A metamodel for GDPR-based privacy level agreements

Vasiliki Diamantopoulou, Konstantinos Angelopoulos, Michalis Pavlidis, Haralambos Mouratidis

Research output: Contribution to journalConference articlepeer-review


The adoption of the General Data Protection Regulation (GDPR) is a major concern for data controllers of the public and private sector, as they are obliged to conform to the new principles and requirements managing personal data. In this paper, we propose that the data controllers adopt the concept of the Privacy Level Agreement. We present a metamodel for PLAs to support privacy management, based on analysis of privacy threats, vulnerabilities and trust relationships in their Information Systems, whilst complying with laws and regulations, and we illustrate the relevance of the metamodel with the GDPR.

Original languageEnglish
Pages (from-to)299-305
Number of pages7
JournalCeur Workshop Proceedings
Publication statusPublished - 1 Jan 2017
EventER Forum and the ER Demo Track, ER-Forum-Demos 2017 - Valencia, Spain
Duration: 6 Nov 20179 Nov 2017


  • General Data Protection Regulation
  • Metamodel
  • Privacy Engineering
  • Privacy Level Agreement
  • Privacy Management


Dive into the research topics of 'A metamodel for GDPR-based privacy level agreements'. Together they form a unique fingerprint.

Cite this