Aaron Massey - Georgia Tech
Mar 27, 2013
Download: MP4 Video
Watch in your Browser
Watch on YouTube
"Regulatory Compliance Software Engineering"
Laws and regulations safeguard citizens’ security and privacy. For example, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) governs the security and privacy of electronic health records (EHR) systems. HIPAA violations can result in millions of dollars in penalties for non-compliance. Ensuring EHR systems are legally compliant is challenging for software engineers because the laws and regulations governing EHR systems are written by policymakers with little to no understanding of software engineering. This presentation introduces the field of Regulatory Compliance Software Engineering and discusses a particular research concern within that field: How can we help software engineers seeking to assess whether security and privacy requirements for EHR systems are legally compliant?
About the Speaker
Aaron Massey is a Postdoctoral Fellow at Georgia Tech's School of Interactive Computing and the Associate Directory of ThePrivacyPlace.org. His research interests include computer security, privacy, and regulatory compliance software engineering. Aaron earned the MS and PhD degrees in Computer Science from North Carolina State University and a BS in Computer Engineering from Purdue University. He is a recipient of a Google Policy Fellowship and the Walter H. Wilkinson Research Ethics Fellowship. He is a member of the ACM, IEEE, IAPP, and the USACM Public Policy Council.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52 (Suite 050B), West Lafayette Campus. More information...