A MULTIPLE-THEORETICAL GDPR MODEL OF PARAMETERS FOR PERSONAL DATA
DOI:
https://doi.org/10.18372/2410-7840.25.18232Keywords:
cybersecurity, cyber security, information protection, information security, personal data, a multiple-theoretical representation, GDPR-model, model of personal data parameters, assessment in the area of information security, GDPR regulation, losses assessment, loss of personal dataAbstract
Developing of an effective method for assessing the negative consequences of a personal data (PD) leakage helps companies manage risks more effectively and protect their financial and reputational stability. The GDPR provides for the possibility of imposing significant fines in case of violation of data protection rules. The method will allow businesses to assess the potential financial consequences of a data leakage and implement effective preventive measures to saving themselves from possible fines. This developed method will help organizations effectively implement the GDPR requirements, ensuring a high level of data protection and appropriate risk management. The purpose of this paper is to develop a method for assessing the negative consequences of a PD confidentiality leakage in case of violation of the requirements established by the GDPR. The method of assessment in accordance with the provisions of the GDPR Regulation, which, through the stages of identifying the object of assessment (providing information about the enterprise), determining the level of violation, forming primary expert information and finalizing the procedure for processing expert data, analytically transforms the sets of input data of the developed tuple model of the integrated representation of parameters, values of values reflecting the judgment of experts, developed new assessment rules, scattering of points and a certain set of recommendations.
References
General Data Protection Regulation (GDPR) / Inter-soft Consulting. 2018. URL: https://gdpr-info.eu/ (date of access: 20.12.2023).
DLA Piper GDPR Data Breach Survey 2020 / DLA PIPER. 2020. URL: https://www.dlapiper.com/en-us/insights/publications/2020/01/gdpr-data-breach-survey-2020 (date of access: 29.12.2023).
What is a QRA? / DNV. URL: https://www.dnv. com/oilgas/qra/index.html (date of access: 20.12.2023).
D. Vose. Risk Analysis: A Quantitative Guide, 3rd Edition, 2008, p. 4 // URL: https: // books.google.com.ua /books?id=9CaoAqaRcVwC&printsec=copyright&redir_esc=y#v=onepage&q=QRA&f=false (date of access: 20.12.2023).
Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) / The CyberAB – CMMC Certifiction. 2023. URL: https://cyberab.org/ (date of access: 20.12.2023).
Fair Information Practice Principles (FIPPs) / FPC. 2022. URL: https: // www.fpc.gov / resources / fipps/ (date of access: 29.12.2023).
Introduction to FAIR / Medium. 2019. URL: https:// medium.com/@enstructure/introduction-to-fair-bc5e¬7da0e72c (date of access: 20.12.2023).
О. Корченко, Ю. Дрейс, І. Лозова. Модель та метод оцінки ризиків захисту персональних даних під час їх обробки в автоматизованих систе-мах, Захист інформації, Т. 18, № 1, С. 39-47, 2016.
Лозова І., Педченко Є., Баланда А. Теоретико-множинне представлення параметру «Рівень порушення» для кортежної GDPR-моделі, ITSec-2020: Безпека інформаційних технологій матеріали Х міжнар. наук.-техніч. конф., м. Київ, 19-24 березня 2020 року. Київ, 2020. С. 47-49.
О. Корченко, Ю.Дрейс, І.Лозова, Є. Педченко. Теоретико-множинна GDPR-модель параметрів персональних даних. Захист інформації, Т. 22, № 2, 2020. С. 120-141.
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
