Policy Integrated Blockchain to Automate HIPAA Part 2 Compliance
| dc.contributor.author | Clavin, James | |
| dc.contributor.author | Joshi, Karuna | |
| dc.date.accessioned | 2023-06-27T20:45:54Z | |
| dc.date.available | 2023-06-27T20:45:54Z | |
| dc.date.issued | 2023-07-05 | |
| dc.description | IEEE International Conference on Digital Health (ICDH) 2023 in IEEE World Congress on Services 2023 | en_US |
| dc.description.abstract | Healthcare organizations exchange sensitive health records, including behavioral health data, across peer-to-peer networks, and it is challenging to find and fix compliance issues proactively. The Healthcare industry anticipates a growing need to audit substance use disorder patient data, commonly referred to as Part 2 data, having been shared without a release of information signed by the patient. To address this need, we developed and evaluated a novel methodology to detect Part 2 data exchanged between organizations that integrates Blockchain technologies with knowledge graphs. We detect substance use disorder data in patient encounters exchanged using clinical terminology based upon the value sets provided by the National Institutes of Health for the Substance Abuse and Mental Health Services Administration. Generally, we consider sharing Part 2 data without consent as Byzantine medical faults, as they represent data shared between known and trusted network participants, that is valid, but is not relevant, and sharing it causes a breach. In this paper, we present our methodology in detail along with the experiment results. We model a medical network of hospitals based upon the most recent healthcare legislation, TEFCA, and generate synthetic patient encounter data dynamically in HL7 format. We convert exchanged encounter data into a knowledge graph data model so that we can use SNOMED-CT for identifying Part 2 data. For cohorts of 1,000 patients, we detect Part 2 data in a subset of their encounter data shared between organizations and log that securely on an Ethereum-based blockchain. | en_US |
| dc.description.sponsorship | This research was partially supported by a DoD supplement to the NSF award 1747724, Phase I IUCRC UMBC: Center for Accelerated Real time Analytics (CARTA), and Office of Naval Research grant # N00014- 18-1-2452 and N00014-18-1-2453. | en_US |
| dc.description.uri | https://ebiquity.umbc.edu/paper/html/id/1060/Policy-Integrated-Blockchain-to-Automate-HIPAA-Part-2-Compliance | en_US |
| dc.format.extent | 8 pages | en_US |
| dc.genre | conference papers and proceedings | en_US |
| dc.genre | preprints | en_US |
| dc.identifier | doi:10.13016/m2zpqp-boao | |
| dc.identifier.uri | http://hdl.handle.net/11603/28271 | |
| dc.language.iso | en_US | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Information Systems Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Center for Accelerated Real Time Analysis | |
| dc.relation.ispartof | A. All Hilltop Institute (UMBC) Works | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | en_US |
| dc.subject | UMBC Ebiquity Research Group | en_US |
| dc.title | Policy Integrated Blockchain to Automate HIPAA Part 2 Compliance | en_US |
| dc.type | Text | en_US |
| dcterms.creator | https://orcid.org/0000-0002-6354-1686 | en_US |