Μεθοδολογίες εκπόνησης εκτίμησης αντικτύπου : μία επισκόπηση
Data protection impact assessment methodologies : a review

View/ Open
Keywords
Εκτίμηση αντικτύπου στην ιδιωτική ζωή (DPIA) ; Κίνδυνοι για την ιδιωτική ζωή ; Γενικός Κανονισμός Προστασίας Δεδομένων (ΓΚΠΔ) ; Μεθοδολογία ; ΕπεξεργασίαAbstract
The GDPR requires a data protection impact assessment (DPIA) to be carried out for the processing of personal data that may result in a high risk and impact for data subjects. Documenting this process requires information on processing activities, entities and their roles, risks, mitigations, and impacts arising, and consultations. Privacy impact assessment methods guide the application of privacy principles by design and are provided for in the EU General Data Protection Regulation. As the implementation of an impact assessment is still a complex task for organizations, this paper provides a critical review and evaluation of generic DPIA methods proposed by relevant research, data protection authorities and standardization agencies. The evaluation framework is based on a comprehensive set of criteria derived through a systematic analysis of the relevant literature and identifies elements of PIA methods that need further support or clarification, as well as issues that remain open, such as the need to implement supporting tools.