Reference : A Model-based Conceptualization of Requirements for Compliance Checking of Data Proce...
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/48398
A Model-based Conceptualization of Requirements for Compliance Checking of Data Processing against GDPR
English
Amaral Cejas, Orlando mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV >]
Abualhaija, Sallam mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV >]
Sabetzadeh, Mehrdad mailto [School of Electrical Engineering and Computer Science > University of Ottawa]
Briand, Lionel mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV >]
Sep-2021
2020 IEEE Eleventh International Model-Driven Requirements Engineering (MoDRE)
Yes
11th Model-Driven Requirements Engineering (MoDRE) Workshop
20-09-2021
[en] Conceptual Modeling ; Qualitative Research ; Regulatory Compliance ; Data Processing Agreements ; , General Data Protection Regulation (GDPR)
[en] The General Data Protection Regulation (GDPR) has been recently introduced to harmonize the different data privacy laws across Europe. Whether inside the EU or outside, organizations have to comply with the GDPR as long as they handle personal data of EU residents. The organizations with whom personal data is shared are referred to as data controllers. When controllers subcontract certain services that involve processing personal data to service providers (also known as data processors), then a data processing agreement (DPA) has to be issued. This agreement regulates the relationship between the controllers and processors and also ensures the protection of individuals’ personal data. Compliance with the GDPR is challenging for organizations since it is large and relies on complex legal concepts. In this paper, we draw on model-driven engineering to build a machine-analyzable conceptual model that characterizes DPA-related requirements in the GDPR. Further, we create a set of criteria for checking the compliance of a given DPA against the GDPR and discuss how our work in this paper can be adapted to develop an automated compliance checking solution.
http://hdl.handle.net/10993/48398
FnR ; FNR13759068 > Mehrdad Sabetzadeh > ARTAGO > Artificial Intelligence-enabled Automation For Gdpr Compliance > 01/01/2020 > 31/12/2022 > 2019

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
MoDRE21-AASB.pdfAuthor postprint433.77 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.