A Process for Data Protection Impact Assessment Under the European General Data Protection Regulation

被引：45

作者：

Bieker, Felix ^{[1
]}

Friedewald, Michael ^{[2
]}

Hansen, Marit ^{[1
]}

Obersteller, Hannah ^{[1
]}

Rost, Martin ^{[1
]}

机构：

[1] Independent Ctr Privacy Protect Schleswig Holstei, Kiel, Germany

[2] Fraunhofer Inst Syst & Innovat Res ISI, Karlsruhe, Germany

来源：

PRIVACY TECHNOLOGIES AND POLICY, APF 2016 | 2016年 / 9857卷

关键词：

Data Protection; Data Protection Impact Assessment; General Data Protection Regulation; Privacy; Privacy Impact Assessment;

D O I：

10.1007/978-3-319-44760-5_2

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

With the General Data Protection Regulation there will be a legal obligation for controllers to conduct a Data Protection Impact Assessment for the first time. This paper examines the new provisions in detail and examines ways for their successful implementation. It proposes a process which operationalizes established requirements ensuring the appropriate attention to fundamental rights as warranted by the GDPR, incorporates the legislation's new requirements and can be adapted to suit the controller's needs.

引用

页码：21 / 37

页数：17

共 15 条

[1]

[Anonymous], 2008, 1002 BSI FED OFF INF

[2]

[Anonymous], PRIV IMP ASS METH CA

[3]

[Anonymous], 2016, ISOIEC29134

[4]

Danezis George, 2014, Privacy and data protection by design-From policy to engineering

[5]

Friedewald M, 2016, DATENSCHUTZ FOLGENAB, V2nd

[6]

Hansen M., 2012, IFIP AICT, V375, P14

[7] Protection Goals for Privacy Engineering [J].

Hansen, Marit ;

Jensen, Meiko ;

Rost, Martin .

2015 IEEE SECURITY AND PRIVACY WORKSHOPS (SPW), 2015, :159-166

[8]

Probst T., 2012, DUD DATENSCHUTZ DATE, V36, P439

[9]

Rost M., 2011, PRIVACY DESIGN NEW P

[10]

Rost M., 2009, DATENSCHUTZ DATENSIC, V33, P353

← 1 2 →