A Data Scope Management Service to Support Privacy by Design and GDPR Compliance

Piras, Luca; Al-Obeidallah, Mohammed Ghazi; Pavlidis, Michalis; Mouratidis, Haralambos; Tsohou, Aggeliki; Magkos, Emmanouil; Praitano, Andrea

doi:10.26421/jdi2.2-3

Cited by 6 publications

(3 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…DEFeND provides a platform to accredit organizations in different regions. This platform aims to have a plan to achieve GDPR compliance and raise awareness regarding its diverse features [22,23]. All the scenarios are taken into consideration by the ConfIS framework which was not resolved by DEFeND project previously.…”

Section: Defend Projectmentioning

confidence: 99%

“…Neither one's respective significance can be ignored; however, each scenario accordingly demands individual attention. In our case study-Doctor and Patient, we have used the ConfIS framework on the DEFeND platform that aims to achieve conflict resolutions [23]. For maintaining confidentiality of Patient's record to avoid data breaches, a monitoring system must be installed in the hospitals.…”

Section: Motivation Scenariomentioning

confidence: 99%

See 1 more Smart Citation

A Framework for Privacy and Security Requirements Analysis and Conflict Resolution for Supporting GDPR Compliance Through Privacy-by-Design

Alkubaisy

Piras

Al-Obeidallah

et al. 2022

Communications in Computer and Information Science

View full text Add to dashboard Cite

Requirements elicitation, analysis, and, above all, early detection of conflicts and resolution, are among the most important, strategic, complex and crucial activities for preventing software system failures, and reducing costs related to reengineering/fixing actions. This is especially important when critical Requirements Classes are involved, such as Privacy and Security Requirements. Recently, organisations have been heavily fined for lack of compliance with data protection regulations, such as the EU General Data Protection Regulation (GDPR). GDPR requires organisations to enforce privacy-by-design activities from the early stages and for the entire software engineering cycle. Accordingly, requirements engineers need methods and tools for systematically identifying privacy and security requirements, detecting and solving related conflicts. Existing techniques support requirements identification without detecting or mitigating conflicts. The framework and tool we propose in this paper, called ConfIs, fills this gap by supporting engineers and organisations in these complex activities, with its systematic and interactive process. We applied ConfIs to a realistic GDPR example from the DEFeND EU Project, and evaluated its supportiveness, with positive results, by involving privacy and security requirements experts 1 .

show abstract

Section: Defend Projectmentioning

confidence: 99%

Section: Motivation Scenariomentioning

confidence: 99%

A Framework for Privacy and Security Requirements Analysis and Conflict Resolution for Supporting GDPR Compliance Through Privacy-by-Design

Alkubaisy

Piras

Al-Obeidallah

et al. 2022

Communications in Computer and Information Science

View full text Add to dashboard Cite

show abstract

“…The general data protection regulation (GDPR) was introduced as a fundamental regulatory framework aiming to harmonise data privacy and personal data protection in the European Union (EU). Nevertheless, since its approval in 2016, the GDPR has posed organisations with numerous challenges in achieving compliance, ensuring data protection and adapting to the evolving data privacy landscape (Piras et al , 2021; Yeung and Bygrave, 2022). This systematic literature review aims to explore and analyse the challenges business organisations face in implementing the GDPR, examining the research gap, and contributing to the existing body of knowledge by identifying directions for future research.…”

Section: Introductionmentioning

confidence: 99%

Understanding challenges of GDPR implementation in business enterprises: a systematic literature review

Smirnova,

Travieso-Morales

2024

IJLMA

View full text Add to dashboard Cite

Purpose The general data protection regulation (GDPR) was designed to address privacy challenges posed by globalisation and rapid technological advancements; however, its implementation has also introduced new hurdles for companies. This study aims to analyse and synthesise the existing literature that focuses on challenges of GDPR implementation in business enterprises, while also outlining the directions for future research. Design/methodology/approach The methodology of this review follows the preferred reporting items for systematic reviews and meta-analysis guidelines. It uses an extensive search strategy across Scopus and Web of Science databases, rigorously applying inclusion and exclusion criteria, yielding a detailed analysis of 16 selected studies that concentrate on GDPR implementation challenges in business organisations. Findings The findings indicate a predominant use of conceptual study methodologies in prior research, often limited to specific countries and technology-driven sectors. There is also an inclination towards exploring GDPR challenges within small and medium enterprises, while larger enterprises remain comparatively unexplored. Additionally, further investigation is needed to understand the implications of emerging technologies on GDPR compliance. Research limitations/implications This study’s limitations include reliance of the search strategy on two databases, potential exclusion of relevant research, limited existing literature on GDPR implementation challenges in business context and possible influence of diverse methodologies and contexts of previous studies on generalisability of the findings. Originality/value The originality of this review lies in its exclusive focus on analysing GDPR implementation challenges within the business context, coupled with a fresh categorisation of these challenges into technical, legal, organisational, and regulatory dimensions.

show abstract

Cyber-Resilience, Principles, and Practices

Meagher,

Dhirani

2023

Internet of Things

View full text Add to dashboard Cite

A Data Scope Management Service to Support Privacy by Design and GDPR Compliance

Cited by 6 publications

References 18 publications

A Framework for Privacy and Security Requirements Analysis and Conflict Resolution for Supporting GDPR Compliance Through Privacy-by-Design

A Framework for Privacy and Security Requirements Analysis and Conflict Resolution for Supporting GDPR Compliance Through Privacy-by-Design

Understanding challenges of GDPR implementation in business enterprises: a systematic literature review

Cyber-Resilience, Principles, and Practices

Contact Info

Product

Resources

About