Evaluating a Reference Architecture for Privacy Level Agreement\u27s Management

With the enforcement of the General Data Protection Regulation and the compliance to specific privacyand security-related principles, the adoption of Privacy by Design and Security by Design principles can be considered as a legal obligation for all organisations keeping EU citizens’ personal data. A formal way to support Data Controllers towards their compliance to the new regulation could be a Privacy Level Agreement (PLA), a mutual agreement of the privacy settings between a Data Controller and a Data Subject, that supports privacy management, by analysing privacy threats, vulnerabilities and Information Systems’ trust relationships. However, the concept of PLA has only been proposed on a theoretical level. In this paper, we propose a novel reference architecture to enable PLA management in practice, and we report on the application and evaluation of PLA management within the context of real-life case studies from two different domains, the public administration and the healthcare, where sensitive data is kept. The results are rather positive, indicating that the adoption of such an agreement promotes the transparency of an organisation while enhances data subjects’ trust

Common controls driven conceptual leadership framework

The forthcoming social welfare and healthcare reform in Finland with its organizational, financing and steering changes challenges the leadership. All service systems levels of the social welfare and healthcare have to achieve performance objectives whilst at the same time also meeting conformance requirements. However, there are hundreds authority documents (e.g., best practices, guidelines, regulations and standards) the common controls of which are adapted partly manually and partly by leveraging automation in organizations. Leaders review and develop their practices around performance and conformity (i.e., conformance or compliance) within frameworks that are mainly the sets of principles. However, the common controls affect into the main tasks of the governance (i.e., direct, evaluate and monitor). Therefore, we construct a conceptual leadership framework to highlight the meaning of the common controls and the meaning of criteria for performance and conformity. The constructed framework contains the terms (e.g., a control objective, decision criteria, event, insight, and transaction) that are mainly defined in the glossaries of the authority documents. The terms are used to find out terms and definitions for the leadership framework to figure out cognitive meanings for the concepts of the common controls driven leadership

Modelling Inter-Organizational Business Processes Governance

Digital transformation requires decentralizing business process governance due to the increasing interdependencies of organizations and more complex business pipelines enabled by information technologies. We present a modelling approach to assist companies in their inter-organizational business process governance (IO-BPG). The results emerge from a design science research conducted with a major European telecommunications service provider. They include (1) the key domain attributes, (2) a domain-specific ontology, and (3) a BPMN extension instantiated in IO-BPG scenarios of Software-as-a-Service, covering structure, processes, and relational mechanisms. For theory, this paper extends the literature on business process governance with a modelling approach evaluated in one of the most regulated and dynamic economic sectors. For practice, our proposal may help appraise accountability, confidentiality, compliance, autonomy, authority, traceability, and collaboration configurations that are crucial to IO-BPG

An Integrated Framework for the Methodological Assurance of Security and Privacy in the Development and Operation of MultiCloud Applications

x, 169 p.This Thesis studies research questions about how to design multiCloud applications taking into account security and privacy requirements to protect the system from potential risks and about how to decide which security and privacy protections to include in the system. In addition, solutions are needed to overcome the difficulties in assuring security and privacy properties defined at design time still hold all along the system life-cycle, from development to operation.In this Thesis an innovative DevOps integrated methodology and framework are presented, which help to rationalise and systematise security and privacy analyses in multiCloud to enable an informed decision-process for risk-cost balanced selection of the protections of the system components and the protections to request from Cloud Service Providers used. The focus of the work is on the Development phase of the analysis and creation of multiCloud applications.The main contributions of this Thesis for multiCloud applications are four: i) The integrated DevOps methodology for security and privacy assurance; and its integrating parts: ii) a security and privacy requirements modelling language, iii) a continuous risk assessment methodology and its complementary risk-based optimisation of defences, and iv) a Security and Privacy Service Level AgreementComposition method.The integrated DevOps methodology and its integrating Development methods have been validated in the case study of a real multiCloud application in the eHealth domain. The validation confirmed the feasibility and benefits of the solution with regards to the rationalisation and systematisation of security and privacy assurance in multiCloud systems

