Affiliation:
1. Princess Sumaya University for Technology, Jordan
2. Hashemite University, Jordan
Abstract
Healthcare business is responsible of keeping patient data safe and secure by following the rules of the federal Health Insurance Portability and Accountability Act of 1996, (HIPAA). Agile software organizations that deal with healthcare software system face a number of challenges to demonstrate that their process activities conform to the rules of HIPAA. Such organizations must establish a software process life cycle and develop procedures, tools, and methodologies that can manage the HIPAA requirements during the different stages of system development, and also must provide evidences of HIPAA conformity. This paper proposes an auditing model for HIPAA security and privacy rules in XP environments. The design of the proposed model is based on an evaluation theory which takes as its input the work of Lopez ATAM, and the standards of common criteria (CC) concepts. The proposed auditing model has been assessed based on four case studies. The auditing result shows that the proposed model is capable of capturing the auditing evidences in most of the selected case studies.
Reference29 articles.
1. AAMI. (2012). Guidance on the use of agile practices in the development of medical device software. AAMI TIR45. Retrieved from http://www.aami.org
2. Abrahamsson, P., Salo, O., & Ronkainen, J. (2002). Agile software development methods: Review and analysis. Espoo VTT Publications, 43(9), 10-12.
3. Simulation Method to Improve Hospital Service Quality
4. Embracing change with extreme programming
5. From The Field: The Politics Of The Health Insurance Portability And Accountability Act