“Appropriate technical and organizational measures”: Identifying privacy engineering approaches to meet GDPR requirements

Dominik Huth; Florian Matthes

“Appropriate technical and organizational measures”: Identifying privacy engineering approaches to meet GDPR requirements

Dominik Huth, Florian Matthes

Informatics 19 - Chair of Software Engineering for Business Information Systems

Technical University of Munich

Research output: Contribution to conference › Paper › peer-review

12 Scopus citations

Abstract

The General Data Protection Regulation requires, inter alia, the establishment of technical and organizational measures to ensure privacy properties. Software developers face the challenge of identifying these properties and suitable privacy enhancing techniques (PET). We conduct a literature study and identify eight privacy engineering approaches, which we analyze for their coverage of the GDPR privacy properties and for their support in software development phases. We conclude that recent privacy engineering approaches have the conceptual background to cover the GDPR, but advocate research on the integration of privacy concerns in software development processes.

Original language	English
State	Published - 2019
Event	25th Americas Conference on Information Systems, AMCIS 2019 - Cancun, Mexico Duration: 15 Aug 2019 → 17 Aug 2019

Conference

Conference	25th Americas Conference on Information Systems, AMCIS 2019
Country/Territory	Mexico
City	Cancun
Period	15/08/19 → 17/08/19

Keywords

GDPR
Literature review
Privacy Engineering
Privacy properties

Cite this

@conference{ca393f3bb39f4bfdb570382027b38479,

title = "“Appropriate technical and organizational measures”: Identifying privacy engineering approaches to meet GDPR requirements",

abstract = "The General Data Protection Regulation requires, inter alia, the establishment of technical and organizational measures to ensure privacy properties. Software developers face the challenge of identifying these properties and suitable privacy enhancing techniques (PET). We conduct a literature study and identify eight privacy engineering approaches, which we analyze for their coverage of the GDPR privacy properties and for their support in software development phases. We conclude that recent privacy engineering approaches have the conceptual background to cover the GDPR, but advocate research on the integration of privacy concerns in software development processes.",

keywords = "GDPR, Literature review, Privacy Engineering, Privacy properties",

author = "Dominik Huth and Florian Matthes",

note = "Publisher Copyright: {\textcopyright} 2019 Association for Information Systems. All rights reserved.; 25th Americas Conference on Information Systems, AMCIS 2019 ; Conference date: 15-08-2019 Through 17-08-2019",

year = "2019",

language = "English",

}

TY - CONF

T1 - “Appropriate technical and organizational measures”

T2 - 25th Americas Conference on Information Systems, AMCIS 2019

AU - Huth, Dominik

AU - Matthes, Florian

PY - 2019

Y1 - 2019

N2 - The General Data Protection Regulation requires, inter alia, the establishment of technical and organizational measures to ensure privacy properties. Software developers face the challenge of identifying these properties and suitable privacy enhancing techniques (PET). We conduct a literature study and identify eight privacy engineering approaches, which we analyze for their coverage of the GDPR privacy properties and for their support in software development phases. We conclude that recent privacy engineering approaches have the conceptual background to cover the GDPR, but advocate research on the integration of privacy concerns in software development processes.

AB - The General Data Protection Regulation requires, inter alia, the establishment of technical and organizational measures to ensure privacy properties. Software developers face the challenge of identifying these properties and suitable privacy enhancing techniques (PET). We conduct a literature study and identify eight privacy engineering approaches, which we analyze for their coverage of the GDPR privacy properties and for their support in software development phases. We conclude that recent privacy engineering approaches have the conceptual background to cover the GDPR, but advocate research on the integration of privacy concerns in software development processes.

KW - GDPR

KW - Literature review

KW - Privacy Engineering

KW - Privacy properties

UR - http://www.scopus.com/inward/record.url?scp=85084022486&partnerID=8YFLogxK

M3 - Paper

AN - SCOPUS:85084022486

Y2 - 15 August 2019 through 17 August 2019

ER -

“Appropriate technical and organizational measures”: Identifying privacy engineering approaches to meet GDPR requirements

Abstract

Conference

Keywords

Other files and links

Fingerprint

Cite this