Show simple item record

A Semantic Specification for Data Protection Impact Assessments (DPIA)

dc.contributor.authorPandit, Harshvardhan
dc.date.accessioned2022-07-11T09:30:56Z
dc.date.available2022-07-11T09:30:56Z
dc.date.created13 SEP 2022en
dc.date.issued2022
dc.date.submitted2022en
dc.identifier.citationHarshvardhan J. Pandit, A Semantic Specification for Data Protection Impact Assessments (DPIA), International Conference on Semantic Systems (SEMANTiCS), Vienna, Austria, 13 SEP 2022, 2022en
dc.identifier.otherY
dc.description.abstractThe GDPR requires assessing and conducting a Data Protection Impact Assessment (DPIA) for processing of personal data that may result in high risk and impact to the data subjects. Documenting this process requires information about processing activities, entities and their roles, risks, mitigations and resulting im- pacts, and consultations. Impact assessments are complex activities where stake- holders face difficulties to identify relevant risks and mitigations, especially for emerging technologies and specific considerations in their use-cases, and to doc- ument outcomes in a consistent and reusable manner. We address this challenge by utilising linked-data to represent DPIA related information so that it can be better managed and shared in an interoperable manner. For this, we consulted the guidance documents produced by EU Data Protection Authorities (DPA) regarding DPIA and by ENISA regarding risk management. The outcome of our efforts is an extension to the Data Privacy Vocabulary (DPV) for documenting DPIAs and an ontology for risk management based on ISO 31000 family of standards. Our contri- butions fill an important gap within the state of the art, and paves the way for shared impact assessments with future regulations such as for AI and Cybersecurity.en
dc.language.isoenen
dc.rightsYen
dc.subjectGDPRen
dc.subjectDPIAen
dc.subjectRisk Managementen
dc.subjectISOen
dc.subjectSemantic-Weben
dc.titleA Semantic Specification for Data Protection Impact Assessments (DPIA)en
dc.title.alternativeInternational Conference on Semantic Systems (SEMANTiCS)en
dc.typeConference Paperen
dc.type.supercollectionscholarly_publicationsen
dc.type.supercollectionrefereed_publicationsen
dc.identifier.peoplefinderurlhttp://people.tcd.ie/pandithj
dc.identifier.rssinternalid244538
dc.identifier.doihttps://doi.org/10.5281/zenodo.6783203
dc.rights.ecaccessrightsopenAccess
dc.subject.TCDTagData Protection Impact Assessment (DPIA)en
dc.subject.TCDTagGDPRen
dc.subject.TCDTagInternational Standardization Organisation (ISO)en
dc.subject.TCDTagRISK ASSESSMENTen
dc.subject.TCDTagRISK MANAGEMENTen
dc.subject.TCDTagSEMANTIC WEBen
dc.subject.TCDTagfundamental rightsen
dc.subject.TCDTagrights impact assessmenten
dc.identifier.rssurihttps://harshp.com/research/publications/053-DPV-DPIA
dc.contributor.sponsorIrish Research Council (IRC)en
dc.contributor.sponsorGrantNumberGOIPD/2020/790en
dc.contributor.sponsorScience Foundation Ireland (SFI)en
dc.contributor.sponsorGrantNumber13/RC/2106_P2en
dc.identifier.urihttp://hdl.handle.net/2262/100126


Files in this item

Thumbnail
Name:
SEMANTiCS_2022_DPIA.pdf
Size:
541.7Kb
Format:
PDF
Description:
Accepted for publication (author's ...
View/Open
Thumbnail
Name:
license.txt
Size:
3.163Kb
Format:
Text file
View/Open

This item appears in the following Collection(s)

Show simple item record