On the Evaluation of Privacy Impact Assessment and Privacy Risk Assessment Methodologies: A Systematic Literature Review
Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy Impact Assessments (PIAs) offer a systematic methodology for such purposes, which are closely related to Data Protection Impact Assessments...
Saved in:
| Published in | IEEE access Vol. 12; pp. 19625 - 19650 |
|---|---|
| Main Authors | , , , |
| Format | Journal Article |
| Language | English |
| Published |
Piscataway
IEEE
2024
The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
| Subjects | |
| Online Access | Get full text |
| ISSN | 2169-3536 2169-3536 |
| DOI | 10.1109/ACCESS.2024.3360864 |
Cover
| Abstract | Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy Impact Assessments (PIAs) offer a systematic methodology for such purposes, which are closely related to Data Protection Impact Assessments (DPIAs), particularly outlined in Article 35 of the General Data Protection Regulation (GDPR). The core of a PIA is a Privacy Risk Assessment (PRA). PRAs can be integrated as part of full-fledged PIAs or independently developed to support PIA processes. Although these methodologies have been identified as essential enablers of privacy by design, their effectiveness has been criticized because of the lack of evidence of their rigorous and systematic evaluation. Hence, we conducted a Systematic Literature Review (SLR) to identify published PIA and PRA methodologies and assess how and to what extent they have been scientifically validated or evaluated. We found that these methodologies are rarely evaluated for their performance in practice, and most of them have only been validated in limited studies. Most validation evidence is found with PRA methodologies. Of the evaluated methodologies, PIAs were the most evaluated, where case studies were the predominant evaluation method. These evaluated methodologies can be easily transferred to an industrial setting or used by practitioners, as they provide evidence of their use in practice. In addition, the findings in this study can be used to inform researchers of the current state-of-the-art, and practitioners can understand the benefits and current limitations of the methodologies and adopt evidence-based practices. |
|---|---|
| AbstractList | Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy Impact Assessments (PIAs) offer a systematic methodology for such purposes, which are closely related to Data Protection Impact Assessments (DPIAs), particularly outlined in Article 35 of the General Data Protection Regulation (GDPR). The core of a PIA is a Privacy Risk Assessment (PRA). PRAs can be integrated as part of full-fledged PIAs or independently developed to support PIA processes. Although these methodologies have been identified as essential enablers of privacy by design, their effectiveness has been criticized because of the lack of evidence of their rigorous and systematic evaluation. Hence, we conducted a Systematic Literature Review (SLR) to identify published PIA and PRA methodologies and assess how and to what extent they have been scientifically validated or evaluated. We found that these methodologies are rarely evaluated for their performance in practice, and most of them have only been validated in limited studies. Most validation evidence is found with PRA methodologies. Of the evaluated methodologies, PIAs were the most evaluated, where case studies were the predominant evaluation method. These evaluated methodologies can be easily transferred to an industrial setting or used by practitioners, as they provide evidence of their use in practice. In addition, the findings in this study can be used to inform researchers of the current state-of-the-art, and practitioners can understand the benefits and current limitations of the methodologies and adopt evidence-based practices. Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy Impact Assessments (PIAs) offer a systematic methodology for such purposes, which are closely related to Data Protection Impact Assessments (DPIAs), particularly outlined in Article 35 of the General Data Protection Regulation (GDPR). The core of a PIA is a Privacy Risk Assessment (PRA). PRAs can be integrated as part of full-fledged PIAs or independently developed to support PIA processes. Although these methodologies have been identified as essential enablers of privacy by design, their effectiveness has been criticized because of the lack of evidence of their rigorous and systematic evaluation. Hence, we conducted a Systematic Literature Review (SLR) to identify published PIA and PRA methodologies and assess how and to what extent they have been scientifically validated