Access Management in Compliance: Navigating GDPR, HIPAA, and Beyond

Access Management in Compliance: Navigating GDPR, HIPAA, and Beyond

Volume: 11 | Issue: 1 | Year 2025 | Subscription

International Journal of Software Computing and Testing

Received Date: 01/06/2025

Acceptance Date: 01/21/2025

Published On: 2025-04-15

First Page: 20

Last Page: 28

Journal Menu

By: Vamsy Priya Anne and Venkata Santosh Chadalavada

Abstract

Access management is a critical component in firms wishing to abide by strict data protection standards, like the GDPR and HIPAA, but this paper access management regulation requirement in a more contextualized manner regarding GDPR and HIPAA, ending with the recommendation of an overall framework to enforce compliance. It provides best practices regarding data access, user authentication, and monitoring strategies that correspond to changing demands for such regulations. The paper integrates diverse access control models, such as the Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) to suggest a unified approach to the management of data access across multiple jurisdictions. The paper also presents an empirical case study and data for critical evaluation of the practical feasibility of the proposed framework. Several findings presented a seriousness that the organizations face to meet with the requirements of complying with several regulations, which, therefore, call for adaptable access control systems. The paper proceeds with practicable recommendations to organizations on how to both streamline access management and protect sensitive information.

Keywords:Access management, compliance, GDPR, HIPAA, data protection, regulatory compliance, information security

Citation:

How to cite this article: Vamsy Priya Anne and Venkata Santosh Chadalavada, Access Management in Compliance: Navigating GDPR, HIPAA, and Beyond. International Journal of Software Computing and Testing. 2025; 11(1): 20-28p.

How to cite this URL: Vamsy Priya Anne and Venkata Santosh Chadalavada, Access Management in Compliance: Navigating GDPR, HIPAA, and Beyond. International Journal of Software Computing and Testing. 2025; 11(1): 20-28p. Available from:https://journalspub.com/publication/ijsct/article=18188

Refrences:

Office. The Security Rule. HHS.gov. 2009. Available from: https://www.hhs.gov/hipaa/for-professionals/security/index.html
Said A, Yahyaoui A, Abdellatif T. HIPAA and GDPR compliance in IoT healthcare systems. In: International Conference on Model and Data Engineering; 2023 Nov 2. Cham: Springer Nature Switzerland; 2023. p. 198–209.
Regulation GD. General data protection regulation (GDPR) – official legal text. Gen Data Prot Regul. 2016.
Marquis YA. From theory to practice: implementing effective role-based access control strategies to mitigate insider risks in diverse organizational contexts. J Eng Res Rep. 2024 Apr 10;26(5):138–54.
Motta GH, Furuie SS. A contextual role-based access control authorization model for electronic patient record. IEEE Trans Inform Technol Biomed. 2003 Sep 8;7(3):202–7.
Aftab MU, Hamza A, Oluwasanmi A, Nie X, Sarfraz MS, Shehzad D, Qin Z, Rafiq A. Traditional and hybrid access control models: a detailed survey. Secur Commun Networks. 2022;2022:1560885.
Ferraiolo D, Kuhn DR. Role-Based Access Controls. ResearchGate. 2009. Available from: https://www.researchgate.net/publication/24164143_Role-Based_Access_Controls
Khan JA. Role-based access control (RBAC) and attribute-based access control (ABAC). In: Improving Security, Privacy, and Trust in Cloud Computing; 2024. p. 113–126. IGI Global.
Daoudagh S. The GDPR compliance through access control systems [dissertation]. University of Pisa, Italy; July 2021. p. 1–206.
Liu V, Caelli W, May L. Strengthening legal compliance for privacy in electronic health information systems: a review and analysis. In: Proceedings of the National E-Health Privacy and Security Symposium; 2006. p. 51–66. QUT.
Piras L, Al-Obeidallah MG, Pavlidis M, Mouratidis H, Tsohou A, Magkos E, et al. A data scope management service to support privacy by design and GDPR compliance. J Data Intell. 2021 Jun 30;2(2):136–65.
Brauneck A, Schmalhorst L, Kazemi Majdabadi MM, Bakhtiari M, Völker U, Baumbach J, et al. Federated machine learning, privacy-enhancing technologies, and data protection laws in medical research: scoping review. J Med Internet Res. 2023 Mar 30;25:e41588.
Boughrous M, El Bakkali H. A comparative study on access control models and security requirements in workflow systems. In: International Conference on Innovations in Bio-Inspired Computing and Applications; 2017 Dec 11. Cham: Springer International Publishing; 2017. p. 361–373.
Daoudagh S, Marchetti E. The GDPR compliance and access control systems: challenges and research opportunities. In: ICISSP 2022; 2022. p. 571–578.
Sharma A, Rana NP, Nunkoo R. Fifty years of information management research: a conceptual structure analysis using structural topic modeling. Int J Inform Manag. 2021 Jan 22;58:102316. Available from: https://www.sciencedirect.com/science/article/abs/pii/S0268401221000098?via %3Dihub
RBAC vs. ABAC: the complete guide – Satori. Satori. 2023. Available from: https://satoricyber.com/data-protect-guide/rbac-vs-abac-the-complete-guide/

Not A Member?

