The adoption of the General Data Protection Regulation (GDPR) is a major concern for data controllers of the public and private sector, as they are obliged to conform to the new principles and requirements managing personal data. In this paper, we propose that the data controllers adopt the concept of the Privacy Level Agreement. We present a metamodel for PLAs to support privacy management, based on analysis of privacy threats, vulnerabilities and trust relationships in their Information Systems, whilst complying with laws and regulations, and we illustrate the relevance of the metamodel with the GDPR.
|Number of pages||7|
|Journal||Ceur Workshop Proceedings|
|Publication status||Published - 1 Jan 2017|
|Event||ER Forum and the ER Demo Track, ER-Forum-Demos 2017 - Valencia, Spain|
Duration: 6 Nov 2017 → 9 Nov 2017
- General Data Protection Regulation
- Privacy Engineering
- Privacy Level Agreement
- Privacy Management
FingerprintDive into the research topics of 'A metamodel for GDPR-based privacy level agreements'. Together they form a unique fingerprint.
- School of Arch, Tech and Eng - Principal Lecturer
- Centre for Secure, Intelligent and Usable Systems