{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T12:36:27Z","timestamp":1774528587199,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,13]],"date-time":"2022-11-13T00:00:00Z","timestamp":1668297600000},"content-version":"vor","delay-in-days":366,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1916926"],"award-info":[{"award-number":["1916926"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,12]]},"DOI":"10.1145\/3460120.3485342","type":"proceedings-article","created":{"date-parts":[[2021,11,13]],"date-time":"2021-11-13T12:05:27Z","timestamp":1636805127000},"page":"2396-2398","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Towards Automated Computational Auditing of mHealth Security and Privacy Regulations"],"prefix":"10.1145","author":[{"given":"Brian","family":"Tung","sequence":"first","affiliation":[{"name":"Harvard Law School, Cambridge, MA, USA"}]},{"given":"Zhiyuan","family":"Yu","sequence":"additional","affiliation":[{"name":"Washington University in St. Louis, St. Louis, MO, USA"}]},{"given":"Ning","family":"Zhang","sequence":"additional","affiliation":[{"name":"Washington University in St. Louis, St. Louis, MO, USA"}]}],"member":"320","published-online":{"date-parts":[[2021,11,13]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/OJEMB.2020.3015141"},{"key":"e_1_3_2_1_2_1","unstructured":"National Archives. 2019. Code of Federal Regulations Total Pages 1936-1949 And Total Volumes and Pages 1950-2019."},{"key":"e_1_3_2_1_3_1","volume-title":"Properties of the United States code citation network. Available at SSRN 1502927","author":"Bommarito Michael James","year":"2009","unstructured":"Michael James Bommarito and Daniel Martin Katz. 2009. Properties of the United States code citation network. Available at SSRN 1502927 (2009)."},{"key":"e_1_3_2_1_4_1","volume-title":"A Mathematical Approach to the Study of the United States Code. Physica A: Statistical Mechanics and its Applications","author":"Katz Michael J","year":"2010","unstructured":"Michael J Bommarito II and Daniel M Katz. 2010. A Mathematical Approach to the Study of the United States Code. Physica A: Statistical Mechanics and its Applications, Vol. 389, 19 (2010), 4195--4200. Available at: https:\/\/papers.ssrn.com\/sol3\/papers.cfm?abstract_id=1578094."},{"key":"e_1_3_2_1_5_1","volume-title":"United States Code: Table of Contents","author":"Congress U.S.","year":"1934","unstructured":"U.S. Congress. 1934. United States Code: Table of Contents (1934)."},{"key":"e_1_3_2_1_6_1","unstructured":"FDA. 2002. General Principles of Software Validation."},{"key":"e_1_3_2_1_7_1","unstructured":"FDA. 2005 a. Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software."},{"key":"e_1_3_2_1_8_1","unstructured":"FDA. 2005 b. Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices."},{"key":"e_1_3_2_1_9_1","unstructured":"FDA. 2014a. Content of Premarket Submissions for Management of Cybersecurity in Medical Devices."},{"key":"e_1_3_2_1_10_1","unstructured":"FDA. 2014b. Distinguishing Medical Device Recalls from Medical Device Enhancements."},{"key":"e_1_3_2_1_11_1","unstructured":"FDA. 2016a. Medical Device Reporting for Manufacturers."},{"key":"e_1_3_2_1_12_1","unstructured":"FDA. 2016b. Postmarket Management of Cybersecurity in Medical Devices."},{"key":"e_1_3_2_1_13_1","unstructured":"FDA. 2017. Design Considerations and Pre-market Submission Recommendations for Interoperable Medical Devices."},{"key":"e_1_3_2_1_14_1","unstructured":"FDA. 2018. Content of Premarket Submissions for Management of Cybersecurity in Medical Devices."},{"key":"e_1_3_2_1_15_1","unstructured":"FDA. 2019 a. General Wellness: Policy for Low Risk Devices."},{"key":"e_1_3_2_1_16_1","unstructured":"FDA. 2019 b. Off-The-Shelf Software Use in Medical Devices."},{"key":"e_1_3_2_1_17_1","unstructured":"FDA. 2019 c. Policy for Device Software Functions and Mobile Medical Applications."},{"key":"e_1_3_2_1_18_1","unstructured":"FDA. 2021. Search for FDA Guidance Documents. https:\/\/www.fda.gov\/regulatory-information\/search-fda-guidance-documents"},{"key":"e_1_3_2_1_19_1","volume-title":"AMIA Annual Symposium Proceedings","volume":"2014","author":"He Dongjing","year":"2014","unstructured":"Dongjing He, Muhammad Naveed, Carl A Gunter, and Klara Nahrstedt. 2014. Security concerns in Android mHealth apps. In AMIA Annual Symposium Proceedings, Vol. 2014. American Medical Informatics Association, 645."},{"key":"e_1_3_2_1_20_1","unstructured":"Kathryn Howley. 2018. Role of mHealth in PHC. https:\/\/dukepersonalizedhealth.org\/2018\/10\/role-of-mhealth-in-phc\/."},{"key":"e_1_3_2_1_21_1","unstructured":"U.S. House of Representatives. 2020. United States Code: Public Law 116--259 (12\/23\/2020)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2015.385"},{"key":"e_1_3_2_1_23_1","volume-title":"Growth in the number of medical apps downloaded during the COVID-19 pandemic by country","author":"Stewart Connor","year":"2020","unstructured":"Connor Stewart. 2020. Growth in the number of medical apps downloaded during the COVID-19 pandemic by country in 2020. https:\/\/www.statista.com\/statistics\/1181413\/medical-app-downloads-growth-during-covid-pandemic-by-country\/."},{"key":"e_1_3_2_1_24_1","volume-title":"The Challenges of Applying Computational Legal Analysis to mHealth Security and Privacy Regulations. Master's thesis","author":"Tung Brian","unstructured":"Brian Tung. 2021. The Challenges of Applying Computational Legal Analysis to mHealth Security and Privacy Regulations. Master's thesis. Washington University in St. Louis."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2019-0037"}],"event":{"name":"CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event Republic of Korea","acronym":"CCS '21","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3485342","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3485342","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3485342","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T20:46:09Z","timestamp":1763498769000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3485342"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,12]]},"references-count":25,"alternative-id":["10.1145\/3460120.3485342","10.1145\/3460120"],"URL":"https:\/\/doi.org\/10.1145\/3460120.3485342","relation":{},"subject":[],"published":{"date-parts":[[2021,11,12]]},"assertion":[{"value":"2021-11-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}