Towards an integrated privacy framework for HIPAA-compliant Web services

A Web service is a software system designed to support interoperable application-to-application interaction over the Internet. Web services are based on a set of XML standards, such as universal description, discovery and integration (UDDI), Web services description language (WSDL), and simple object access protocol (SOAP). Based on prior studies, this paper proposes a vocabulary-based Web services privacy framework for protecting health data privacy under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

[1]  T. Jepsen,et al.  IT in healthcare: progress report , 2003 .

[2]  Barbara Carminati,et al.  Towards standardized Web services privacy technologies , 2004 .

[3]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[4]  T. T. May Medical information security: the evolving challenge , 1998, Proceedings IEEE 32nd Annual 1998 International Carnahan Conference on Security Technology (Cat. No.98CH36209).

[5]  Simone Fischer-Hübner,et al.  IT-Security and Privacy , 2001, Lecture Notes in Computer Science.

[6]  L. Belitsky Protecting the privacy of patients' health information. , 2003, The Alabama nurse.

[7]  Athman Bouguettaya,et al.  Preserving privacy in web services , 2002, WIDM '02.

[8]  Rakesh Agrawal,et al.  Managing healthcare data hippocratically , 2004, ACM SIGMOD Conference.