Papers by Alexandra Duricu
The General Data Protection Regulation (GDPR) introduced new guidelines regarding the privacy ris... more The General Data Protection Regulation (GDPR) introduced new guidelines regarding the privacy risk assessments that should be conducted in organizations. The purpose of assessment, Data Protection Impact Assessment (DPIA), described in the GDPR is to determine the impact the identified risks could have on the privacy of the data subjects. There are many risk assessment frameworks available nowadays and also a number of guides regarding the DPIA process have been written since the implementation of the new data protection regulation, but no standardized framework has been made available. The aim of this thesis is to analyze how different risk assessment frameworks (OCTAVE Allegro, ISO, NIST) can help to conduct DPIAs and identify a methodology and guidelines which helps and organization to perform effective DPIA on processing activities which involve personal data. The outcome of the thesis is a framework adapted for the DPIA process.
Uploads
Papers by Alexandra Duricu