Socio-technical systems (STS) become ever more complex and are, at runtime, composed of systems that have not been known, and cannot be known, at design time. This makes the consideration of all possible threats, e.g. privacy or security incidents, at design time impossible. Consequently, during runtime unwanted events occur inevitably. There is a need for systems with accountability mechanisms that make it possible to trace causality chains to find the root causes of an unwanted event.
We provide a structured method for designing an accountability architecture for STS. In contrast to existing research our method starts with the elicitation of accountability goals to answer why an unwanted event happened and who is responsible for it. We base the answer for these two questions on established data governance research. Our generic accountability model for STS allows the derivation of accountability graphs by extraction of all relevant interactions between STS entities. Thereby, we identified four fundamentally different interaction types. Accountability graphs are the basis for designing accountability mechanisms for all relevant STS entities, yielding an accountability architecture fulfilling these goals. The resulting architecture is adjusted according to legal compliance policies. We show the applicability of our approach with an eHealth case study.