Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Compliance-Driven Architecture for Healthcare Industry

Author 1: Syeda Uzma Gardazi
Author 2: Arshad Ali Shahid

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2017.080571

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 8 Issue 5, 2017.

Abstract: The United States (US) healthcare organizations are continuously struggling to cope-up with evolving regulatory requirements e.g. Health Information Technology for Economic and Clinical Health Act (HITECH) and International Organization for Standardization (ISO) 9001: 2015. These requirements are not only affecting the US healthcare industry but also other industries as well e.g. software industry that provides software products and services to healthcare organizations. It is vital for software companies to ensure and comply with applicable regulatory requirements. These evolving regulatory requirements may affect all phases of software development lifecycle including software architecture. It is difficult for Software architects to transform and trace regulatory requirements at software architecture level due to the absence of software design and architectural mechanisms. We have composed architectural mechanisms from given set of information security regulations i.e. Health Insurance Portability and Accountability Act (HIPAA) non-functional requirements, and these composed mechanisms were used to initiate initial architecture for the Electronic Health Record (EHR) and/or Health Level Seven (HL7). At next, style was selected for compliant and non-compliant software architecture. A layer of compliance was introduced in existing layered style that intends to help software companies to track compliance at software architecture level. Further, we have evaluated compliance-driven EHR architecture vs. non-compliant EHR architecture using a large healthcare billing and IT company with offices on three continents as a case study.

Keywords: Compliance-driven; architectural mechanisms; ISO 9001:2015; ISO 27001:2013; HIPAA; HITCH; software architecture; Logic-based Compliance Advisor (LCA); architectural evaluation

Syeda Uzma Gardazi and Arshad Ali Shahid, “Compliance-Driven Architecture for Healthcare Industry” International Journal of Advanced Computer Science and Applications(IJACSA), 8(5), 2017. http://dx.doi.org/10.14569/IJACSA.2017.080571

@article{Gardazi2017,
title = {Compliance-Driven Architecture for Healthcare Industry},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2017.080571},
url = {http://dx.doi.org/10.14569/IJACSA.2017.080571},
year = {2017},
publisher = {The Science and Information Organization},
volume = {8},
number = {5},
author = {Syeda Uzma Gardazi and Arshad Ali Shahid}
}

IJACSA

Upcoming Conferences

Future of Information and Communication Conference (FICC) 2022

3-4 March 2022

Computing Conference 2022

14-15 July 2022

IntelliSys 2022

1-2 September 2022

Future Technologies Conference (FTC) 2022

20-21 October 2022