Modelling, analysis and control of personal data to ensure data privacy - A use case driven approach

Abstract

The compliance with data protection and privacy regulations such as the European General Data Protection Regulation (GDRP) is a challenging task for companies with complex IT landscapes. Current approaches lack of a technical integration with enterprise software systems and therefore require considerable manual effort to keep permissions and retention of data in line with data protection and privacy requirements. We propose an integrated information model to link data privacy requirements with software systems, modules and data to address this problem with the help of Information Lifecycle Management (ILM) functionality. The approach is illustrated with a use case of the compliant deletion of employee data upon fulfillment of the stated purpose.

Publication
Proceedings of the 8th International Conference on Applied Human Factors and Ergonomics
Date