Back to top

Appropriate Technical and Organizational Measures - Identifying Privacy Engineering Approaches to Meet GDPR Requirements

Last modified Jul 19
   No tags assigned

Data portability is one of the new provisions that have been introduced with the General Data Protection
Regulation (GDPR) in May 2018. Given certain limitations, the data subject can request a digital copy of
her own personal data. Practical guidelines describe how to handle such data portability requests, but do not
support in identifying which data has to be handed out. We apply a rigorous method to extract the necessary
information properties to fulfill data portability requests. We then use these properties to define an abstract
service for data portability. This service is evaluated in seven expert interviews.

 

Link to file: https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1052&context=amcis2019

Files and Subpages

There are no subpages or files.