Data protection impact assessment guidelines in the context of the general data protection regulation

Typ
04B - Beitrag Konferenzschrift
Herausgeber:innen
Herausgeber:in (Körperschaft)
Betreuer:in
Übergeordnetes Werk
Thriving on Future Education, Industry, Business and Society. Proceedings of the MakeLearn and TIIM International Conference
Themenheft
DOI der Originalpublikation
Reihe / Serie
Reihennummer
Jahrgang / Band
Ausgabe / Nummer
Seiten / Dauer
261-270
Patentnummer
Verlag / Herausgebende Institution
Verlagsort / Veranstaltungsort
Piran
Auflage
Version
Programmiersprache
Abtretungsempfänger:in
Praxispartner:in/Auftraggeber:in
Zusammenfassung
The European General Data Protection Regulation (EU GDPR) requires companies to carry out a so-called Data Protection Impact Assessment (DPIA) if the processing of personal data is likely to result in a high risk to the rights and freedoms of individuals. But how can it be determined whether a risk should be considered ‘high’ and thus makes a DPIA necessary? Furthermore, if a DPIA is required, how exactly should this be performed? In response to these questions, various guidelines concerning DPIA have been published. The aim of this paper is to give those affected by the new Data Protection law an insight into three current DPIA guidelines and to support them in implementing a GDPR-compliant impact assessment. To this end, each of the selected guidelines will be described, and evaluated in terms of GDPR compliance and DPIA feasibility, i.e. on the one hand, whether the guideline complies with the relevant GDPR articles, and on the other hand what tools are provided to facilitate the operational execution of a DPIA. The study results in an overall evaluation matrix, which shows that all three guidelines have different strengths and propose differing methods for DPIA implementation.
Schlagwörter
Fachgebiet (DDC)
330 - Wirtschaft
Projekt
Veranstaltung
MakeLearn & TIIM International Conference 2019
Startdatum der Ausstellung
Enddatum der Ausstellung
Startdatum der Konferenz
15.05.2019
Enddatum der Konferenz
17.05.2019
Datum der letzten Prüfung
ISBN
978-961-6914-25-3
ISSN
Sprache
Englisch
Während FHNW Zugehörigkeit erstellt
Ja
Zukunftsfelder FHNW
Publikationsstatus
Veröffentlicht
Begutachtung
Peer-Review der ganzen Publikation
Open Access-Status
Gold
Lizenz
'https://creativecommons.org/licenses/by-nc-nd/4.0/'
Zitation
GRÜTTER, Bodo Jeremy und Bettina SCHNEIDER, 2019. Data protection impact assessment guidelines in the context of the general data protection regulation. In: Valerij DERMOL (Hrsg.), Thriving on Future Education, Industry, Business and Society. Proceedings of the MakeLearn and TIIM International Conference. Piran. 2019. S. 261–270. ISBN 978-961-6914-25-3. Verfügbar unter: https://doi.org/10.26041/fhnw-6540