A metamodel for GDPR-based privacy level agreements

Vasiliki Diamantopoulou, Konstantinos Angelopoulos, Michalis Pavlidis, Haralambos Mouratidis

Research output: Contribution to journalConference articleResearchpeer-review

Abstract

The adoption of the General Data Protection Regulation (GDPR) is a major concern for data controllers of the public and private sector, as they are obliged to conform to the new principles and requirements managing personal data. In this paper, we propose that the data controllers adopt the concept of the Privacy Level Agreement. We present a metamodel for PLAs to support privacy management, based on analysis of privacy threats, vulnerabilities and trust relationships in their Information Systems, whilst complying with laws and regulations, and we illustrate the relevance of the metamodel with the GDPR.

Original languageEnglish
Pages (from-to)299-305
Number of pages7
JournalCeur Workshop Proceedings
Volume1979
Publication statusPublished - 1 Jan 2017
EventER Forum and the ER Demo Track, ER-Forum-Demos 2017 - Valencia, Spain
Duration: 6 Nov 20179 Nov 2017

Fingerprint

Data privacy
Controllers
Information systems

Keywords

  • General Data Protection Regulation
  • Metamodel
  • Privacy Engineering
  • Privacy Level Agreement
  • Privacy Management

Cite this

Diamantopoulou, Vasiliki ; Angelopoulos, Konstantinos ; Pavlidis, Michalis ; Mouratidis, Haralambos. / A metamodel for GDPR-based privacy level agreements. In: Ceur Workshop Proceedings. 2017 ; Vol. 1979. pp. 299-305.
@article{8d35fe5ac5044e789482ec11b378a38b,
title = "A metamodel for GDPR-based privacy level agreements",
abstract = "The adoption of the General Data Protection Regulation (GDPR) is a major concern for data controllers of the public and private sector, as they are obliged to conform to the new principles and requirements managing personal data. In this paper, we propose that the data controllers adopt the concept of the Privacy Level Agreement. We present a metamodel for PLAs to support privacy management, based on analysis of privacy threats, vulnerabilities and trust relationships in their Information Systems, whilst complying with laws and regulations, and we illustrate the relevance of the metamodel with the GDPR.",
keywords = "General Data Protection Regulation, Metamodel, Privacy Engineering, Privacy Level Agreement, Privacy Management",
author = "Vasiliki Diamantopoulou and Konstantinos Angelopoulos and Michalis Pavlidis and Haralambos Mouratidis",
year = "2017",
month = "1",
day = "1",
language = "English",
volume = "1979",
pages = "299--305",
journal = "Ceur Workshop Proceedings",
issn = "1613-0073",

}

Diamantopoulou, V, Angelopoulos, K, Pavlidis, M & Mouratidis, H 2017, 'A metamodel for GDPR-based privacy level agreements', Ceur Workshop Proceedings, vol. 1979, pp. 299-305.

A metamodel for GDPR-based privacy level agreements. / Diamantopoulou, Vasiliki; Angelopoulos, Konstantinos; Pavlidis, Michalis; Mouratidis, Haralambos.

In: Ceur Workshop Proceedings, Vol. 1979, 01.01.2017, p. 299-305.

Research output: Contribution to journalConference articleResearchpeer-review

TY - JOUR

T1 - A metamodel for GDPR-based privacy level agreements

AU - Diamantopoulou, Vasiliki

AU - Angelopoulos, Konstantinos

AU - Pavlidis, Michalis

AU - Mouratidis, Haralambos

PY - 2017/1/1

Y1 - 2017/1/1

N2 - The adoption of the General Data Protection Regulation (GDPR) is a major concern for data controllers of the public and private sector, as they are obliged to conform to the new principles and requirements managing personal data. In this paper, we propose that the data controllers adopt the concept of the Privacy Level Agreement. We present a metamodel for PLAs to support privacy management, based on analysis of privacy threats, vulnerabilities and trust relationships in their Information Systems, whilst complying with laws and regulations, and we illustrate the relevance of the metamodel with the GDPR.

AB - The adoption of the General Data Protection Regulation (GDPR) is a major concern for data controllers of the public and private sector, as they are obliged to conform to the new principles and requirements managing personal data. In this paper, we propose that the data controllers adopt the concept of the Privacy Level Agreement. We present a metamodel for PLAs to support privacy management, based on analysis of privacy threats, vulnerabilities and trust relationships in their Information Systems, whilst complying with laws and regulations, and we illustrate the relevance of the metamodel with the GDPR.

KW - General Data Protection Regulation

KW - Metamodel

KW - Privacy Engineering

KW - Privacy Level Agreement

KW - Privacy Management

UR - http://www.scopus.com/inward/record.url?scp=85035047124&partnerID=8YFLogxK

M3 - Conference article

VL - 1979

SP - 299

EP - 305

JO - Ceur Workshop Proceedings

JF - Ceur Workshop Proceedings

SN - 1613-0073

ER -