A data protection impact assessment methodology for cloud

Rehab Alnemr; Erdal Cayirci; Lorenzo Dalla Corte; Alexandr Garaga; Ronald Leenes; Rodney Mhungu; Siani Pearson; Chris Reed; Anderson Santana de Oliveira; Dimitra Stefanatou; Katerina Tetrimida; Asma Vranaki

doi:10.1007/978-3-319-31456-3_4

A data protection impact assessment methodology for cloud

Rehab Alnemr, Erdal Cayirci, Lorenzo Dalla Corte, Alexandr Garaga, Ronald Leenes, Rodney Mhungu, Siani Pearson, Chris Reed, Anderson Santana de Oliveira^*, Dimitra Stefanatou, Katerina Tetrimida, Asma Vranaki

^*Corresponding author for this work

University of Bristol Law School

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

12 Citations (Scopus)

Abstract

We propose a data protection impact assessment (DPIA) method based on successive questionnaires for an initial screening and for a full screening for a given project. These were tailored to satisfy the needs of Small and Medium Enterprises (SMEs) that intend to process personal data in the cloud. The approach is based on legal and socio-economic analysis of privacy issues for cloud deployments and takes into consideration the new requirements for DPIAs within the European Union (EU) as put forward by the proposed General Data Protection Regulation (GDPR). The resultant features have been implemented within a tool.

Original language	English
Title of host publication	Privacy Technologies and Policy - 3rd Annual Privacy Forum, APF 2015, Revised Selected Papers
Publisher	Springer-Verlag Berlin
Pages	60-92
Number of pages	33
Volume	9484
ISBN (Print)	9783319314556
DOIs	https://doi.org/10.1007/978-3-319-31456-3_4
Publication status	Published - 1 Jan 2016
Event	3rd Annual Privacy Forum, APF 2015 - Luxembourg, Luxembourg Duration: 7 Oct 2015 → 8 Oct 2015

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9484
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	3rd Annual Privacy Forum, APF 2015
Country/Territory	Luxembourg
City	Luxembourg
Period	7/10/15 → 8/10/15

Keywords

Cloud
Data protection impact assessment
EU GDPR
Privacy

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1007/978-3-319-31456-3_4

Handle.net

Persistent link

Cite this

Alnemr, R., Cayirci, E., Corte, L. D., Garaga, A., Leenes, R., Mhungu, R., Pearson, S., Reed, C., de Oliveira, A. S., Stefanatou, D., Tetrimida, K., & Vranaki, A. (2016). A data protection impact assessment methodology for cloud. In Privacy Technologies and Policy - 3rd Annual Privacy Forum, APF 2015, Revised Selected Papers (Vol. 9484, pp. 60-92). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9484). Springer-Verlag Berlin. https://doi.org/10.1007/978-3-319-31456-3_4

Alnemr, Rehab ; Cayirci, Erdal ; Corte, Lorenzo Dalla et al. / A data protection impact assessment methodology for cloud. Privacy Technologies and Policy - 3rd Annual Privacy Forum, APF 2015, Revised Selected Papers. Vol. 9484 Springer-Verlag Berlin, 2016. pp. 60-92 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{72b271caaeb94f19a1f69c027214da3b,

title = "A data protection impact assessment methodology for cloud",

abstract = "We propose a data protection impact assessment (DPIA) method based on successive questionnaires for an initial screening and for a full screening for a given project. These were tailored to satisfy the needs of Small and Medium Enterprises (SMEs) that intend to process personal data in the cloud. The approach is based on legal and socio-economic analysis of privacy issues for cloud deployments and takes into consideration the new requirements for DPIAs within the European Union (EU) as put forward by the proposed General Data Protection Regulation (GDPR). The resultant features have been implemented within a tool.",

keywords = "Cloud, Data protection impact assessment, EU GDPR, Privacy",

author = "Rehab Alnemr and Erdal Cayirci and Corte, \{Lorenzo Dalla\} and Alexandr Garaga and Ronald Leenes and Rodney Mhungu and Siani Pearson and Chris Reed and \{de Oliveira\}, \{Anderson Santana\} and Dimitra Stefanatou and Katerina Tetrimida and Asma Vranaki",

year = "2016",

month = jan,

day = "1",

doi = "10.1007/978-3-319-31456-3\_4",

language = "English",

isbn = "9783319314556",

volume = "9484",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer-Verlag Berlin",

pages = "60--92",

booktitle = "Privacy Technologies and Policy - 3rd Annual Privacy Forum, APF 2015, Revised Selected Papers",

note = "3rd Annual Privacy Forum, APF 2015 ; Conference date: 07-10-2015 Through 08-10-2015",

