A Privacy-driven Enterprise Architecture Meta-Model for Supporting Compliance with the General Data Protection Regulation
Research output: Contributions to collected editions/works › Article in conference proceedings › Research › peer-review
Standard
Proceedings of the 52nd Annual Hawaii International Conference on System Sciences, HICSS 2019. ed. / Tung X. Bui. Honolulu: University of Hawaiʻi at Mānoa, 2019. p. 6052-6061 (Proceedings of the Annual Hawaii International Conference on System Sciences; Vol. 2019-January).
Research output: Contributions to collected editions/works › Article in conference proceedings › Research › peer-review
Harvard
APA
Vancouver
Bibtex
}
RIS
TY - CHAP
T1 - A Privacy-driven Enterprise Architecture Meta-Model for Supporting Compliance with the General Data Protection Regulation
AU - Burmeister, Fabian
AU - Drews, Paul
AU - Schirmer, Ingrid
N1 - Conference code: 52
PY - 2019/1/1
Y1 - 2019/1/1
N2 - The processing of personal data has evolved into an integral component of businesses by providing several data-driven opportunities. Simultaneously, businesses struggle with the associated responsibility for privacy, as recent data scandals have shown. As a consequence, the European Commission has passed the General Data Protection Regulation (GDPR) to enhance the rights of citizens and the requirements on data protection. This paper argues that enterprise architecture (EA) models can be a key to compliance with the GDPR. Following an incremental research approach, we categorize the major obligations resulting from the GDPR, derive essential stakeholder concerns and outline necessary EA elements for capturing aspects of analytics, security and privacy in EA models. On this basis, a privacy-driven EA meta-model is developed that is capable of answering key concerns resulting from the GDPR.
AB - The processing of personal data has evolved into an integral component of businesses by providing several data-driven opportunities. Simultaneously, businesses struggle with the associated responsibility for privacy, as recent data scandals have shown. As a consequence, the European Commission has passed the General Data Protection Regulation (GDPR) to enhance the rights of citizens and the requirements on data protection. This paper argues that enterprise architecture (EA) models can be a key to compliance with the GDPR. Following an incremental research approach, we categorize the major obligations resulting from the GDPR, derive essential stakeholder concerns and outline necessary EA elements for capturing aspects of analytics, security and privacy in EA models. On this basis, a privacy-driven EA meta-model is developed that is capable of answering key concerns resulting from the GDPR.
KW - Business informatics
KW - Enterprise Architecture and Business Process Analysis
KW - Organizational Systems and Technology
KW - Enterprise architecture
KW - GDPR
KW - Meta-Model
KW - Privacy
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85073507425&partnerID=8YFLogxK
UR - https://www.mendeley.com/catalogue/5ddd5736-84c8-32b8-aa0f-57f88425ff56/
U2 - 10.24251/HICSS.2019.729
DO - 10.24251/HICSS.2019.729
M3 - Article in conference proceedings
T3 - Proceedings of the Annual Hawaii International Conference on System Sciences
SP - 6052
EP - 6061
BT - Proceedings of the 52nd Annual Hawaii International Conference on System Sciences, HICSS 2019
A2 - Bui, Tung X.
PB - University of Hawaiʻi at Mānoa
CY - Honolulu
T2 - 52nd Annual Hawaii International Conference on System Sciences - HICSS 2019
Y2 - 8 January 2019 through 11 January 2019
ER -