Publication
Incorporating privacy by design in body sensor networks for medical applications: A privacy and data protection framework
Kalloniatis Christos; Lambrinoudakis Costas; Mathias Musahl; Kanatas Athanasios; Gritzalis Stefanos
In: Computer Science and Information Systems Journal, Vol. 18, Pages 323-347, ComSIS Consortium, 2021.
Abstract
Privacy and Data protection are highly complex issues within
eHealth/M-Health systems. These systems should meet specific requirements
deriving from the organizations and users, as well as from the variety of legal
obligations deriving from GDPR that dictate protection rights of data subjects and
responsibilities of data controllers. To address that, this paper proposes a Privacy
and Data Protection Framework that provides the appropriate steps so as the
proper technical, organizational and procedural measures to be undertaken. The
framework, beyond previous literature, supports the combination of privacy by
design principles with the newly introduced GDPR requirements in order to create
a strong elicitation process for deriving the set of the technical security and
privacy requirements that should be addressed. It also proposes a process for
validating that the elicited requirements are indeed fulfilling the objectives
addressed during the Data Protection Impact Assessment (DPIA), carried out
according to the GDPR.