It is well understood that processing personal data without effective data management models may lead to privacy violations. Such concerns have motivated the development of privacy-aware practices and systems, as well as legal frameworks and standards. However, there is a disconnect between policy-makers and software engineers with respect to the meaning of privacy. In addition, it is challenging: to establish that a system underlying business processes complies with its privacy requirements; to provide technical assurances; and to meet data subjects’ expectations. We propose an abstract personal data lifecycle (APDL) model to support the management and traceability of personal data. The APDL model represents data-processing activities in a way that is amenable to analysis. As well as facilitating the identification of potentially harmful data-processing activities, it has the potential to demonstrate compliance with legal frameworks and standards.
CITATION STYLE
Alshammari, M., & Simpson, A. (2018). Personal data management: An abstract personal data lifecycle model. In Lecture Notes in Business Information Processing (Vol. 308, pp. 685–697). Springer Verlag. https://doi.org/10.1007/978-3-319-74030-0_55
Mendeley helps you to discover research relevant for your work.