A Data Protection Impact Assessment Methodology for Cloud

We propose a data protection impact assessment (DPIA) method based on successive questionnaires for an initial screening and for a full screening for a given project. These were tailored to satisfy the needs of Small and Medium Enterprises (SMEs) that intend to process personal data in the cloud. The approach is based on legal and socio-economic analysis of privacy issues for cloud deployments and takes into consideration the new requirements for DPIAs within the European Union (EU) as put forward by the proposed General Data Protection Regulation (GDPR). The resultant features have been implemented within a tool.

With Rehab Alnemr, Erdal Cayirci, Lorenzo Dalla Corte, Alexandr Garaga, Ronald Leenes, Rodney Mhungu, Siani Pearson, Chris Reed, Anderson Santana De Oliveira, Dimitra Stefanatou, Katerina Tetrimida and Asma Vranaki

At the Annual Privacy Forum 2015

See the slides: APF2015presentaion

And the full paper (pre-proceedings version): ANPF2015

%d bloggers like this: