IRIS

Privacy is a key aspect for the European Union (EU), where it is regulated by a specific law, the General Data Protection Regulation (GDPR). Compliance to the GDPR is a problem for organizations, it imposes strict constraints whenever they deal with personal data and, in case of infringement, it specifies severe consequences such as legal and monetary penalties. Such organizations frequently are complex systems, where personal data is processed by humans and technical services. Therefore, it becomes fundamental to consider privacy from the social perspective when designing such system, i.e., when relations between different components are specified. This is, indeed, also specified in the GDPR, which encourages to apply privacy-by-design principles. This paper proposes a method to support the design of GDPR compliant systems, based on a socio-technical approach composed of a modeling language and a reasoning framework.

Toward GDPR-compliant socio-technical systems: Modeling language and reasoning framework / Robol, Marco; Salnitri, Mattia; Giorgini, Paolo. - STAMPA. - 305:(2017), pp. 236-250. (Intervento presentato al convegno 10th IFIP WG 8.1 Working Conference on the Practice of Enterprise Modelling, PoEM 2017 tenutosi a Leuven, Belgium nel 22nd-24th November 2017) [10.1007/978-3-319-70241-4_16].

Toward GDPR-compliant socio-technical systems: Modeling language and reasoning framework

Robol, Marco;Salnitri, Mattia;Giorgini, Paolo
2017-01-01

Abstract

Privacy is a key aspect for the European Union (EU), where it is regulated by a specific law, the General Data Protection Regulation (GDPR). Compliance to the GDPR is a problem for organizations, it imposes strict constraints whenever they deal with personal data and, in case of infringement, it specifies severe consequences such as legal and monetary penalties. Such organizations frequently are complex systems, where personal data is processed by humans and technical services. Therefore, it becomes fundamental to consider privacy from the social perspective when designing such system, i.e., when relations between different components are specified. This is, indeed, also specified in the GDPR, which encourages to apply privacy-by-design principles. This paper proposes a method to support the design of GDPR compliant systems, based on a socio-technical approach composed of a modeling language and a reasoning framework.
2017
The Practice of Enterprise Modeling: 10th IFIP WG 8.1. Working Conference, PoEM 2017 Proceedings
Cham, CH
Springer Verlag
9783319702407
2-s2.0-85035062424
Robol, Marco; Salnitri, Mattia; Giorgini, Paolo
Toward GDPR-compliant socio-technical systems: Modeling language and reasoning framework / Robol, Marco; Salnitri, Mattia; Giorgini, Paolo. - STAMPA. - 305:(2017), pp. 236-250. (Intervento presentato al convegno 10th IFIP WG 8.1 Working Conference on the Practice of Enterprise Modelling, PoEM 2017 tenutosi a Leuven, Belgium nel 22nd-24th November 2017) [10.1007/978-3-319-70241-4_16].
File in questo prodotto:
File Dimensione Formato  
978-3-319-70241-4_16.pdf

Solo gestori archivio

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 2.44 MB
Formato Adobe PDF
  Visualizza/Apri
2.44 MB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/195585
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 27
  • ???jsp.display-item.citation.isi??? ND
social impact