A MULTIPLE-THEORETICAL GDPR MODEL OF PARAMETERS FOR PERSONAL DATA
DOI:
https://doi.org/10.18372/2410-7840.25.18232Keywords:
cybersecurity, cyber security, information protection, information security, personal data, a multiple-theoretical representation, GDPR-model, model of personal data parameters, assessment in the area of information security, GDPR regulation, losses assessment, loss of personal dataAbstract
Developing of an effective method for assessing the negative consequences of a personal data (PD) leakage helps companies manage risks more effectively and protect their financial and reputational stability. The GDPR provides for the possibility of imposing significant fines in case of violation of data protection rules. The method will allow businesses to assess the potential financial consequences of a data leakage and implement effective preventive measures to saving themselves from possible fines. This developed method will help organizations effectively implement the GDPR requirements, ensuring a high level of data protection and appropriate risk management. The purpose of this paper is to develop a method for assessing the negative consequences of a PD confidentiality leakage in case of violation of the requirements established by the GDPR. The method of assessment in accordance with the provisions of the GDPR Regulation, which, through the stages of identifying the object of assessment (providing information about the enterprise), determining the level of violation, forming primary expert information and finalizing the procedure for processing expert data, analytically transforms the sets of input data of the developed tuple model of the integrated representation of parameters, values of values reflecting the judgment of experts, developed new assessment rules, scattering of points and a certain set of recommendations.
References
General Data Protection Regulation (GDPR) / Inter-soft Consulting. 2018. URL: https://gdpr-info.eu/ (date of access: 20.12.2023).
DLA Piper GDPR Data Breach Survey 2020 / DLA PIPER. 2020. URL: https://www.dlapiper.com/en-us/insights/publications/2020/01/gdpr-data-breach-survey-2020 (date of access: 29.12.2023).
What is a QRA? / DNV. URL: https://www.dnv. com/oilgas/qra/index.html (date of access: 20.12.2023).
D. Vose. Risk Analysis: A Quantitative Guide, 3rd Edition, 2008, p. 4 // URL: https: // books.google.com.ua /books?id=9CaoAqaRcVwC&printsec=copyright&redir_esc=y#v=onepage&q=QRA&f=false (date of access: 20.12.2023).
Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) / The CyberAB – CMMC Certifiction. 2023. URL: https://cyberab.org/ (date of access: 20.12.2023).
Fair Information Practice Principles (FIPPs) / FPC. 2022. URL: https: // www.fpc.gov / resources / fipps/ (date of access: 29.12.2023).
Introduction to FAIR / Medium. 2019. URL: https:// medium.com/@enstructure/introduction-to-fair-bc5e¬7da0e72c (date of access: 20.12.2023).
О. Корченко, Ю. Дрейс, І. Лозова. Модель та метод оцінки ризиків захисту персональних даних під час їх обробки в автоматизованих систе-мах, Захист інформації, Т. 18, № 1, С. 39-47, 2016.
Лозова І., Педченко Є., Баланда А. Теоретико-множинне представлення параметру «Рівень порушення» для кортежної GDPR-моделі, ITSec-2020: Безпека інформаційних технологій матеріали Х міжнар. наук.-техніч. конф., м. Київ, 19-24 березня 2020 року. Київ, 2020. С. 47-49.
О. Корченко, Ю.Дрейс, І.Лозова, Є. Педченко. Теоретико-множинна GDPR-модель параметрів персональних даних. Захист інформації, Т. 22, № 2, 2020. С. 120-141.
Downloads
Published
How to Cite
Issue
Section
License
The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.
All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.
Copyright
Authors who publish their works in the journal:
-
retain the copyright to their publications;
-
grant the journal the right of first publication of the article;
-
agree to the distribution of their materials under the CC BY 4.0 license;
-
have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.
