Lead Institution: Stanford

Project Leader: John C. Mitchell

Research Progress

  • Abstract

    The complexity of regulations in healthcare and other industries makes it difficult for enterprises to design and deploy effective compliance systems. We aim to support compliance efforts by using formalized portions of applicable laws to help regulate business processes that use information systems.

  • Focus of the research/Market need for this project

    Compliance with HIPAA, HITECH and related state laws is mandatory for healthcare organizations and their business associates. There are many vendors that strive to help healthcare organizations with HIPAA compliance, suggesting that there is a market demand for technology to automate policy compliance checking. Health Information Exchanges (HIE) are among the parties that need to comply with potentially different policies across state boundaries.

  • Project Aims/Goals

    The aim of this project is to produce a logical representation of federal and state laws that can be used to support applications such as: (1) automated compliance checking for complex multi-layer policies, (2) compliance-aware medical messaging systems, (3) HIPAA training/education, and (4) identification of interesting edge cases and conflicts in applicable privacy law.

  • Key Conclusions/Significant Findings/Milestones reached/Deliverables
    Our efforts with this project have led to the following observations:

    • A subset of healthcare privacy laws can be modeled using first-order logic languages such as Datalog.
    • Some laws are contextual in nature, and they may depend on context, roles, norms, purposes and beliefs. These are modeled as parameters to the policy checker.
    • When more than one state/federal law may apply, the more specific law takes precedence.
    • When the model is queried for which parties may have access, it may identify surprising cases where some parties may have unintended access to information.
  • Materials Available for Other Investigators/interested parties

    A demo and source code for our policy formalization is available at: This demo utilizes the underlying logic engine to determine if a communication is compliant with the law. For debugging or educational purposes, this application also outputs the chain of reasoning and law involved in its decision making process.

  • Market entry strategies

    Current healthcare compliance vendors and consulting companies provide training classes and videos, or provide access to management solutions that may not demonstrate conformance to the specifics of the law. We think that this work will benefit health IT by providing a mechanism to encode portions of the law into an executable computer program. Health information exchanges may also use portions of our policy checker to determine if a message is compliant with privacy laws.

A Formalization of HIPAA for a Medical Messaging System
Peifung E. Lam, John C. Mitchell, and Sharada Sundaram
6th International Conference on Trust, Privacy & Security in Digital Business (TrustBus), 2009

Privacy and Utility in Business Processes
Adam Barth, Anupam Datta, John C. Mitchell, and Sharada Sundaram
Proc. of the 20th IEEE Computer Security Foundations Symposium (CSF), 2007

Privacy and Contextual Integrity: Framework and Applications
Adam Barth, Anupam Datta, John C. Mitchell, and Helen Nissenbaum
IEEE Symposium on Security and Privacy, 2006