Tool-assisted risk analysis for data protection impact assessment

IRIS

Unlike the classical risk analysis that protects the assets of the company in question, the GDPR protects data subject’s rights and freedoms, that is, the right to data protection and the right to have full control and knowledge about data processing concerning them. The GDPR articulates Data Protection Impact Assessment (DPIA) in article 35. DPIA is a risk-based process to enhance and demonstrate compliance with these requirements. We propose a methodology to conduct the DPIA in three steps and provide a supporting tool. In this paper, we particularly elaborate on risk analysis as a step of this methodology. The provided tool assists controllers to facilitate data subject’s rights and freedoms. The assistance that our tool provides differentiates our work from the existing ones.

Tool-assisted risk analysis for data protection impact assessment / Dashti, S.; Ranise, S.. - 576:(2020), pp. 308-324. (Intervento presentato al convegno 14th IFIP International Summer School on Privacy and Identity Management, 2019 tenutosi a che nel 2019) [10.1007/978-3-030-42504-3_20].

Tool-assisted risk analysis for data protection impact assessment

Dashti S.;Ranise S.

2020-01-01

Abstract

Unlike the classical risk analysis that protects the assets of the company in question, the GDPR protects data subject’s rights and freedoms, that is, the right to data protection and the right to have full control and knowledge about data processing concerning them. The GDPR articulates Data Protection Impact Assessment (DPIA) in article 35. DPIA is a risk-based process to enhance and demonstrate compliance with these requirements. We propose a methodology to conduct the DPIA in three steps and provide a supporting tool. In this paper, we particularly elaborate on risk analysis as a step of this methodology. The provided tool assists controllers to facilitate data subject’s rights and freedoms. The assistance that our tool provides differentiates our work from the existing ones.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2020
		
	Titolo del volume (Proceedings title)
	
			IFIP Advances in Information and Communication Technology
		
	Luogo di edizione (Place of publication)
	
			Germany
		
	Casa editrice (Publisher)
	
			Springer
		
	ISBN
	
			978-3-030-42503-6
978-3-030-42504-3
		
	Codice Scopus (Scopus Identifier)
	
			2-s2.0-85082392898
		
	Tutti gli autori
	
			Dashti, S.; Ranise, S.
		
	Citazione
	
			Tool-assisted risk analysis for data protection impact assessment / Dashti, S.; Ranise, S.. - 576:(2020), pp. 308-324. (Intervento presentato al  convegno 14th IFIP International Summer School on Privacy and Identity Management, 2019 tenutosi a che nel 2019) [10.1007/978-3-030-42504-3_20].
		
	Appare nelle tipologie:
	
			04.1 Saggio in atti di convegno (Paper in Proceedings)

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/332994

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

2

ND

social impact