A Meta-Model Driven Method for Establishing Business Process Compliance to GDPR

2016. aasta aprillis kiitis Euroopa Parlament ja Nõukogu heaks ning võttis vastu uue isikuandmete kaitse määruse - GDPRi (Isikuandmete kaitse üldmäärus), mis jõustub 2018. aasta mai lõpus Euroopa Liidus (EL). GDPRi eesmärgiks on lahendada ELi kodanike isikuandmete kaitse ja kasutamisega seotud päevakohaseid probleeme. Uue määruse kohaselt kõik organisatsioonid, mis kasutavad ELi kodanike isikuandmeid oma igapäevases tegevuses, peavad oma infosüsteeme ja äriprotsesse ümber hindama, et need vastaksid uutele eeskirjadele ja piirangutele. Isikuandmete väärkasutus võib ettevõttele olla väga kulukas - kuni 20 miljonit eurot või 4% aastasest käibest trahvidena. Sellele vaatamata puudub tehniline juhis või selge lähenemisviis, mis aitaks hinnata infosüsteemide äriprotsesside vastavust GDPRi nõuetele. Käesolev töö käsitleb mainitud probleemi, uurides üldmääruse õigusakti teksti ja pakkudes välja infosüsteemide äriprotsesside analüüsimise metoodikat, mis aitaks viia äriprotsesse vastavusse GDPRi nõuetele. Pakutud metoodika aitab kaardistada isikuandmete liikumist erinevate osapoolte vahel ja tuua välja äriprotsessi probleemsed kohad, mis aitab vähendada isikuandmete kuritarvitamist. Pakutud metoodikat saab kasutada ka automatiseeritud tööriista väljatöötamiseks.In the April 2016, the European Parliament and Council approved the new personal data protection regulation - GDPR (General Data Protection Regulation), which will take effect at the end of the May 2018 in all Member States of European Union (EU). The GDPR is addressing common problems of the protection and the usage of the personal data of EU citizens. According to the new regulation, all organizations that use personal data of EU citizens in their day-to-day activities - have to re-evaluate their business processes and information systems to comply with the new rules and constraints. The punishment for misuse of personal data can be very costly to the company - up to 20 million euros or 4% of the annual global turnover in fines. Nevertheless, there is no technical guidance or clear approach that would help to evaluate business processes of an information system to comply with GDPR. This thesis will address mentioned issue by researching the GDPR legislation text and proposing an actual methodology for analysing business processes of information systems and aligning them with the GDPR. The proposed methodology will also help to map the flow of the personal data between different parties and highlight the problematic places in the business processes suggesting measures to reduce the misuse of personal data. This approach could be used as a reference point for developing the automated tool for analysing the processes of an information system to comply with GDPR

Refinement of the General Data Protection Regulation (GDPR) Model: Administrative Fines Perspective

Isikuandmete kaitse üldmääruse (2016/679/EL; edaspidi ÜM) nõuetele vastamiseks vajavad organisatsioonid raamistikku, mis võimaldab hinnata oma äriprotsesside vastavust ÜM-ile. Sel eesmärgil on Tartu Ülikooli Arvutiteaduste Insituudi teadurid loomas tarkvaralist lahendust, mis võimaldab äriprotsesside vastavust ÜM-ile pool-automatiseerida. Lahenduse nimeks on hetkel pakutud Data Protection Observation Engine (edaspidi DPOE). Seni tehtud teadustöö on loonud DPOE kontseptuaalse mudeli, mis katab üldisi ÜM-i nõudeid UML formaadis kirjeldades peamisi olemeid, artefakte ja suhteid nende vahel (edaspidi DPOE Mudel). DPOE Mudel vajab aga valideerimist ÜM-i täielikkuse aspektist (st. kui palju ÜM-st on kaetud DPOE Mudeliga). Käesolev magistritöö täiendab olemasolevat teadustööd DPOE Mudeli õigusliku valideerimise näol. Valideerimine toimub ÜM artiklite 83(4) ja 83(5) baasil, mis kirjeldab võtmeartiklid, mille rikkumine võib kaasa tüüa rahatrahvid. Selline valideeriline võimaldab DPOE peamistel kasutajatel – andmekaitseametnikel – saada kindlust, et DPOE poolt genereeritud tulemused ja tõstatatud võimalikud mittevastavused on olulised, kuna need puudutavad võtmeartikleid. See omakorda tagab DPOE tulemuste terviklikkuse. Sellega luuakse ka võimalus võrrelda DPOE Mudeli hetkeversiooni täiustatud DPOE Mudeliga õigusliku täielikkuse (s.t. ÜM artiklite katmise) vaatest. DPOE Mudeli hetkeversiooni ja täiustatud versiooni rakendatakse äriprotsessile (ÕIS2 sisselogimine), et võrrelda, kui palju ÜM-i artikleid Mudelid katavad. Valideerimise ja mudelite rakendamisel äriprotsessile suurendatakse lõpptulemusena DPOE Mudeli küpsust.To meet the requirements of the General Data Protection Regulation (2016/679/EU; herein-after GDPR), organizations need a framework for assessing compliance of their business processes. For such purpose, a Data Protection Observation Engine (hereinafter DPOE) – a software tool enabling business process GDPR compliance check semi-automatically – is created by the researchers of Institute of Computer Science of University of Tartu. Current research on the DPOE has produced a conceptual model covering general GDPR require-ments in an UML format describing the key entities, artefacts and relationships between these (hereinafter DPOE Model). The DPOE Model, however, requires validation in terms of legal completeness (i.e. GDPR coverage). The thesis adds to the existing research by legally validating the DPOE Model from the perspective of Article 83(4) and 83(5) of the GDPR concerning administrative fines. These articles describe key GDPR requirements which’ infringement bring about fines up to 20,000,000 EUR. Thus, these are the require-ments every organization must treat with special attention in order to be compliant with the GDPR. This validation also enables the prime users of DPOE, the data protection officers, to trust the results generated by the DPOE as they know the potential incompliance issues raised are of key importance. This in turn ensures the integrity of the output of the DPOE. As such, the basis for comparing the current version of the DPOE Model to the refined DPOE Model in terms of legal completeness (i.e. GDPR article coverage) is created. In order to measure how legal completeness has in fact improved, the results generated by the refined DPOE Model are compared to the results generated by current version of the DPOE Model on an actual business process (ÕIS2 login process). As a result of the validation and the comparison of the current version of the Model to the refined Model, the maturity of the Model is enhanced

Legal Design Perspectives : Theoretical and Practical Insights from the Field

This publication and its release in gold open access has been made possible thanks to the support of the Erasmus+ Jean Monnet Module grant 599987-EPP-1-2018-1-BE-EPPJMO-MODULE for the course “European IT Law by Design”. The European Commission’s support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.Publisher PD