Agile Requirements in Digital Health: Integrating the GDPL into Software Development
Requirements engineering, Specification, Non-functional requirements, NFR, GDPL, Digital Health
This research addresses the problem of insufficient or inefficient requirements specification to meet informational needs in software development in compliance with the regulations and laws applicable to Digital Health systems. In particular, it highlights the importance of ensuring that legal requirements, such as those stipulated by the General Data Protection Law (GDPL), are integrated and implemented in the development process. The overall objective of this work is to develop a requirements specification artifact that complies with the GDPL in the context of agile development of digital health solutions. This artifact aims to establish a Requirements Engineering strategy that ensures legal compliance, facilitating its practical application in software development. In addition, the artifact should have an educational character, being useful for students and teachers, allowing a practical integration of the concepts of privacy and data protection in both the development and teaching processes. The methodology of this research was divided into three parts: (1) the phase of preparing the extension proposal; (2) the phase of preparing the evaluation of the extension proposal; and (3) the phase of applying the evaluation of the proposal. In evaluating the proposal, an evaluation tool was developed for two profiles of participants (information technology professionals and teachers). We obtained a total of 24 responses to the forms. The results show that the adoption of the proposal to extend the requirements can be favorable, as it has the potential to help identify and effectively communicate the requirements appropriate to the GDPL to agile development teams, facilitating compliance with legal requirements and data protection. In addition, an important educational potential was identified in the proposal, as the participating teachers assessed that it can be used as a suitable tool for teaching about requirements and the GDPL in the classroom.