A Privacy-driven Enterprise Architecture Meta-Model for Supporting Compliance with the General Data Protection Regulation

Research output: Contributions to collected editions/worksArticle in conference proceedingsResearchpeer-review


The processing of personal data has evolved into an integral component of businesses by providing several data-driven opportunities. Simultaneously, businesses struggle with the associated responsibility for privacy, as recent data scandals have shown. As a consequence, the European Commission has passed the General Data Protection Regulation (GDPR) to enhance the rights of citizens and the requirements on data protection. This paper argues that enterprise architecture (EA) models can be a key to compliance with the GDPR. Following an incremental research approach, we categorize the major obligations resulting from the GDPR, derive essential stakeholder concerns and outline necessary EA elements for capturing aspects of analytics, security and privacy in EA models. On this basis, a privacy-driven EA meta-model is developed that is capable of answering key concerns resulting from the GDPR.
Original languageEnglish
Title of host publicationProceedings of the 52nd Annual Hawaii International Conference on System Sciences, HICSS 2019
EditorsTung X. Bui
Number of pages10
Place of PublicationHonolulu
PublisherUniversity of Hawaiʻi at Mānoa
Publication date2019
ISBN (Electronic)978-0-9981331-2-6
Publication statusPublished - 2019
Event52nd Annual Hawaii International Conference on System Sciences - HICSS 2019 - Grand Wailea , Maui, United States
Duration: 08.01.201911.01.2019
Conference number: 52
https://drive.google.com/file/d/163RcBjQJ1N6F8qe7TeyGd_yWjEYpIxbG/view (Conference programme)

Bibliographical note


    Research areas

  • Business informatics - Enterprise Architecture and Business Process Analysis, Organizational Systems and Technology, Enterprise architecture, GDPR, Meta-Model, Privacy, Security