nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

An Organizational Scheme for Privacy Impact Assessments

verfasst von : Konstantina Vemou, Maria Karyda

Erschienen in: Information Systems

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The importance of Privacy Ιmpact Αssessment (PIA) has been emphasized by privacy researchers and its conduction is provisioned in legal frameworks, such as the European Union’s General Data Protection Regulation. However, it is still a complicated and bewildering task for organizations processing personal data, as available methods and guidelines fail to provide adequate guidance confusing organisations and PIA practitioners. This paper analyzes the interplay among PIA stakeholders and proposes an organizational scheme for successful PIA projects.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Information Quality of Web Services: Payment Account Online Comparison Tools Survey in the Czech Republic and Slovakia

Nächstes Kapitel How Social Media Can Afford Engagement Processes

Article 36 of EU GDPR does not mention sign-off but requires prior consultation with the supervisory authority prior to processing “where a data protection impact assessment under Article 35 indicates that the processing would result in a high risk in the absence of measures taken by the controller to mitigate the risk”. The report is one of the elements to be provided to the supervisory authority during the consultation.

Pavlou, P.: State of the information privacy literature: where are we now and where should we go. MIS Q. 35(4), 977–988 (2011)CrossRef

Schwaig, K.S., Kane, G.C., Storey, V.C.: Compliance to the fair information practices: how are the Fortune 500 handling online privacy disclosures? Inf. Manag. 43(7), 805–820 (2006)CrossRef

Spiekermann, S., Novotny, A.: A vision for global privacy bridges: technical and legal measures for international data markets. Comput. Law Secur. Rev. 31(2), 181–200 (2015)CrossRef

Moores, T., Dhillon, G.: Do privacy seals in e-commerce really work? Commun. ACM - Mob. Comput. Oppor. Chall. 46(12), 265–271 (2003)

BBC: Facebook scandal ‘hit 87 million users’, 04 April 2018. http://www.bbc.com/news/technology-43649018. Accessed 20 May 2018

European Commission: Flash Eurobarometer: data protection in the European Union: citizens perceptions. Analytical report (2008)

European Commission: Special Eurobarometer 431: data protection. Report (2015)

European Commission: Special Eurobarometer 443: e-privacy. Report (2016)

Gigya: The 2017 State of Consumer Privacy and Trust report. https://www.gigya.com/resource/report/2017-state-of-consumer-privacy-trust/. Accessed 20 May 2018

10.

Cavoukian, A.: Privacy by design: the definitive workshop. A foreword by Ann Cavoukian, Ph.D. Identity Inf. Soc. 3(2), 247–251 (2010)CrossRef

11.

Clarke, R.: Privacy impact assessment: its origins and development. Comput. Law Secur. Rev. 25(2), 123–135 (2009)CrossRef

12.

UK Information Commissioner’s Office (ICO): Conducting Privacy Impact Assessments: Code of Practice (2014). https://ico.org.uk/media/for-organisations/documents/1595/pia-code-of-practice.pdf. Accessed 02 Mar 2018

13.

Treasury Board of Canada Secretariat (Canada TBS): Directive of Privacy Impact Assessments (2010). https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=18308. Accessed 02 Mar 2018

14.

International Organization for Standardization (ISO): ISO/IEC 29134 Information Technology – Security Techniques—Privacy Impact Assessment – Guidelines (2017)

15.

Wright, D.: Making privacy impact assessment more effective. Inf. Soc. 29(5), 307–315 (2013)CrossRef

16.

Wright, D., Finn, R., Rodrigues, R.: A comparative analysis of privacy impact assessment in six countries. J. Contemp. Eur. Res. 9(1), 160–180 (2013)

17.

Oetzel, M.C., Spiekermann, S.: A systematic methodology for privacy impact assessments: a design science approach. Eur. J. Inf. Syst. 23(2), 126–150 (2014)CrossRef

18.

Bieker, F., Friedewald, M., Hansen, M., Obersteller, H., Rost, M.: A process for data protection impact assessment under the European general data protection regulation. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 21–37. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44760-5_2CrossRef

19.

Commission Nationale de l’Informatique et des Libertes (CNIL): Privacy Impact Assessment (PIA) Methodology (2018). https://www.cnil.fr/en/PIA-privacy-impact-assessment-en. Accessed 22 Apr 2018

20.

Office of the Australian Information Commissioner (OAIC): Guide to undertaking privacy impact assessments (2014). https://www.oaic.gov.au/agencies-and-organisations/guides/guide-to-undertaking-privacy-impact-assessments. Accessed 02 Mar 2018

21.

Spiekermann, S.: The RFID PIA–developed by industry, endorsed by regulators. In: Wright, D., De Hert, P. (eds.) Privacy Impact Assessment. LGTS, vol. 6, pp. 323–346. Springer, Dordrecht (2012). https://doi.org/10.1007/978-94-007-2543-0_15CrossRef

22.

Health Information and Quality Authority of Ireland (HIQA): Guidance on Privacy Impact Assessment (PIA) in Health and Social Care (2017). https://www.hiqa.ie/reports-and-publications/health-information/guidance-privacy-impact-assessment-pia-health-and. Accessed 20 May 2018

23.

Office of the Privacy Commissioner (OPC) New Zealand: Privacy Impact Assessment Toolkit (2015). https://www.privacy.org.nz/news-and-publications/guidance-resources/privacy-impact-assessment/. Accessed 02 Mar 2018

Titel: An Organizational Scheme for Privacy Impact Assessments
verfasst von: Konstantina Vemou
Maria Karyda
Verlag: Springer International Publishing
Buch: Information Systems
Print ISBN: 978-3-030-11394-0

Electronic ISBN: 978-3-030-11395-7

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-11395-7_22

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"