DEFeND DSM: a data scope management service for model-based privacy by design GDPR compliance
Conference paper
Piras, L., Al-Obeidallah, M., Pavlidis, M., Mouratidis, H., Tsohou, A., Magkos, E., Praitano, A., Iodice, A. and Gallego-Nicasio Crespo, B. 2020. DEFeND DSM: a data scope management service for model-based privacy by design GDPR compliance. 17th International Conference on Trust and Privacy in Digital Business. Bratislava, Slovakia 14 - 17 Sep 2020 Springer. https://doi.org/10.1007/978-3-030-58986-8_13
Type | Conference paper |
---|---|
Title | DEFeND DSM: a data scope management service for model-based privacy by design GDPR compliance |
Authors | Piras, L., Al-Obeidallah, M., Pavlidis, M., Mouratidis, H., Tsohou, A., Magkos, E., Praitano, A., Iodice, A. and Gallego-Nicasio Crespo, B. |
Abstract | The introduction of the European General Data Protection Regulation (GDPR) has brought significant benefits to citizens, but it has also created challenges for organisations, which are facing with difficulties interpreting it and properly applying it. An important challenge is compliance with the Privacy by Design and by default (PbD) principles, which require that data protection is integrated into processing activities and business practices from the design stage. Recently, the European Data Protection Board (EDPB) released an official document with PbD guidelines, and there are various efforts to provide approaches to support these. However, organizations are still facing difficulties in identifying a flow for executing, in a coherent, linear and effective way, these activities, and a complete toolkit for supporting this. In this paper, we: (i) identify the most important PbD activities and strategies, (ii) design a coherent, linear and effective flow for them, and (iii) describe our comprehensive supporting toolkit, as part of the DEFeND EU Project platform. Specifically, within DEFeND, we identified candidate tools, fulfilling specific GDPR aspects, and integrated them in a comprehensive toolkit: the DEFeND Data Scope Management service (DSM). The aim of DSM is to support organizations for continuous GDPR compliance through Model-Based Privacy by Design analysis. Here, we present important PbD activities and strategies individuated, then describe DSM, its design, flow, and a preliminary case study and evaluation performed with pilots from the healthcare, banking, public administration and energy sectors. |
Keywords | Privacy by Design; Privacy engineering; Security engineering; Data protection; GDPR; Data Scope Management; Privacy |
Conference | 17th International Conference on Trust and Privacy in Digital Business |
Proceedings Title | Trust, Privacy and Security in Digital Business: 17th International Conference, TrustBus 2020, Bratislava, Slovakia, September 14–17, 2020, Proceedings |
Series | Lecture Notes in Computer Science |
ISSN | 0302-9743 |
Electronic | 1611-3349 |
ISBN | |
Paperback | 9783030589851 |
Electronic | 9783030589868 |
Publisher | Springer |
Publication dates | |
14 Sep 2020 | |
Publication process dates | |
Deposited | 10 May 2024 |
Output status | Published |
Digital Object Identifier (DOI) | https://doi.org/10.1007/978-3-030-58986-8_13 |
Web of Science identifier | WOS:000728363800013 |
Language | English |
https://repository.mdx.ac.uk/item/8v3y8
32
total views0
total downloads1
views this month0
downloads this month