Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent

Research output: Contribution to journalArticleResearchpeer review

Authors

  • Tek Raj Chhetri
  • Anelia Kurteva
  • Rance J. Delong
  • Rainer Hilscher
  • Kai Korte
  • Anna Fensel

Research Organisations

External Research Organisations

  • University of Innsbruck
  • The Open Group
  • Research Triangle Institute International
  • Wageningen University and Research
View graph of relations

Details

Original languageEnglish
Article number2763
JournalSensors
Volume22
Issue number7
Publication statusPublished - 3 Apr 2022

Abstract

The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR’s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.

Keywords

    compliance verification, data protection by design, data sharing, distributed systems, GDPR, informed consent, knowledge graph, privacy, standard data protection model

ASJC Scopus subject areas

Sustainable Development Goals

Cite this

Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent. / Chhetri, Tek Raj; Kurteva, Anelia; Delong, Rance J. et al.
In: Sensors, Vol. 22, No. 7, 2763, 03.04.2022.

Research output: Contribution to journalArticleResearchpeer review

Chhetri, T. R., Kurteva, A., Delong, R. J., Hilscher, R., Korte, K., & Fensel, A. (2022). Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent. Sensors, 22(7), Article 2763. https://doi.org/10.3390/s22072763
Chhetri TR, Kurteva A, Delong RJ, Hilscher R, Korte K, Fensel A. Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent. Sensors. 2022 Apr 3;22(7):2763. doi: 10.3390/s22072763
Chhetri, Tek Raj ; Kurteva, Anelia ; Delong, Rance J. et al. / Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent. In: Sensors. 2022 ; Vol. 22, No. 7.
Download
@article{3d38bd6934364f3ab842302c00dd89be,
title = "Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent",
abstract = "The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR{\textquoteright}s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.",
keywords = "compliance verification, data protection by design, data sharing, distributed systems, GDPR, informed consent, knowledge graph, privacy, standard data protection model",
author = "Chhetri, {Tek Raj} and Anelia Kurteva and Delong, {Rance J.} and Rainer Hilscher and Kai Korte and Anna Fensel",
note = "Publisher Copyright: {\textcopyright} 2022 by the authors. Licensee MDPI, Basel, Switzerland.",
year = "2022",
month = apr,
day = "3",
doi = "10.3390/s22072763",
language = "English",
volume = "22",
journal = "Sensors",
issn = "1424-8220",
publisher = "Multidisciplinary Digital Publishing Institute",
number = "7",

}

Download

TY - JOUR

T1 - Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent

AU - Chhetri, Tek Raj

AU - Kurteva, Anelia

AU - Delong, Rance J.

AU - Hilscher, Rainer

AU - Korte, Kai

AU - Fensel, Anna

N1 - Publisher Copyright: © 2022 by the authors. Licensee MDPI, Basel, Switzerland.

PY - 2022/4/3

Y1 - 2022/4/3

N2 - The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR’s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.

AB - The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR’s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.

KW - compliance verification

KW - data protection by design

KW - data sharing

KW - distributed systems

KW - GDPR

KW - informed consent

KW - knowledge graph

KW - privacy

KW - standard data protection model

UR - http://www.scopus.com/inward/record.url?scp=85127382516&partnerID=8YFLogxK

U2 - 10.3390/s22072763

DO - 10.3390/s22072763

M3 - Article

C2 - 35408377

AN - SCOPUS:85127382516

VL - 22

JO - Sensors

JF - Sensors

SN - 1424-8220

IS - 7

M1 - 2763

ER -