IDEAS home Printed from https://ideas.repec.org/a/igg/jisss0/v9y2017i1p1-21.html
   My bibliography  Save this article

HIPAA Security and Privacy Rules Auditing in Extreme Programming Environments

Author

Listed:
  • Mahmood Alsaadi

    (Department of Computer Science, Princess Sumaya University for Technology, Amman, Jordan)

  • Malik Qasaimeh

    (Department of Software Engineering, Princess Sumaya University for Technology, Amman, Jordan)

  • Sara Tedmori

    (Department of Computer Science, Princess Sumaya University for Technology, Amman, Jordan)

  • Khaled Almakadmeh

    (Department of Software Engineering, Hashemite University, Zarqa, Jordan)

Abstract

Healthcare business is responsible of keeping patient data safe and secure by following the rules of the federal Health Insurance Portability and Accountability Act of 1996, (HIPAA). Agile software organizations that deal with healthcare software system face a number of challenges to demonstrate that their process activities conform to the rules of HIPAA. Such organizations must establish a software process life cycle and develop procedures, tools, and methodologies that can manage the HIPAA requirements during the different stages of system development, and also must provide evidences of HIPAA conformity. This paper proposes an auditing model for HIPAA security and privacy rules in XP environments. The design of the proposed model is based on an evaluation theory which takes as its input the work of Lopez ATAM, and the standards of common criteria (CC) concepts. The proposed auditing model has been assessed based on four case studies. The auditing result shows that the proposed model is capable of capturing the auditing evidences in most of the selected case studies.

Suggested Citation

  • Mahmood Alsaadi & Malik Qasaimeh & Sara Tedmori & Khaled Almakadmeh, 2017. "HIPAA Security and Privacy Rules Auditing in Extreme Programming Environments," International Journal of Information Systems in the Service Sector (IJISSS), IGI Global, vol. 9(1), pages 1-21, January.
    • Handle: RePEc:igg:jisss0:v:9:y:2017:i:1:p:1-21
    as

    Download full text from publisher

    File URL: http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJISSS.2017010101
    Download Restriction: no
    ---><---

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jisss0:v:9:y:2017:i:1:p:1-21. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.