}

Alnemr, R, Cayirci, E, Corte, LD, Garaga, A, Leenes, R, Mhungu, R, Pearson, S, Reed, C, de Oliveira, AS, Stefanatou, D, Tetrimida, K & Vranaki, A 2016, A data protection impact assessment methodology for cloud. in Privacy Technologies and Policy - 3rd Annual Privacy Forum, APF 2015, Revised Selected Papers. vol. 9484, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9484, Springer-Verlag Berlin, pp. 60-92, 3rd Annual Privacy Forum, APF 2015, Luxembourg, Luxembourg, 7/10/15. https://doi.org/10.1007/978-3-319-31456-3_4

A data protection impact assessment methodology for cloud. / Alnemr, Rehab; Cayirci, Erdal; Corte, Lorenzo Dalla et al.
Privacy Technologies and Policy - 3rd Annual Privacy Forum, APF 2015, Revised Selected Papers. Vol. 9484 Springer-Verlag Berlin, 2016. p. 60-92 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9484).

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

TY - GEN

T1 - A data protection impact assessment methodology for cloud

AU - Alnemr, Rehab

AU - Cayirci, Erdal

AU - Corte, Lorenzo Dalla

AU - Garaga, Alexandr

AU - Leenes, Ronald

AU - Mhungu, Rodney

AU - Pearson, Siani

AU - Reed, Chris

AU - de Oliveira, Anderson Santana

AU - Stefanatou, Dimitra

AU - Tetrimida, Katerina

AU - Vranaki, Asma

PY - 2016/1/1

Y1 - 2016/1/1

N2 - We propose a data protection impact assessment (DPIA) method based on successive questionnaires for an initial screening and for a full screening for a given project. These were tailored to satisfy the needs of Small and Medium Enterprises (SMEs) that intend to process personal data in the cloud. The approach is based on legal and socio-economic analysis of privacy issues for cloud deployments and takes into consideration the new requirements for DPIAs within the European Union (EU) as put forward by the proposed General Data Protection Regulation (GDPR). The resultant features have been implemented within a tool.

AB - We propose a data protection impact assessment (DPIA) method based on successive questionnaires for an initial screening and for a full screening for a given project. These were tailored to satisfy the needs of Small and Medium Enterprises (SMEs) that intend to process personal data in the cloud. The approach is based on legal and socio-economic analysis of privacy issues for cloud deployments and takes into consideration the new requirements for DPIAs within the European Union (EU) as put forward by the proposed General Data Protection Regulation (GDPR). The resultant features have been implemented within a tool.

KW - Cloud

KW - Data protection impact assessment

KW - EU GDPR

KW - Privacy

UR - https://www.scopus.com/pages/publications/84961233477

U2 - 10.1007/978-3-319-31456-3_4

DO - 10.1007/978-3-319-31456-3_4

M3 - Conference Contribution (Conference Proceeding)

AN - SCOPUS:84961233477

SN - 9783319314556

VL - 9484

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 60

EP - 92

BT - Privacy Technologies and Policy - 3rd Annual Privacy Forum, APF 2015, Revised Selected Papers

PB - Springer-Verlag Berlin

T2 - 3rd Annual Privacy Forum, APF 2015

Y2 - 7 October 2015 through 8 October 2015

ER -

Alnemr R, Cayirci E, Corte LD, Garaga A, Leenes R, Mhungu R et al. A data protection impact assessment methodology for cloud. In Privacy Technologies and Policy - 3rd Annual Privacy Forum, APF 2015, Revised Selected Papers. Vol. 9484. Springer-Verlag Berlin. 2016. p. 60-92. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-31456-3_4

A data protection impact assessment methodology for cloud

Abstract

Publication series

Conference

Keywords

UN SDGs

Access to Document

Handle.net

Other files and links

Fingerprint

Cite this