Related papers: A Personal data Value at Risk Approach
Data Management portfolio within an organization has seen an upsurge in initiatives for compliance, security, repurposing and storage within and outside the organization. When such initiatives are being put to practice care must be taken…
The data revolution continues to transform every sector of science, industry and government. Due to the incredible impact of data-driven technology on society, we are becoming increasingly aware of the imperative to use data and algorithms…
The open data ecosystem is susceptible to vulnerabilities due to disclosure risks. Though the datasets are anonymized during release, the prevalence of the release-and-forget model makes the data defenders blind to privacy issues arising…
The data is an important asset of an organization and it is essential to keep this asset secure. It requires security in whatever state is it i.e. data at rest, data in use, and data in transit. There is a need to pay more attention to it…
Privacy risk assessments have been touted as an objective, principled way to encourage organizations to implement privacy-by-design. They are central to a new regulatory model of collaborative governance, as embodied by the GDPR. However,…
Enforcing data protection and privacy rules within large data processing applications is becoming increasingly important, especially in the light of GDPR and similar regulatory frameworks. Most modern data processing happens on top of a…
Information security management aims at ensuring proper protection of information values and information processing systems (i.e. assets). Information security risk management techniques are incorporated to deal with threats and…
The General Data Protection Regulation (GDPR) remains the gold standard in privacy and security regulation. We investigate how the cost and effort required to implement GDPR is viewed by workers who have also experienced the regulations'…
Researchers find weaknesses in current strategies for protecting privacy in large datasets. Many anonymized datasets are reidentifiable, and norms for offering data subjects notice and consent over emphasize individual responsibility. Based…
The new General Data Protection Regulation (GDPR) will take effect in May 2018, and hence, designing compliant data protection policies and system architectures became crucial for organizations to avoid penalties. Unfortunately, the…
The European General Data Protection Regulation (GDPR) grants European users the right to access their data processed and stored by organizations. Although the GDPR contains requirements for data processing organizations (e.g.,…
The General Data Protection Regulation (GDPR) has become a touchstone model for modern privacy law, in part because it empowers consumers with unprecedented control over the use of their personal information. However, this same power may be…
Decisions about sharing personal information are not trivial, since there are many legitimate and important purposes for such data collection, but often the collected data can reveal sensitive information about individuals.…
Privacy and data protection constitute core values of individuals and of democratic societies. There have been decades of debate on how those values -and legal obligations- can be embedded into systems, preferably from the very beginning of…
The increasing pace of data collection has led to increasing awareness of privacy risks, resulting in new data privacy regulations like General data Protection Regulation (GDPR). Such regulations are an important step, but automatic…
The management of data and digital assets poses various challenges, including the need to adhere to legal requirements with respect to personal data protection and copyright. Usage control technologies could be used by software platform…
The thesis advances the field of software security by providing knowledge and automation support for software vulnerability assessment using data-driven approaches. Software vulnerability assessment provides important and multifaceted…
The principle of data minimization aims to reduce the amount of data collected, processed or retained to minimize the potential for misuse, unauthorized access, or data breaches. Rooted in privacy-by-design principles, data minimization has…
The EU GDPR is a landmark regulation that introduced several rights for individuals to obtain information and control how their personal data is being processed, as well as receive a copy of it. However, there are gaps in the effective use…
Daily, massive volume of data are produced due to the internet of things' rapid development, which has now permeated the healthcare industry. Recent advances in data mining have spawned a new field of a study dubbed privacy-preserving data…