The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Aaron Massey - Georgia Tech

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

Regulatory Compliance Software Engineering

Mar 27, 2013

Download: Video Icon MP4 Video Size: 125.5MB  
Watch on Youtube Watch on YouTube


Laws and regulations safeguard citizens' security and privacy. For example, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) governs the security and privacy of electronic health records (EHR) systems. HIPAA violations can result in millions of dollars in penalties for non-compliance. Ensuring EHR systems are legally compliant is challenging for software engineers because the laws and regulations governing EHR systems are written by policymakers with little to no understanding of software engineering. This presentation introduces the field of Regulatory Compliance Software Engineering and discusses a particular research concern within that field: How can we help software engineers seeking to assess whether security and privacy requirements for EHR systems are legally compliant?

About the Speaker

Aaron Massey is a Postdoctoral Fellow at Georgia Tech's School of Interactive Computing and the Associate Directory of His research interests include computer security, privacy, and regulatory compliance software engineering. Aaron earned the MS and PhD degrees in Computer Science from North Carolina State University and a BS in Computer Engineering from Purdue University. He is a recipient of a Google Policy Fellowship and the Walter H. Wilkinson Research Ethics Fellowship. He is a member of the ACM, IEEE, IAPP, and the USACM Public Policy Council.

Ways to Watch


Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!