Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent

The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which...

Descripción completa

Detalles Bibliográficos
Autores principales: Chhetri, Tek Raj, Kurteva, Anelia, DeLong, Rance J., Hilscher, Rainer, Korte, Kai, Fensel, Anna
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2022
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9002473/
https://www.ncbi.nlm.nih.gov/pubmed/35408377
http://dx.doi.org/10.3390/s22072763
_version_ 1784685898452959232
author Chhetri, Tek Raj
Kurteva, Anelia
DeLong, Rance J.
Hilscher, Rainer
Korte, Kai
Fensel, Anna
author_facet Chhetri, Tek Raj
Kurteva, Anelia
DeLong, Rance J.
Hilscher, Rainer
Korte, Kai
Fensel, Anna
author_sort Chhetri, Tek Raj
collection PubMed
description The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR’s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains.
format Online
Article
Text
id pubmed-9002473
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-90024732022-04-13 Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent Chhetri, Tek Raj Kurteva, Anelia DeLong, Rance J. Hilscher, Rainer Korte, Kai Fensel, Anna Sensors (Basel) Article The enforcement of the GDPR in May 2018 has led to a paradigm shift in data protection. Organizations face significant challenges, such as demonstrating compliance (or auditability) and automated compliance verification due to the complex and dynamic nature of consent, as well as the scale at which compliance verification must be performed. Furthermore, the GDPR’s promotion of data protection by design and industrial interoperability requirements has created new technical challenges, as they require significant changes in the design and implementation of systems that handle personal data. We present a scalable data protection by design tool for automated compliance verification and auditability based on informed consent that is modeled with a knowledge graph. Automated compliance verification is made possible by implementing a regulation-to-code process that translates GDPR regulations into well-defined technical and organizational measures and, ultimately, software code. We demonstrate the effectiveness of the tool in the insurance and smart cities domains. We highlight ways in which our tool can be adapted to other domains. MDPI 2022-04-03 /pmc/articles/PMC9002473/ /pubmed/35408377 http://dx.doi.org/10.3390/s22072763 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Chhetri, Tek Raj
Kurteva, Anelia
DeLong, Rance J.
Hilscher, Rainer
Korte, Kai
Fensel, Anna
Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent
title Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent
title_full Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent
title_fullStr Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent
title_full_unstemmed Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent
title_short Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent
title_sort data protection by design tool for automated gdpr compliance verification based on semantically modeled informed consent
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9002473/
https://www.ncbi.nlm.nih.gov/pubmed/35408377
http://dx.doi.org/10.3390/s22072763
work_keys_str_mv AT chhetritekraj dataprotectionbydesigntoolforautomatedgdprcomplianceverificationbasedonsemanticallymodeledinformedconsent
AT kurtevaanelia dataprotectionbydesigntoolforautomatedgdprcomplianceverificationbasedonsemanticallymodeledinformedconsent
AT delongrancej dataprotectionbydesigntoolforautomatedgdprcomplianceverificationbasedonsemanticallymodeledinformedconsent
AT hilscherrainer dataprotectionbydesigntoolforautomatedgdprcomplianceverificationbasedonsemanticallymodeledinformedconsent
AT kortekai dataprotectionbydesigntoolforautomatedgdprcomplianceverificationbasedonsemanticallymodeledinformedconsent
AT fenselanna dataprotectionbydesigntoolforautomatedgdprcomplianceverificationbasedonsemanticallymodeledinformedconsent

Ejemplares similares