A Process for Data Protection Impact Assessment Under the European General Data Protection Regulation
نویسندگان
چکیده
With the General Data Protection Regulation there will be a legal obligation for controllers to conduct a Data Protection Impact Assessment for the first time. This paper examines the new provisions in detail and examines ways for their successful implementation. It proposes a process which operationalizes established requirements ensuring the appropriate attention to fundamental rights as warranted by the GDPR, incorporates the legislation’s new requirements and can be adapted to suit the controller’s needs.
منابع مشابه
A Data Protection Impact Assessment Methodology for Cloud
We propose a data protection impact assessment (DPIA) method based on successive questionnaires for an initial screening and for a full screening for a given project. These were tailored to satisfy the needs of Small and Medium Enterprises (SMEs) that intend to process personal data in the cloud. The approach is based on legal and socio-economic analysis of privacy issues for cloud deployments ...
متن کاملInternet of Things and the Legal Issues related to the Data Protection Law according to the new European General Data Protection Regulation
The Internet of Things (IoT) phenomenon needs to consider the legal issues related to the dataprotection law. The IoT is not exempted from privacy and security risks because of the use of technologies that often cannot guarantee an acceptable security level. In the IoT, the main risk for privacy is the profiling that allows identifying natural persons through their personal information. However...
متن کاملSmart Cars Cruising on the Road Paved with Good Intentions? - Workshop on Big Data Applications and Individual Rights Under the New European General Data Protection Regulation
In this workshop we will address the protection of individuals with regard to threats posed by big data applications. Using Smart Cars as an example, the workshop will focus on the individuals’ rights under the new EU General Data Protection Regulation. After an introduction to these topics, participants are invited to discuss these issues in groups and general conclusions on the effectiveness ...
متن کاملThe impact of the EU general data protection regulation on scientific research
The use of personal data is critical to ensure quality and reliability in scientific research. The new Regulation [European Union (EU)] 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data [general data protection regulation (GDPR)], repealing Directive 95/46/EC, strengthens and harmonises the rules f...
متن کاملMaaS and GDPR: an overview
In MaaS, means of transport are virtualized in mobility resources and provided to users using the Internet. From a legal perspective, this model of ITS raises several concerns with regard to data protection. This contribution, after a short description of MaaS and an introduction to the issues of data protection in ITS, explores the impact of GDPR (General Data Protection Regulation) in the Eur...
متن کامل