Privacy-by-design and privacy-by-default constraints imposed by GDPR require that proper design decisions are taken on systems which deal with personal data in order to avoid legal actions and minimize risk. This impacts architectural decisions and may thus have consequences on system performances. In this paper we present a methodological approach, together with a new version of our specific tool, to support decision processes in privacy-impacted systems and provide assessor-friendly documentation of decision impact. We show the effectiveness of our approach by means of a simple case in health data management systems.
A DEFENSIVE METHODOLOGICAL APPROACH TO SUPPORT DESIGN DECISIONS UNDER GDPR CONSTRAINTS
Mastroianni M.
;
2026-01-01
Abstract
Privacy-by-design and privacy-by-default constraints imposed by GDPR require that proper design decisions are taken on systems which deal with personal data in order to avoid legal actions and minimize risk. This impacts architectural decisions and may thus have consequences on system performances. In this paper we present a methodological approach, together with a new version of our specific tool, to support decision processes in privacy-impacted systems and provide assessor-friendly documentation of decision impact. We show the effectiveness of our approach by means of a simple case in health data management systems.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.


