Health Insurance Portability and Accountability Act (HIPPA) Compliant Access Control Model for Web Services

Health Insurance Portability and Accountability Act (HIPPA) Compliant Access Control Model for Web Services

Vivying S.Y. Cheng (Hong Kong University of Science and Technology, Hong Kong) and Patrick C.K. Hung (University of Ontario Institute of Technology, Canada)
DOI: 10.4018/jhisi.2006010102
OnDemand PDF Download:
$37.50

Abstract

Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a set of rules to be followed by health plans, doctors, hospitals, and other healthcare providers in the U.S. HIPAA privacy rules create national standards to protect individuals’ health information. Recently, there have been increasing demands and discussions about Web services-based healthcare applications. It is, therefore, necessary for HIPAA privacy rules to be standardized in Web services. However, so far no comprehensive solutions to the various privacy issues have been defined in this area. This paper summarizes the HIPAA privacy rules and surveys the topic of protecting health data privacy under the HIPAA. We propose a vocabulary-based Web services privacy framework with Role-based Access Control (RBAC) with privacy extensions and argue the HIPAA compliance for such framework. For illustration, we present the first two HIPAA rules in the extended RBAC model and embed into the HIPAA-compliant technical architecture for implementation of Web services.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 12: 4 Issues (2017): Forthcoming, Available for Pre-Order
Volume 11: 4 Issues (2016)
Volume 10: 4 Issues (2015)
Volume 9: 4 Issues (2014)
Volume 8: 4 Issues (2013)
Volume 7: 4 Issues (2012)
Volume 6: 4 Issues (2011)
Volume 5: 4 Issues (2010)
Volume 4: 4 Issues (2009)
Volume 3: 4 Issues (2008)
Volume 2: 4 Issues (2007)
Volume 1: 4 Issues (2006)
View Complete Journal Contents Listing