Framework of Privacy and Security Requirements in Healthcare

Rule based Framework to Capture Privacy and Security Requirements in Healthcare Service Deployments

Abstract. In healthcare sector, delivering high quality services efficiently while meeting globally accepted standards is becoming a necessity in any society with utmost importance. Identification, representation and ultimately realization of Privacy and Security requirements within the context of developing such high quality healthcare services meeting productivity and efficiency demands are becoming fundamental. Therefore, in this research, to meet the above purpose, a unified rule-based framework has been proposed. This framework is based on Responsibility Assignment Matrix and Semantics of Business Vocabulary and Rules (SBVR). Further, our proposal is aligned with the Services Aware Interoperability Framework that has been put forward by global healthcare standardization giant, HL and leading not-for-profit technology standards consortium, the Object Management Group (OMG®). Finally, an illustration of application of the proposal been carried out in the area of Clinics Management at public sector hospitals in Sri Lanka. The application of the proposed rule-based framework has proven its ability to facilitate e-Health Solution developer to associate said framework to identify privacy and security requirements completely and correctly, to represent them unambiguous manner and then to facilitate realization.

Keywords: e-health, Privacy & Security, SBVR, RACI, HL7

1. Introduction

In Healthcare sector in Sri Lanka, there is a constant and growing need for automated and integrated of health information to guide developing health planning and activities. When addressing these guidelines e-clinical and e-patient management related Privacy & Security concerns are important. In this research paper there are mainly five phases identified in the Health Care Clinic Management, which described in below figure 1;

Fig 1 : Health Care Clinic Management System Phases

2. Modeling Business Motivation
   1. Business Motivation Modeling (BMM)

Business Motivation Modeling is used in this paper to analyze, understand and design intentions, actions and relationships among actors, activities and information in Clinic Management System. In the BMM, business motivations are categorized into two main high level groups such as Ends and Means.

Ends are what P&S requirements HCCMS wants to achieve. Ends categorized in to Vision & Desire Results. A Vision is a future state of the HCCMS, without regard to how it is achieved. A Desired Results is a state that the HCCMS intends to maintain or sustain. Desired Results include Objective & Goal. A Goal is long term, general, ongoing and defined qualitatively. A Objective is short terms, quantitative, specific and not continues beyond its period. Means are what requirements HCCMS has decided to implement in order to become what it wants to be. Means are organized into Mission, Course of Action, and Directives. Mission is an ongoing operational activity of the HCCMS. Mission describes what the HCCMS is or will be doing on daily to maintain the HCCMS. P&S Course of Action is an approach or plan for configuring processes, locations, people, timing in concerning to Privacy & Security in the HCCMS to achieve Desired Results. [4]

Directive is the focus in this report and it governs the Course of Actions (Strategy & Tactics) of the HCCMS. Directives defines aspects of an HCCMS and ascertain structure of the HCCMS. Directives categorized into Policy & Rules. Policy is less structured, less discrete and not focused on single aspect of governance or guidance. Rules must formally articulate, and should highly structured and carefully expressed using standard Vocabulary. [4]

2. Semantics of Business Vocabulary and Business Rules (SBVR)

The work presented in this paper is mainly based on Object Management Group’s (OMG) Semantics of Business Vocabulary and Business Rules (SBVR). This is a further classification derived from BMM Rules. The purpose of SBVR is to exchange the health care vocabularies and health care rules among health care environment between health care system. SBVR provides set of rule categories and rule types, which has taken to create the Privacy & Security Rules in the Referral process in this research. SBVR proposes six different levels of enforcements for business such as; Strict, Deferred, Pre-Authorized, Post-justified, override, guideline. The work presented in this paper mainly focused on SBVR two main rules types such as Operative Business Rules and Structural Business Rules. Operative Business Rules further classified as obligatory, prohibition and restricted permission. Structural business rules further classified as necessity, impossibility, and restricted possibility. [5]

Following explanations derived from SBVR for Operative and Structural Rule Types.

Obligation Statement – ‘Operative business rule statement that is expressed positively in terms of obligation rather than negatively in terms of prohibition.’ Prohibition Statement – ‘Operative business rule statement that is expressed negatively in terms of prohibition rather than positively in terms of obligation.’ Restricted Permission – ‘Operative business rule statement that is expressed as permission being granted only when a given condition is met.’ Necessity Statement – ‘Structural rule statement that is expressed positively in terms of necessity rather than negatively in terms of impossibility.’ Impossibility – ‘Structural rule statement that is expressed negatively in terms of impossibility rather than positively in terms of necessity.’ Restricted Possibility – ‘Structural rule statement that is expressed as possibility being acknowledged only when a given condition is met.’

3. Privacy & Security in Health Care

In the Clinic Management Systems Privacy & Security concerns are originated based on Security requirements such as; Authentication, Authorization, Integrity, Confidentiality & non-repudiation. [1] Therefore, this research study done based on the identified Privacy & Security requirements in the Referral Process.

