Semi-automated checking for regulatory compliance in e-Health
This work addresses compliance challenges for e-Health services, but it is incremental as it applies existing methods to a specific domain.
The paper tackles the problem of ensuring regulatory compliance in business processes by presenting a semi-automated methodology, applied to an e-Health Hospital at Home service, which combines business process modeling with formal logic to check rules like those from the GDPR.
One of the main issues of every business process is to be compliant with legal rules. This work presents a methodology to check in a semi-automated way the regulatory compliance of a business process. We analyse an e-Health hospital service in particular: the Hospital at Home (HaH) service. The paper shows, at first, the analysis of the hospital business using the Business Process Management and Notation (BPMN) standard language, then, the formalization in Defeasible Deontic Logic (DDL) of some rules of the European General Data Protection Regulation (GDPR). The aim is to show how to combine a set of tasks of a business with a set of rules to be compliant with, using a tool.