{"title":"A Data Privacy Governance Model: The Integration of the General Data Protection Regulation Into Standard Based Management Systems","authors":"Margareth Stoll","doi":"10.4018/IJITBAG.2019010105","DOIUrl":null,"url":null,"abstract":"The importance of data privacy, information availability and integrity are increasingly recognized. The new EU general data protection regulation 679/2016 obligates stringent legal requirements with high sanctions for noncompliance. Most organizations worldwide are affected directly or indirectly. It requires overall a risk and evidence-based data privacy management as part of corporate governance. More than 1.6 million organizations worldwide are implementing a standard-based management system, such as ISO 9001 or others. To implement the new data protection regulation in an effective, efficient and sustainable way, the author provides design-oriented guidelines on how to integrate the legal requirements into standard based management systems. The holistic data privacy governance model integrates different information security governance frameworks with standard based management systems in order to comply the regulation. In that way data privacy is part of all strategic, tactical and operational business processes, promotes corporate governance, legal compliance and living data protection.","PeriodicalId":329249,"journal":{"name":"Int. J. IT Bus. Alignment Gov.","volume":"124 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. IT Bus. Alignment Gov.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/IJITBAG.2019010105","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
The importance of data privacy, information availability and integrity are increasingly recognized. The new EU general data protection regulation 679/2016 obligates stringent legal requirements with high sanctions for noncompliance. Most organizations worldwide are affected directly or indirectly. It requires overall a risk and evidence-based data privacy management as part of corporate governance. More than 1.6 million organizations worldwide are implementing a standard-based management system, such as ISO 9001 or others. To implement the new data protection regulation in an effective, efficient and sustainable way, the author provides design-oriented guidelines on how to integrate the legal requirements into standard based management systems. The holistic data privacy governance model integrates different information security governance frameworks with standard based management systems in order to comply the regulation. In that way data privacy is part of all strategic, tactical and operational business processes, promotes corporate governance, legal compliance and living data protection.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
