Policy Integrated Blockchain to Automate HIPAA Part 2 Compliance
| dc.contributor.author | Clavin, James | |
| dc.contributor.author | Joshi, Karuna | |
| dc.date.accessioned | 2023-06-27T20:45:54Z | |
| dc.date.available | 2023-06-27T20:45:54Z | |
| dc.date.issued | 2023-08-28 | |
| dc.description | IEEE International Conference on Digital Health (ICDH) 2023 in IEEE World Congress on Services 2023, 02-08 July 2023, Chicago, IL, USA | en |
| dc.description.abstract | Healthcare organizations exchange sensitive health records, including behavioral health data, across peer-to-peer networks, and it is challenging to find and fix compliance issues proactively. The Healthcare industry anticipates a growing need to audit substance use disorder patient data, commonly referred to as Part 2 data, having been shared without a release of information signed by the patient. To address this need, we developed and evaluated a novel methodology to detect Part 2 data exchanged between organizations that integrates Blockchain technologies with knowledge graphs. We detect substance use disorder data in patient encounters exchanged using clinical terminology based upon the value sets provided by the National Institutes of Health for the Substance Abuse and Mental Health Services Administration. Generally, we consider sharing Part 2 data without consent as Byzantine medical faults, as they represent data shared between known and trusted network participants, that is valid, but is not relevant, and sharing it causes a breach. In this paper, we present our methodology in detail along with the experiment results. We model a medical network of hospitals based upon the most recent healthcare legislation, TEFCA, and generate synthetic patient encounter data dynamically in HL7 format. We convert exchanged encounter data into a knowledge graph data model so that we can use SNOMED-CT for identifying Part 2 data. For cohorts of 1,000 patients, we detect Part 2 data in a subset of their encounter data shared between organizations and log that securely on an Ethereum-based blockchain. | en |
| dc.description.sponsorship | This research was partially supported by a DoD supplement to the NSF award 1747724, Phase I IU-CRC UMBC: Center for Accelerated Real time Analytics (CARTA), and Office of Naval Research grant # N00014-18-1-2452 and N00014-18-1-2453. | en |
| dc.description.uri | https://ieeexplore.ieee.org/document/10224728 | en |
| dc.format.extent | 8 pages | en |
| dc.genre | conference papers and proceedings | en |
| dc.genre | preprints | en |
| dc.identifier | doi:10.13016/m2zpqp-boao | |
| dc.identifier.citation | Clavin, James, and Karuna P. Joshi. “Policy Integrated Blockchain to Automate HIPAA Part 2 Compliance.” In 2023 IEEE International Conference on Digital Health (ICDH), 307–14, 2023. https://doi.org/10.1109/ICDH60066.2023.00052. | |
| dc.identifier.uri | https://doi.org/10.1109/ICDH60066.2023.00052 | |
| dc.language.iso | en | en |
| dc.publisher | IEEE | |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Information Systems Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Center for Accelerated Real Time Analysis | |
| dc.relation.ispartof | A. All Hilltop Institute (UMBC) Works | |
| dc.rights | © 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | en |
| dc.subject | UMBC Ebiquity Research Group | en |
| dc.title | Policy Integrated Blockchain to Automate HIPAA Part 2 Compliance | en |
| dc.type | Text | en |
| dcterms.creator | https://orcid.org/0000-0002-6354-1686 | en |