A Legal Perspective on Business: Modeling the Impact of Law

  • Sepideh Ghanavati
  • Alberto Siena
  • Anna Perini
  • Daniel Amyot
  • Liam Peyton
  • Angelo Susi
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 26)


Modern goal-oriented requirements engineering frameworks use modeling as a means of better understanding a domain, leading to an overall improvement in the quality of the requirements. Regulations and laws impose additional context and constraints on software goals and can limit the satisfaction of stakeholder needs. Organizations and software developers need modeling tools that can properly address the potential deep impact legal issues can have on the effectiveness of business strategies. In this paper, we perform a preliminary study into the development of a modeling framework able to support the analysis of legal prescriptions alongside business strategies. We demonstrate, via an example drawn from a case study of the Health Insurance Portability and Accountability Act (HIPAA), how models of this law can be built with the GRL modeling language and how they can be evaluated as part of the business goal models.


Business Modeling Goal-oriented Requirement Language HIPAA Law Modeling 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Breaux, T.D., Vail, M.V., Antón, A.I.: Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations. In: 14th IEEE RE Conference, USA, pp. 49–58. IEEE CS, Los Alamitos (2006)Google Scholar
  2. 2.
    Breuker, J., Valente, A., Winkels, R.: Legal ontologies in knowledge engineering and information management. Artificial Intelligence and Law 12(4), 241–277 (2004)CrossRefGoogle Scholar
  3. 3.
    Dardenne, A., van Lamsweerde, A., Fickas, S.: Goal-directed requirements acquisition. Science of Computer Programming 20(1-2), 3–50 (1993)CrossRefzbMATHGoogle Scholar
  4. 4.
    Darimont, R., Lemoine, M.: Goal-oriented analysis of regulations. In: REMO 2V 2006: Int. Workshop on Regulations Modelling and their Verification & Validation, June, Luxemburg (2006)Google Scholar
  5. 5.
    Delor, E., Darimont, R., Rifaut, A.: Software quality starts with the modelling of goal-oriented requirements. In: 16th International Conference Software & Systems Engineering and their Applications, Paris, France (December 2003)Google Scholar
  6. 6.
    Fuxman, A., Liu, L., Pistore, M., Roveri, M., Mylopoulos, J.: Specifying and Analyzing Early Requirements: Some Experimental Results. In: 11th IEEE International Requirements Engineering Conference, September 1993, pp. 105–114 (1993)Google Scholar
  7. 7.
    Ghanavati, S., Amyot, D., Peyton, L.: Towards a Framework for Tracking Legal Compliance in Healthcare. In: Krogstie, J., Opdahl, A.L., Sindre, G. (eds.) CAiSE 2007 and WES 2007. LNCS, vol. 4495, pp. 218–232. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Ghanavati, S., Amyot, D., Peyton, L.: A Requirements Management Framework for Privacy Compliance. In: Proceeding of the 10th Workshop on Requirements Engineering (WER 2007), Toronto, Canada, May, pp. 149–159 (2007)Google Scholar
  9. 9.
    Giorgini, P., Kolp, M., Mylopoulos, J.: Organizational patterns for early requirements analysis. In: Eder, J., Missikoff, M. (eds.) CAiSE 2003. LNCS, vol. 2681, pp. 617–632. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Giorgini, P., Mylopoulos, J., Nicchiarelli, E., Sebastiani, R.: Reasoning with goal models. In: Spaccapietra, S., March, S.T., Kambayashi, Y. (eds.) ER 2002. LNCS, vol. 2503, pp. 167–181. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Requirements engineering meets trust management: Model, methodology, and reasoning. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 176–190. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    HIPAA, The Overview, (accessed, January 2009)
  13. 13.
    ITU-T: User Requirements Notation (URN) – Language definition. ITU-T Recommendation Z.151 (11/08), Geneva, Switzerland (November 2008)Google Scholar
  14. 14.
    Rolland, C.: Reasoning with goals to engineer requirements. In: 5th International Conference on Enterprise Information Systems, Angers, France (April 2003)Google Scholar
  15. 15.
    Siena, A., Bonetti, A., Giorgini., P.: Balanced Goalcards: Combining Balanced Scorecards and Goal Analysis. In: Proceedings of the Third International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE 2008), Funchal, Portugal (May 2008)Google Scholar
  16. 16.
    Siena, A., Maiden, N.A.M., Lockerbie, J., Karlsen, K., Perini, A., Susi, A.: Exploring the effectiveness of normative i* modelling: Results from a case study on food chain traceability. In: Bellahsène, Z., Léonard, M. (eds.) CAiSE 2008. LNCS, vol. 5074, pp. 182–196. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Sepideh Ghanavati
    • 1
  • Alberto Siena
    • 2
  • Anna Perini
    • 2
  • Daniel Amyot
    • 1
  • Liam Peyton
    • 1
  • Angelo Susi
    • 2
  1. 1.SITEUniversity of OttawaCanada
  2. 2.Fondazione Bruno Kessler - Irst (FBK - Irst)Italy

Personalised recommendations