HIPAA Security and Privacy Rules Auditing in Extreme Programming Environments

Healthcare business is responsible of keeping patient data safe and secure by following the rules of the federal Health Insurance Portability and Accountability Act of 1996, (HIPAA). Agile software organizations that deal with healthcare software system face a number of challenges to demonstrate that their process activities conform to the rules of HIPAA. Such organizations must establish a software process life cycle and develop procedures, tools, and methodologies that can manage the HIPAA requirements during the different stages of system development, and also must provide evidences of HIPAA conformity. This paper proposes an auditing model for HIPAA security and privacy rules in XP environments. The design of the proposed model is based on an evaluation theory which takes as its input the work of Lopez ATAM, and the standards of common criteria (CC) concepts. The proposed auditing model has been assessed based on four case studies. The auditing result shows that the proposed model is capable of capturing the auditing evidences in most of the selected case studies.

MoreLess

Year of publication:	2017
Authors:	Alsaadi, Mahmood ; Qasaimeh, Malik ; Tedmori, Sara ; Almakadmeh, Khaled
Published in:	International Journal of Information Systems in the Service Sector (IJISSS). - IGI Global, ISSN 1935-5696, ZDB-ID 2498766-9. - Vol. 9.2017, 1 (01.01.), p. 1-21
Publisher:	IGI Global
Subject:	Agile Software Auditing \| Extreme Programming \| HIPAA Compliance Model \| Software Process Improvement

Online Resource

Check full text access |

More access options

doi.org

Check Google Scholar

In libraries world-wide (WorldCat)

In German libraries (KVK)

subito order

I need help

More details

Type of publication:	Article
Language:	English
Other identifiers:	10.4018/IJISSS.2017010101 [DOI]
Source:	Other ZBW resources

Persistent link: https://www.econbiz.de/10012045862