 Health Insurance Portability and Accountability Act (HIPPA) Compliant Access Control Model for Web ServicesVivying S.Y. Cheng and
Patrick C.K. Hung
International Journal of Healthcare Information Systems and Informatics (IJHISI), 2006, vol. 1, issue 1, 22-39 Abstract: Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a set of rules to be followed by health plans, doctors, hospitals, and other healthcare providers in the U.S. HIPAA privacy rules create national standards to protect individuals’ health information. Recently, there have been increasing demands and discussions about Web services-based healthcare applications. It is, therefore, necessary for HIPAA privacy rules to be standardized in Web services. However, so far no comprehensive solutions to the various privacy issues have been defined in this area. This paper summarizes the HIPAA privacy rules and surveys the topic of protecting health data privacy under the HIPAA. We propose a vocabulary-based Web services privacy framework with Role-based Access Control (RBAC) with privacy extensions and argue the HIPAA compliance for such framework. For illustration, we present the first two HIPAA rules in the extended RBAC model and embed into the HIPAA-compliant technical architecture for implementation of Web services. Date: 2006 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:igg:jhisi0:v:1:y:2006:i:1:p:22-39 Access Statistics for this article International Journal of Healthcare Information Systems and Informatics (IJHISI) is currently edited by Qiang (Shawn) Cheng More articles in International Journal of Healthcare Information Systems and Informatics (IJHISI) from IGI Global |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.