1. HL7 SAIF

Health Level 7 (HL7) provides set of standards in developing health care system. However, Privacy & Security is one of the major issues to handle in a health care environment when developing a system. According to the HL7 Service Aware Interoperability Framework (SAIF) Privacy & Security requirements involved in the process are divided into four main sections such as; Information Framework(IF), Behavioral Framework(BF), Governance Framework(GF) , and Enterprise Compliance and Conformance Framework (ECCF). Privacy & Security Rules introduced in this research; mainly be seen as extension to the SAIF sub-framework, Behavioral Framework (BF). Behavioral Framework in the SAIF defines dynamic semantics of interactions in an interoperability specification. BF defines roles relationships among various stakeholders, system components and applications. These relationships involve information exchange and state changes within use case scenarios. [6][7]

2. RASCI

A Responsibility Assignment Matrix (RAM), also known as RASCI matrix or Linear Responsibility Chart (LRC), describes the participation by various roles in completing tasks or deliverables.[6] In this, paper RACI especially used in clarifying roles and responsibilities in the Referral Process in the HCCMS.

Based on the RASCI abbreviation following has been drawn out to extend the Behavioral model in HL7 SAIF.[6]

R = Responsible – Define the privacy and security policy requirements in e-Health (Government orgs, NGOs etc.) Identify who has access to different modules, sessions etc.

A = to whom ‘R’ is responsible –Who will have access to different modules, different security layers, different security sessions to be established. Different authorization levels.

S = Supportive – Main roles and sub roles in the system.

C= to be Consulted – Different layers need to complete work, Different authentication levels . Define communication flows with modules/ sessions.

I = to be Informed – End results. Log to be maintained of each action by each user.(Monitor end result based on that)

Explanation of RACI/RASCI is displayed in below;

According definition of Behavioral Framework in SAIF; RACI/RASCI chart will help to define and identify interactions in an interoperability system. According to RACI helps to identify various roles and incompletion tasks. [6]

4. Proposed Privacy & Security Rule based Framework

In this, research we have identified Privacy & Security Rule based Framework based on the SBVR Rules Types in section 2.2 and RACI in section 3.2. According to the SBVR operative and structural rules further classified as; obligatory, prohibition and restricted permission, necessity, impossibility, and restricted possibility as explained in section 2.2. In order to identify these rule types inside the RACI matrix below syntax has introduced in this research;

Operative – Obligatory : <O-O> Operative –Prohibition : <O-P> Operative – Restricted Permission : <O-RP> Structural – Necessity : <S-N> Structural – Impossibility : <S-I> Structural – Restricted Possibility : <S:RP>

Using this Rule categorization and RACI Model the following hybrid rule framework introduced to represent Privacy & Security requirements in healthcare service development. In this presented Rule Framework Rule Statement is captured as the 3rd law to capture the Privacy & Security requirements as in below matrix.

The work presented in this paper explained using the examples in below Matrix. Examples are taken from the Referral Process.

5. Conclusion & Discussions

Privacy & Security Policy requirements are essential in developing a health care system in local clinic management system. In this paper it was introduced a systematic approach to capture the essential Privacy & Security requirements using a Privacy & Security Rule Framework. The work present in this research is an extension to the Behavioral Framework in the SAIF. Using SBVR and RACI a new hybrid approach has used to explain the new rule based framework. In this research, new Rule Framework identifies and represents Privacy & Security requirements in health care deployment. The outcome of this research has below contributions and benefits;

1. Privacy & Security Rule Template: A rule template to capture Privacy & Security requirements, which are using SBVR Rule types & RACI.
2. Traceability : Provide traceability in different steps in the template.
3. Unique Framework : Privacy & Security concerns are separated using the SBVR together with HL7

This research is still on going and needs number of concerns to address as future work. One of them is further enhancement of the Rule Template to reach comprehensive Privacy & Security Framework. Second is empirical evaluation study on the proposed template.

6. References

1. A Conceptual Architecture Approach. Paul Toal, Angus Herron, Jason Rees,Patrick McLaughlin and Dale Young. Oracle Corporation,Redwood Shores, USA: Oracle, April 2011.
2. Association for Information Systems (AIS), 2012, Design Science Research in Information Systems, < [Accessed on 11 October 2013]
3. Dean A. Baker, “Multi-company Project Management: Maximizing Business Results Through Collaboration”, page 58, ISBN 1-60427-035-7.
4. Object Management Group (OMG®), 2010, Business Motivation Model (BMM), < [Accessed on 20 April 2013]
5. Object Management Group (OMG®), 2002, Semantics Of Business Vocabulary And Business Rules (SBVR), Version 1.0, < [Accessed on 20 April 2014]
6. Health Level Seven International (HL7), 2013, Introduction to HL7 Standards, <> [Accessed on 20 April 2014]
7. HL7-SAIF, 2011, Working Interoperability (WI)-SAIF, [Accessed on 11 October 2013] <