Full Program »
An approach to GDPR based on Object Role Modeling
The General Data Protection Regulation 2016/679 (GDPR) is a set of legal rules to attain the protection of natural persons in what personal data processing and the free movement of such data is concerned. When those rules are considered in the operation of information systems, the one become attainable for legal approval within that scope. This paper presents a model we are developing to help enterprises do aligned their information system with the GDPR requirements. The model shall serve the purpose of analyzing the enterprises in what concerns the use of subject’s personal data, allowing to capture and improve data protection capabilities placed in the GDPR. The main issue of our approach is set a baseline to define the requirements for establishing, implementing, maintain and continually improving data protection management system on organizations.