Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent

Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review

Autoren

  • Tek Raj Chhetri
  • Anelia Kurteva
  • Rance J. Delong
  • Rainer Hilscher
  • Kai Korte
  • Anna Fensel

Organisationseinheiten

Externe Organisationen

  • Universität Innsbruck
  • The Open Group
  • Research Triangle Institute International
  • Wageningen University and Research
Forschungs-netzwerk anzeigen

Details

OriginalspracheEnglisch
Aufsatznummer2763
FachzeitschriftSensors
Jahrgang22
Ausgabenummer7
PublikationsstatusVeröffentlicht - 3 Apr. 2022

Abstract

The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR’s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.

ASJC Scopus Sachgebiete

Ziele für nachhaltige Entwicklung

Zitieren

Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent. / Chhetri, Tek Raj; Kurteva, Anelia; Delong, Rance J. et al.
in: Sensors, Jahrgang 22, Nr. 7, 2763, 03.04.2022.

Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review

Chhetri, T. R., Kurteva, A., Delong, R. J., Hilscher, R., Korte, K., & Fensel, A. (2022). Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent. Sensors, 22(7), Artikel 2763. https://doi.org/10.3390/s22072763
Chhetri TR, Kurteva A, Delong RJ, Hilscher R, Korte K, Fensel A. Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent. Sensors. 2022 Apr 3;22(7):2763. doi: 10.3390/s22072763
Chhetri, Tek Raj ; Kurteva, Anelia ; Delong, Rance J. et al. / Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent. in: Sensors. 2022 ; Jahrgang 22, Nr. 7.
Download
@article{3d38bd6934364f3ab842302c00dd89be,
title = "Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent",
abstract = "The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR{\textquoteright}s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.",
keywords = "compliance verification, data protection by design, data sharing, distributed systems, GDPR, informed consent, knowledge graph, privacy, standard data protection model",
author = "Chhetri, {Tek Raj} and Anelia Kurteva and Delong, {Rance J.} and Rainer Hilscher and Kai Korte and Anna Fensel",
note = "Publisher Copyright: {\textcopyright} 2022 by the authors. Licensee MDPI, Basel, Switzerland.",
year = "2022",
month = apr,
day = "3",
doi = "10.3390/s22072763",
language = "English",
volume = "22",
journal = "Sensors",
issn = "1424-8220",
publisher = "Multidisciplinary Digital Publishing Institute",
number = "7",

}

Download

TY - JOUR

T1 - Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent

AU - Chhetri, Tek Raj

AU - Kurteva, Anelia

AU - Delong, Rance J.

AU - Hilscher, Rainer

AU - Korte, Kai

AU - Fensel, Anna

N1 - Publisher Copyright: © 2022 by the authors. Licensee MDPI, Basel, Switzerland.

PY - 2022/4/3

Y1 - 2022/4/3

N2 - The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR’s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.

AB - The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR’s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.

KW - compliance verification

KW - data protection by design

KW - data sharing

KW - distributed systems

KW - GDPR

KW - informed consent

KW - knowledge graph

KW - privacy

KW - standard data protection model

UR - http://www.scopus.com/inward/record.url?scp=85127382516&partnerID=8YFLogxK

U2 - 10.3390/s22072763

DO - 10.3390/s22072763

M3 - Article

C2 - 35408377

AN - SCOPUS:85127382516

VL - 22

JO - Sensors

JF - Sensors

SN - 1424-8220

IS - 7

M1 - 2763

ER -