An Ontology-based Compliance Audit Framework for Medical Data Sharing across Europe

An Ontology-based Compliance Audit Framework for Medical Data Sharing across Europe

Hanene Rahmouni1,3, Kamran Munir1, Intidhar Essefi3, Marco Mont2, and Tony Solomonides4

1Department of Computer Science and Creative Technologies, University of the West of England, UK

2Hewlett-Packard Labs, Cloud & Security Lab, UK

3University of Tunis el Manar, the Higher Institute of Medical Technologies of Tunis Research Laboratory of Biophysics and Medical Technologies Tunis, Tunisia

4Outcomes Research Network, Research Institute, NorthShore University Health System, USA

Abstract: Complying with privacy in multi-jurisdictional health domains is important as well as challenging. The compliance management process will not be efficient unless it manages to show evidences of explicit verification of legal requirements. In order to achieve this goal, privacy compliance should be addressed through “a privacy by design” approach. This paper presents an approach to privacy protection verification by means of a novel audit framework. It aims to allow privacy auditors to look at past events of data processing effectuated by healthcare organisation and verify compliance to legal privacy requirements. The adapted approach used semantic modelling and a semantic reasoning layer that could be placed on top of hospital databases. These models allow the integration of fine-grained context information about the sharing of patient data and provide an explicit capturing of applicable privacy obligation. This is particularly helpful for insuring a seamless data access logging and an effective compliance checking during audit trials.

Keywords: Privacy, regulation, verification, audit, compliance, ontology, SWRL, health data, public clouds, GDPR.

Received June 24, 2019; accepted April 15, 2020
Full text     
Read 1111 times
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…