; Control system synthesis; Data privacy; Electrical equipment industry; Medical services; Outsourcing; Protection; Quality of service;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Requirements Engineering and Law, 2008. RELAW '08.
  • Conference_Location
    Barcelona, Catalunya
  • Print_ISBN
    978-1-4244-4085-6
  • Electronic_ISBN
    978-0-7695-3630-9
  • Type

    conf

  • DOI
    10.1109/RELAW.2008.9
  • Filename
    4797471
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2943463