Initiatives

Guidelines For

Track your Manuscript

Help

Contact Us

Corporate Office

JournalsPub
An Imprint of Dhruv Infosystems Pvt Ltd
A-118, 1st Floor, Sector-63, Noida, U.P. India,
Pin-201301
(Tel) (+91) 0120- 4781 200
(Mob) (+91) 9810078958, +919667725932
E-mail: [email protected]

Disclaimer

Password Reset

The instructions to reset your password are sent to the email address you provided. If you did not receive the email, please check your spam folder as well

WEBSITE DISCLAIMER

Last updated: 2025-07-04

The information provided by Journalspub (“Company”, “we”, “our”, “us”) on https://journalspub.com/ (the “Site”) is for general informational purposes only. All information on the Site is provided in good faith, however, we make no representation or warranty of any kind, express or implied, regarding the accuracy, adequacy, validity, reliability, availability, or completeness of any information on the Site.

UNDER NO CIRCUMSTANCE SHALL WE HAVE ANY LIABILITY TO YOU FOR ANY LOSS OR DAMAGE OF ANY KIND INCURRED AS A RESULT OF THE USE OF THE SITE OR RELIANCE ON ANY INFORMATION PROVIDED ON THE SITE. YOUR USE OF THE SITE AND YOUR RELIANCE ON ANY INFORMATION ON THE SITE IS SOLELY AT YOUR OWN RISK.

EXTERNAL LINKS DISCLAIMER

The Site may contain (or you may be sent through the Site) links to other websites or content belonging to or originating from third parties or links to websites and features. Such external links are not investigated, monitored, or checked for accuracy, adequacy, validity, reliability, availability, or completeness by us.

WE DO NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR THE ACCURACY OR RELIABILITY OF ANY INFORMATION OFFERED BY THIRD-PARTY WEBSITES LINKED THROUGH THE SITE OR ANY WEBSITE OR FEATURE LINKED IN ANY BANNER OR OTHER ADVERTISING. WE WILL NOT BE A PARTY TO OR IN ANY WAY BE RESPONSIBLE FOR MONITORING ANY TRANSACTION BETWEEN YOU AND THIRD-PARTY PROVIDERS OF PRODUCTS OR SERVICES.

PROFESSIONAL DISCLAIMER

The Site can not and does not contain medical advice. The information is provided for general informational and educational purposes only and is not a substitute for professional medical advice. Accordingly, before taking any actions based on such information, we encourage you to consult with the appropriate professionals. We do not provide any kind of medical advice.

Content published on https://journalspub.com/ is intended to be used and must be used for informational purposes only. It is very important to do your analysis before making any decision based on your circumstances. You should take independent medical advice from a professional or independently research and verify any information that you find on our Website and wish to rely upon.

THE USE OR RELIANCE OF ANY INFORMATION CONTAINED ON THIS SITE IS SOLELY AT YOUR OWN RISK.

AFFILIATES DISCLAIMER

The Site may contain links to affiliate websites, and we may receive an affiliate commission for any purchases or actions made by you on the affiliate websites using such links.

TESTIMONIALS DISCLAIMER

The Site may contain testimonials by users of our products and/or services. These testimonials reflect the real-life experiences and opinions of such users. However, the experiences are personal to those particular users, and may not necessarily be representative of all users of our products and/or services. We do not claim, and you should not assume that all users will have the same experiences.

YOUR RESULTS MAY VARY.

The testimonials on the Site are submitted in various forms such as text, audio, and/or video, and are reviewed by us before being posted. They appear on the Site verbatim as given by the users, except for the correction of grammar or typing errors. Some testimonials may have been shortened for the sake of brevity, where the full testimonial contained extraneous information not relevant to the general public.

The views and opinions contained in the testimonials belong solely to the individual user and do not reflect our views and opinions.

ERRORS AND OMISSIONS DISCLAIMER

While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, Journalspub is not responsible for any errors or omissions or the results obtained from the use of this information. All information on this site is provided “as is”, with no guarantee of completeness, accuracy, timeliness, or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability, and fitness for a particular purpose.

In no event will Journalpub, its related partnerships or corporations, or the partners, agents, or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this Site or for any consequential, special or similar damages, even if advised of the possibility of such damages.

GUEST CONTRIBUTORS DISCLAIMER

This Site may include content from guest contributors and any views or opinions expressed in such posts are personal and do not represent those of Journalspub or any of its staff or affiliates unless explicitly stated.

LOGOS AND TRADEMARKS DISCLAIMER

All logos and trademarks of third parties referenced on journalspub.com are the trademarks and logos of their respective owners. Any inclusion of such trademarks or logos does not imply or constitute any approval, endorsement, or sponsorship of STM Journals by such owners.

Use of AI Tools in Blog Content

Some of the blog posts published on this website are created with the assistance of Artificial Intelligence (AI) tools. While efforts are made to review and edit the content for accuracy and appropriateness, there may still be instances where unintended, unnecessary, or unverified information or claims appear.Readers are advised to use their discretion while interpreting the content. The primary purpose of using AI-generated content is to provide our audience with the most recent, diverse, and wide-ranging information on various topics. The content is intended to inform and engage, not to mislead.All external links included in the blogs are intended to guide users to real and authentic workshops, programs, or resources. The information presented through those links is curated and verified to the best of our knowledge.This disclaimer is meant to inform visitors about the use of AI in content creation, acknowledge potential limitations in content accuracy, and encourage informed and responsible reading.

CONTACT US

Should you have any feedback, comments, requests for technical support, or other inquiries, please contact us by email: [email protected].