You are here: UCM Web>UCMVirtualLibrary>VirLibWer07Priv (22 Jun 2007)


Compliance with privacy legislation is a primary concern for health care institutions that are building information systems support for their business processes. This paper describes a requirements management framework that enables health information custodians (HIC) to document and track compliance with privacy legislation. A metamodel is defined for our framework to define compliance tracking links between separate User Requirements Notation models of the HIC and privacy legislation. Using examples from a case study at a major teaching hospital, we show how this framework can be used to manage change and ensure compliance when privacy legislation is amended or the business processes evolved.

-- Daniel Amyot - 01 May 2007


  • See also the corresponding thesis: Vir Lib Ghanavati MSc Thesis
  • Please feel free to discuss this article directly on this page. Constructive comments are welcomed! Please sign your TWiki name.

Form For Virtual Library edit

Title A Requirements Management Framework for Privacy Compliance
Authors S. Ghanavati, D. Amyot, L. Peyton
Type Conference
Conference/Journal Title 10th Workshop on Requirements Engineering (WER 2007)
Publisher York University Press
Month May
Year 2007
Pages 80-91
Keywords Business Process, Compliance, DOORS, Healthcare, Legislation, PHIPA, Privacy, URN,
Topic attachments
I Attachment Action Size Date Who Comment
pdfpdf WER07-final.pdf manage 411.6 K 22 Jun 2007 - 14:34 Daniel Amyot WER'07 paper
Topic revision: r2 - 22 Jun 2007 - 14:35:34 - Daniel Amyot
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback