A Framework for Extracting and Modeling HIPAA Privacy Rules for Healthcare Applications
This addresses compliance challenges for healthcare organizations handling sensitive data, but it is incremental as it builds on existing NLP and formal modeling techniques.
The paper tackles the problem of ensuring software compliance with HIPAA privacy regulations by proposing a goal-oriented framework that extracts and models privacy rules from legal text using natural language processing, resulting in a formal method to guarantee regulatory adherence.
Some organizations use software applications to manage their customers' personal, medical, or financial information. In the United States, those software applications are obligated to preserve users' privacy and to comply with the United States federal privacy laws and regulations. To formally guarantee compliance with those regulations, it is essential to extract and model the privacy rules from the text of the law using a formal framework. In this work we propose a goal-oriented framework for modeling and extracting the privacy requirements from regulatory text using natural language processing techniques.