Explore chapters and articles related to this topic
Enhancing OSH Management Processes through the Use of Smart Personal Protective Equipment, Wearables and Internet of Things Technologies
Published in Daniel Podgórski, New Opportunities and Challenges in Occupational Safety and Health Management, 2020
In order to ensure appropriate technical and organisational measures to adequately protect personal data, the GDPR requires data processing system administrators (referred to in GDPR as “data controllers”) to apply two guiding principles: (1) data protection by design; and (2) data protection by default. The principle “data protection by design” means the use of appropriate technical and organisational measures, such as pseudonymisation and data minimisation, in an effective manner, and the integration of the necessary safeguards into the data processing. Pseudonymisation is defined as:processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Informatics and The Law
Published in Alexander Peck, Clark’s Essential PACS, RIS and Imaging Informatics, 2017
4 Anonymous. To make information anonymous, it must be unidentifiable and detached from the source and this is achieved at different levels: Anonymisation converts the information into a form where it is difficult to identify the source individual; within radiology this is typically done by removing demographic information from DICOM files.Pseudonymisation leaves information traceable to source but only by those holding the contextual data – widely used for clinical trials.Deidentification is the highest level of detachment; deidentification removes both visible and non-visible clues as to the origin; this may for radiology imaging include selective depth blurring or pixilation of distinctive anatomical features, such as the face on CT head studies – preventing high-resolution CT scans from ‘giving away’ otherwise anonymised data sets.
Legal and policy aspects of information science in emerging automated environments
Published in Matthias Dehmer, Frank Emmert-Streib, Frontiers in Data Science, 2017
Metadata may be modified for various reasons. For example, for the protection of privacy, medical, genetic, and biometrical information needs to be pseudonymized for legal reason, when using this information for scientific purposes unrelated to the health of the affected individual. Pseudonymization is a technical and organizational design measure to be followed by a data controller to ensure that personal data cannot be attributed to an identified or identifiable natural person.∗ This modification of (meta)data is imposed for legal reasons, but depending on the way how the pseudonymization is undertaken can have adverse effects on the usability of the data for scientific purposes.
Probing the Past to Guide the Future IT Regulation Research: Topic Modeling and Co-word Analysis of SOX-IS Research
Published in Information Systems Management, 2022
George Mangalaraj, Anil Singh, Aakash Taneja
Security with financial assets and information is quite vital in safeguarding organizational well-being. With more focus on the value of data and its salience, information security needs cannot be ignored in the future. SOX paid specific emphasis to financial data and its upkeep. However, in areas such as privacy, GDPR already demands various protection levels to ensure that personal data meet information security requirements through techniques such as pseudonymization (Varanda et al., 2021). Information systems influence compliance with SOX regulation through various control processes. Future regulations on IT may require robust compliance mechanisms that evolve from the IS area. The compliance mechanisms engendered by SOX and the subsequent global financial crisis in 2008 have prompted RegTech to allow regulators to address compliance in the FinTech area (Marotta & Madnick, 2020).
Empowering citizens by a blockchain-Based Robinson list
Published in International Journal of Computers and Applications, 2022
Albenzio Cirillo, Vito Dalena, Antonio Mauro, Francesco Mogavero, Diego Pennino, Maurizio Pizzonia, Andrea Vitaletti, Marco Zecchini
As already observed, the main contribution of this paper is the decentralisation of the opt-in/opt-out choice. Subscribers choices are personal data that have to comply with privacy regulation, like the GDPR [7]. Decoupling the data from the personal identity (pseudonymization) is a widely used approach for this kind of compliance. In the previous sections, we deliberately avoided to introduce any in-chain information that can help associate choices to related telephone numbers or subscribers. From this point of view, the solution we have described so far is not affected by privacy concerns. However, in practice, operators do need to know both telephone numbers and choices. In this case, regulations require that operators can have knowledge of that binding, but no other subject should be able to get it.
Competence-oriented project team planning – university case study
Published in Journal of Information and Telecommunication, 2021
Eryk Szwarc, Izabela Nielsen, Czesław Smutnicki, Grzegorz Bocewicz, Zbigniew Banaszak, Jakub Bilski
FECS employing staff: The classes are given by a team of = 49 employees (academic teachers): . The competency framework was determined as a result of surveys which shows which employee what classes: may conduct: ,may conduct if it gains the missing competences: ,may not conduct and can't get the missing competences: .Part of considered competency framework is illustrated in Table 4. Due to the requirements imposed by General Data Protection Regulation data pseudonymisation has been introduced.