Chinese Journal of Network and Information Security ›› 2018, Vol. 4 ›› Issue (8): 63-70.doi: 10.11959/j.issn.2096-109x.2018064

• Papers • Previous Articles     Next Articles

Data protection impact assessment system in the mode of risk management

Ying CHENG()   

  1. Institute for Human Rights,China University of Political Science and Law,Beijing 100088,China
  • Revised:2018-07-15 Online:2018-08-15 Published:2018-10-12
  • Supported by:
    Law Society Law Research Foundation of Shandong Province(SLS(2017)C28);China Scholarship Council Foundation(201707070116)

Abstract:

In the era of big data,the risk management approach has been broadly applied in the field of personal information protection.Data protection impact assessment has become an important system to promote data protection.It takes the provisions of the data protection impact assessment of the European General Data Protection Regulation (GDPR) 2016 as the sample.By using the literature research and empirical analysis method,it analyzes in depth the theoretical background,rise and evolution,meaning and scope of data protection impact assessment to establish a standardized and specific impact assessment system as well as promote personal information protection.Assessment content includes not only privacy risk assessment,but also data security,data quality and non-discrimination.Data protection impact assessment should be set as a mandatory obligation for data processing activities that are likely to result in high risks.The evaluation process shall take the advices from stakeholders to reflect their benefits.The external supervision should be strengthened and the assessment report shall be published properly.

Key words: data protection impact assessment, personal information security impact assessment, GDPR, risk management, privacy impact assessment, personal information protection

CLC Number: 

No Suggested Reading articles found!