Abstract | ||
---|---|---|
Building software-intensive systems that respect the fundamental rights to privacy and data protection requires explicitly addressing data protection issues at the early development stages. Data Protection by Design (DPbD) - as coined by Article 25(1) of the General Data Protection Regulation (GDPR) - therefore calls for an iterative approach based on (i) the notion of risk to data subjects, (ii) a close collaboration between the involved stakeholders, and (iii) accountable decision-making.In practice, however, the legal reasoning behind DPbD is often conducted on the basis of informal system descriptions that lack systematicity and reproducibility. This affects the quality of Data Protection Impact Assessments (DPIA) - i. e. the concrete manifestation of DPbD at the organizational level. This is a major stumbling block when it comes to conducting a comprehensive and durable assessment of the risks that takes both the legal and technical complexities into account.In this article, we present DPMF, a data protection modeling framework that allows for a comprehensive and accurate description of the data processing operations in terms of the key concepts used in the GDPR. The proposed modeling approach accommodates a number of legal reasonings and assessments that are commonly addressed in a DPIA exercise (e. g., the compatibility of purposes). The DPMF is supported in a prototype modeling tool and its practical applicability is validated in the context of a realistic eHealth system for a number of complementary development scenarios. |
Year | DOI | Venue |
---|---|---|
2020 | 10.18417/emisa.15.10 | ENTERPRISE MODELLING AND INFORMATION SYSTEMS ARCHITECTURES-AN INTERNATIONAL JOURNAL |
Keywords | DocType | Volume |
GDPR, data protection by design, privacy by design, data protection impact assessment, privacy impact assessment, accountability, compliance, architecture viewpoint | Journal | 15 |
ISSN | Citations | PageRank |
1866-3621 | 0 | 0.34 |
References | Authors | |
0 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Laurens Sion | 1 | 8 | 9.06 |
Pierre Dewitte | 2 | 0 | 2.37 |
Dimitri Van Landuyt | 3 | 156 | 31.73 |
Kim Wuyts | 4 | 0 | 0.34 |
Peggy Valcke | 5 | 0 | 0.34 |
Wouter Joosen | 6 | 1 | 1.42 |