Article

ARIANE : la Gouvernance des Données comme Accélérateur de Conformité au Règlement Général sur la Protection des Données

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Assurer la conformité au règlement général sur la protection des données (RGPD) passe par la mise en place de la protection de la vie privée dès la conception des processus métiers des organisations (privacy by design). Il est par conséquent nécessaire de prendre en compte les contraintes liées à l'usage des données à caractère personnel dans le plan d'urbanisme des systèmes d'informations (SI). La démonstration présente ARIANE, une plateforme intégrée de gouvernance des données à caractère personnel. ARIANE permet d'industrialiser la protection de la vie privée en constituant un référentiel unique de personnes physiques.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... It also allows to comply with privacy regulation restrictions as GDPR and CCPA [10]. Thus we are seeing the emergence of innovative solutions in the market permitting to meet the challenges of personal data governance within the organizations [2], [12]. ...
... A hash function is a computationally efficient function that maps bitstrings of arbitrary length to bitstrings of fixed length, called hash values. Let K denote a n−dimensional vector space over GF (2). A keyed-hash function hash k : k ∈ K; hash k (m) =ḿ is indexed by a key k. ...
Conference Paper
Personal data governance is became a key issue within organisations. This is mainly due to (i) the strategic value of personal data which provide more insights improving commercial and operational efficiency ; and (ii) data security risk issues and privacy regulation restrictions (e.g., GDPR and CCPA). Creating data catalogs is an important step for setting up a personal data governance. However, it remains a time-consuming task especially because of the absence of naming conventions in database modeling coupled to the heterogeneity of database management systems (DBMS) across Information Systems (IS). The paper presents SecP2I, an efficient data analytics-based approach permitting personal data discovery in structured and semi-structured datasets while guaranteeing end-to-end data confidentiality. The effectiveness of the platform is proven using a real world HR dataset.
Conference Paper
Teambuilder is a prototype of a recommendation engine based on a Big Human Resources Data platform, allowing to securely retrieve the best candidates (resume) for a specific mission.
Article
The long-awaited General Data Protection Regulation (GDPR) of the EU was provisionally agreed in December 2015.¹ The final details are still being ironed out, but publication of the final version of the regulation is expected around July 2016.² There will then be a two-year waiting period until every organisation that does business in, or with, the EU must comply with the regulation. Since it is a regulation, not a directive, compliance is mandatory, without the need for each member state to ratify it into its own legislation. The GDPR expands the scope of data protection so that it applies to anyone or any organisation that collects and processes information related to EU citizens, no matter where they are based or where the data is stored. Colin Tankard of Digital Pathways examines what effect the new regulation is likely to have on organisations.
Chapter
Privacy by design is often praised by lawyers as an essential step towards better privacy protection: in a world where privacy is more and more jeopardized by new information and communication technologies (ICT), the growing view is that part of the remedy should come from the technologies themselves. On the technological front, privacy enhancing technologies (PETs) have been an active research topic in computer science during the last decades and a variety of techniques have been proposed (including anonymizers, identity management systems, privacy proxies, encryption mechanisms, filters, etc.). One must admit however that the take-up of most of these techniques by consumers is still rather limited. The goal of this chapter is to review this gap between a toolset of available technologies and the still unrealized promises of privacy by design.
Achieving GDPR compliance of BPMN process models
  • S Agostinelli
  • F M Maggi
  • A Marrella
  • F Sapio
Agostinelli, S., Maggi, F. M., Marrella, A., and Sapio, F. Achieving GDPR compliance of BPMN process models. In Information Systems Engineering in Responsible Information Systems -CAiSE Forum 2019, Proceedings (2019).
Les processus métiers en tant que services -BPaaS : sécurisation des données et des services
  • M Bentounsi
Bentounsi, M. Les processus métiers en tant que services -BPaaS : sécurisation des données et des services. Thèse de doctorat, Sorbonne Paris Cité, France, 2015.
Gdpr compliant. le guide pratique
  • L Alloin
  • A Bensoussan
  • T Brun
  • B Després
  • C Dupré
  • J P Gaulier
  • D Genest
  • D Skalski
  • S Tournadre
Alloin, L., Bensoussan, A., Brun, T., Després, B., Dupré, C., Gaulier, J. P., Genest, D., Skalski, D., and Tournadre, S. Gdpr compliant. le guide pratique. Umanis, Lexing, Segeco & IBM (2018).