Resolving Ambiguities in Regulations: Towards Achieving the Kohlbergian Stage of Principled Morality

According to Kohlberg, the final stage of morality is characterized by viewing laws as a means to an end by upholding values such as human dignity and fairness as guiding principles for complying with the essence of the law. Given that purpose of compliance is indeed wellbeing of citizens, software systems should, by design, incorporate these values so that laws are followed in spirit. How can we build software systems that incorporate these values? We present our work on disambiguating Health Insurance Portability and Accountability Act (HIPAA) so as to reduce the potential incidents of breach, thereby upholding of the aforesaid guiding principles of morality. We have employed deep learning based approaches to emulate the human process of disambiguation by integrating information from multiple sources, summarizing it, and augmenting the regulatory text with the additional information. This augmented regulatory text can be used by policy makers and software engineers to achieve compliance in spirit.

[1]  Annie I. Antón,et al.  Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations , 2006, 14th IEEE International Requirements Engineering Conference (RE'06).

[2]  James Parker,et al.  on Knowledge and Data Engineering, , 1990 .

[3]  Laurie A. Williams,et al.  How Good Is a Security Policy against Real Breaches? A HIPAA Case Study , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE).

[4]  Omer Levy,et al.  word2vec Explained: deriving Mikolov et al.'s negative-sampling word-embedding method , 2014, ArXiv.

[5]  Dragomir R. Radev,et al.  LexRank: Graph-based Lexical Centrality as Salience in Text Summarization , 2004, J. Artif. Intell. Res..

[6]  Travis D. Breaux,et al.  Ambiguity in Privacy Policies and the Impact of Regulation , 2016, The Journal of Legal Studies.

[7]  Qiang Yang,et al.  A Survey on Transfer Learning , 2010, IEEE Transactions on Knowledge and Data Engineering.

[8]  John Jackson The Costs of Medical Privacy Breach. , 2015, MD advisor : a journal for New Jersey medical community.

[9]  Smita Ghaisas,et al.  Ethos, Pathos, and Logos to Prevent Sexual Harassment at Workplaces: A Regulatory Solution Based on Operant Conditioning , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C).

[10]  Jane Cleland-Huang,et al.  Semantically Enhanced Software Traceability Using Deep Learning Techniques , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE).

[11]  Karen Colorafi,et al.  It’s Time for Innovation in the Health Insurance Portability and Accountability Act (HIPAA) , 2016, JMIR medical informatics.

[12]  Jonas Mueller,et al.  Siamese Recurrent Architectures for Learning Sentence Similarity , 2016, AAAI.

[13]  Jane Huffman Hayes,et al.  Advancing candidate link generation for requirements tracing: the study of methods , 2006, IEEE Transactions on Software Engineering.

[14]  H. Raghav Rao,et al.  Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..

[15]  Annie I. Antón,et al.  Identifying and classifying ambiguity for regulatory requirements , 2014, 2014 IEEE 22nd International Requirements Engineering Conference (RE).

[16]  Smita Ghaisas,et al.  Detecting system use cases and validations from documents , 2013, 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[17]  L. Kohlberg Stage and sequence: The cognitive-developmental approach to socialization , 1969 .

[18]  Lukás Burget,et al.  Recurrent neural network based language model , 2010, INTERSPEECH.