Exploring Current Practices and Challenges of HIPAA Compliance in Software Engineering: Scoping Review

IEEE Open Journal of Systems Engineering Pub Date : 2024-04-23 DOI:10.1109/OJSE.2024.3392691

Farah Elkourdi;Chenhao Wei;LU Xiao;Zhongyuan YU;Onur Asan

{"title":"Exploring Current Practices and Challenges of HIPAA Compliance in Software Engineering: Scoping Review","authors":"Farah Elkourdi;Chenhao Wei;LU Xiao;Zhongyuan YU;Onur Asan","doi":"10.1109/OJSE.2024.3392691","DOIUrl":null,"url":null,"abstract":"Healthcare systems and applications are increasingly used to improve patient care. However, these applications face data security, privacy, and regulatory compliance challenges. The health insurance portability and accountability act (HIPAA) regulates the use and disclosure of patient health information. Ensuring HIPAA compliance in the software engineering process poses critical challenges to software engineering practitioners. This review focuses on understanding the state-of-the-art in the current literature for ensuring HIPAA compliance in the software development life cycle, namely, requirement gathering, software design, implementation, software testing, and evolution. The findings of this study shed light on software engineers in creating HIPAA compliance healthcare systems and applications. This literature review presents the key themes and trends in this research area. Also, it provides recommendations for future research in the intersection of software engineering methods and HIPAA compliance.","PeriodicalId":100632,"journal":{"name":"IEEE Open Journal of Systems Engineering","volume":"2 ","pages":"94-104"},"PeriodicalIF":0.0000,"publicationDate":"2024-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10506964","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of Systems Engineering","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/10506964/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Healthcare systems and applications are increasingly used to improve patient care. However, these applications face data security, privacy, and regulatory compliance challenges. The health insurance portability and accountability act (HIPAA) regulates the use and disclosure of patient health information. Ensuring HIPAA compliance in the software engineering process poses critical challenges to software engineering practitioners. This review focuses on understanding the state-of-the-art in the current literature for ensuring HIPAA compliance in the software development life cycle, namely, requirement gathering, software design, implementation, software testing, and evolution. The findings of this study shed light on software engineers in creating HIPAA compliance healthcare systems and applications. This literature review presents the key themes and trends in this research area. Also, it provides recommendations for future research in the intersection of software engineering methods and HIPAA compliance.

查看原文本刊更多论文

探索软件工程中 HIPAA 合规性的当前实践与挑战：范围审查

医疗保健系统和应用程序越来越多地用于改善患者护理。然而，这些应用程序面临着数据安全、隐私和法规遵从方面的挑战。健康保险便携性和责任法案》（HIPAA）对患者健康信息的使用和披露进行了规定。在软件工程过程中确保 HIPAA 合规性对软件工程从业人员提出了严峻的挑战。本综述侧重于了解当前文献中确保软件开发生命周期（即需求收集、软件设计、实施、软件测试和演进）中 HIPAA 合规性的最新进展。本研究的结论为软件工程师创建 HIPAA 合规性医疗保健系统和应用程序提供了启示。本文献综述介绍了该研究领域的关键主题和趋势。此外，它还为软件工程方法与 HIPAA 合规性交叉领域的未来研究提供了建议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Open Journal of Systems Engineering

自引率

0.00%

发文量