Data protection impact assessment guidelines in the context of the general data protection regulation

Grütter, Bodo Jeremy; Schneider, Bettina

Data protection impact assessment guidelines in the context of the general data protection regulation

Dateien

Gruetter_Schneider_Data_protection_impact_assessment_guidelines_2019.pdf(1001.75 KB)

Autor:innen

Grütter, Bodo Jeremy

Schneider, Bettina

Autor:in (Körperschaft)

Publikationsdatum

2019

Typ der Arbeit

Studiengang

Sammlung

Institut für Wirtschaftsinformatik

Komplettanzeige

Typ

04B - Beitrag Konferenzschrift

Herausgeber:innen

Dermol, Valerij

Herausgeber:in (Körperschaft)

Betreuer:in

Übergeordnetes Werk

Thriving on Future Education, Industry, Business and Society. Proceedings of the MakeLearn and TIIM International Conference

Themenheft

DOI der Originalpublikation

URI

https://irf.fhnw.ch/handle/11654/42575
https://doi.org/10.26041/fhnw-6540

Link

https://toknowpress.net/proceedings/978-961-6914-25-3/

Reihe / Serie

Reihennummer

Jahrgang / Band

Ausgabe / Nummer

Seiten / Dauer

261-270

Patentnummer

Verlag / Herausgebende Institution

Verlagsort / Veranstaltungsort

Piran

Auflage

Version

Programmiersprache

Abtretungsempfänger:in

Praxispartner:in/Auftraggeber:in

Zusammenfassung

The European General Data Protection Regulation (EU GDPR) requires companies to carry out a so-called Data Protection Impact Assessment (DPIA) if the processing of personal data is likely to result in a high risk to the rights and freedoms of individuals. But how can it be determined whether a risk should be considered ‘high’ and thus makes a DPIA necessary? Furthermore, if a DPIA is required, how exactly should this be performed? In response to these questions, various guidelines concerning DPIA have been published. The aim of this paper is to give those affected by the new Data Protection law an insight into three current DPIA guidelines and to support them in implementing a GDPR-compliant impact assessment. To this end, each of the selected guidelines will be described, and evaluated in terms of GDPR compliance and DPIA feasibility, i.e. on the one hand, whether the guideline complies with the relevant GDPR articles, and on the other hand what tools are provided to facilitate the operational execution of a DPIA. The study results in an overall evaluation matrix, which shows that all three guidelines have different strengths and propose differing methods for DPIA implementation.

Schlagwörter

Fachgebiet (DDC)

330 - Wirtschaft

Projekt

Veranstaltung

MakeLearn & TIIM International Conference 2019

Startdatum der Ausstellung

Enddatum der Ausstellung

Startdatum der Konferenz

15.05.2019

Enddatum der Konferenz

17.05.2019

Datum der letzten Prüfung

ISBN

978-961-6914-25-3

ISSN

Sprache

Englisch

Während FHNW Zugehörigkeit erstellt

Ja

Zukunftsfelder FHNW

Publikationsstatus

Veröffentlicht

Begutachtung

Peer-Review der ganzen Publikation

Open Access-Status

Gold

Lizenz

Zitation

Grütter, B. J., & Schneider, B. (2019). Data protection impact assessment guidelines in the context of the general data protection regulation. In V. Dermol (Ed.), Thriving on Future Education, Industry, Business and Society. Proceedings of the MakeLearn and TIIM International Conference (pp. 261–270). https://doi.org/10.26041/fhnw-6540

Komplettanzeige