or evaluated. We found that these methodologies are rarely evaluated for their performance in practice, and most of them have only been validated in limited studies. Most validation evidence is found with PRA methodologies. Of the evaluated methodologies, PIAs were the most evaluated, where case studies were the predominant evaluation method. These evaluated methodologies can be easily transferred to an industrial setting or used by practitioners, as they provide evidence of their use in practice. In addition, the findings in this study can be used to inform researchers of the current state-of-the-art, and practitioners can understand the benefits and current limitations of the methodologies and adopt evidence-based practices. |
| Author | Fritsch, Lothar Wairimu, Samuel Iwaya, Leonardo Horn Lindskog, Stefan |
| Author_xml | – sequence: 1 givenname: Samuel orcidid: 0000-0003-1750-649X surname: Wairimu fullname: Wairimu, Samuel email: samuel.wairimu@kau.se organization: Department of Mathematics and Computer Science, Privacy and Security (PriSec) Research Group, Karlstad University, Karlstad, Sweden – sequence: 2 givenname: Leonardo Horn orcidid: 0000-0001-9005-0543 surname: Iwaya fullname: Iwaya, Leonardo Horn organization: Department of Mathematics and Computer Science, Privacy and Security (PriSec) Research Group, Karlstad University, Karlstad, Sweden – sequence: 3 givenname: Lothar orcidid: 0000-0002-0418-4121 surname: Fritsch fullname: Fritsch, Lothar organization: Department of Mathematics and Computer Science, Privacy and Security (PriSec) Research Group, Karlstad University, Karlstad, Sweden – sequence: 4 givenname: Stefan orcidid: 0000-0003-0778-4736 surname: Lindskog fullname: Lindskog, Stefan organization: Department of Mathematics and Computer Science, Privacy and Security (PriSec) Research Group, Karlstad University, Karlstad, Sweden |
| BackLink | https://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-98433$$DView record from Swedish Publication Index |
| BookMark | eNptUtFu0zAUjdCQGGNfAA-WeKUlsR3H5i0qBSoVDa3Aq-U4N5u7NM5sp6V_j9dMVanwi6177zk69xy_Ti4620GSvM3SaZal4mM5m81XqylOMZ0SwlLO6IvkEmdMTEhO2MXJ-1Vy7f06jYfHUl5cJn9uOhTuAc23qh1UMLZDtkE_nNkqvUeLTa90QKX34P0GuoBUVx-7t8Y_nPa-Q7i3tW3tnQH_CZVotfcBNpFVo6UJ4FQYHKBb2BrYvUleNqr1cP18XyW_vsx_zr5NljdfF7NyOdGUsjDJKOeaVHXeYI5FhZkmuYIaMpLrnNe5phiACUEprnWh4u6UCFZUVGOhCAhylSxG3tqqteyd2Si3l1YZeShYdyeViwpbkIoW0HCiAWugNOOcUs5wRYGzWORF5KIj19D1ar9TbXskzFL5FIZUWkc75FMY8jmMCPswwvwO-qH6R8Rn87s8iHhQgxScEhLH34_jvbOPA_gg13ZwXTRJYoFpShjJcJwS45R21nsHjdQmHAIMTpn2KGj8HeeCyBn2fI3_o96NKAMAJ4joVB7N-QtLF8dM |
| CODEN | IAECCG |
| CitedBy_id | crossref_primary_10_3390_app14135907 crossref_primary_10_1016_j_array_2024_100356 crossref_primary_10_1007_s44206_024_00111_4 crossref_primary_10_1109_ACCESS_2024_3509332 crossref_primary_10_1007_s12083_024_01796_7 crossref_primary_10_2139_ssrn_4945564 crossref_primary_10_1016_j_trip_2024_101254 crossref_primary_10_3390_app15020647 crossref_primary_10_1016_j_jksuci_2024_102039 |
| Cites_doi | 10.1007/s10664-008-9102-8 10.1145/3465481.3469207 10.1016/j.jss.2014.05.075 10.1007/978-94-007-2543-0 10.1002/spy2.101 10.2307/40041279 10.1007/s00766-005-0021-6 10.1007/s00766-010-0115-7 10.1016/j.cose.2019.03.010 10.1007/978-3-030-16744-8_12 10.1057/9781137033710.0006 10.1007/978-3-030-95484-0_25 10.1007/978-94-007-2543-0_21 10.1007/978-3-319-67280-9_4 10.1007/978-3-030-42048-2_9 10.1093/idpl/ipr002 10.1109/MSP.2011.47 10.1007/978-3-030-56441-4_8 10.1016/j.jss.2018.06.073 10.3390/s23031458 10.1007/978-3-319-47072-6_15 10.1002/jrsm.1378 10.1007/s00766-008-0067-3 10.1016/j.clsr.2011.11.007 10.1109/ARES.2016.95 10.1109/ACCESS.2022.3190373 10.5210/ojphi.v5i2.4623 10.1057/ejis.2013.18 10.1145/1013115.1013129 10.2139/ssrn.4426146 10.1007/978-3-319-98385-1_7 10.1109/ARES.2012.29 10.1007/978-3-030-00305-0_17 10.1145/2601248.2601268 10.1007/978-3-031-02349-1_9 10.1080/13511610.2013.761748 10.1016/j.imu.2020.100361 10.1108/ICS-04-2019-0047 10.1088/1742-6596/1679/5/052047 10.1145/3167132.3167288 10.1109/CRISIS.2012.6378941 10.1007/s13369-021-05476-z 10.1109/SPW.2015.13 10.1007/s00766-009-0080-1 10.1109/SPW.2019.00023 10.1109/ICDCS.2018.00157 10.30950/jcer.v9i1.513 10.1109/MS.2005.6 10.1093/idpl/ipu001 10.1007/978-3-030-55196-4_1 10.1007/978-3-319-41763-9_10 10.1016/j.clsr.2009.02.002 10.1007/s00500-019-03986-5 10.1109/TSE.2023.3290237 10.1145/3538969.3544462 10.3390/fi12050093 10.1109/EuroSPW.2018.00017 10.1016/j.clsr.2021.105640 10.1145/3554364.3559115 10.1109/EuroSPW51379.2020.00047 10.1007/978-3-642-31668-5_19 10.1007/978-3-030-35055-0_1 10.1145/3167132.3167414 10.1109/TSE.2021.3106280 10.1186/2046-4053-4-1 10.1109/EuroSPW54576.2021.00043 10.1109/SPW.2019.00025 10.1007/s10664-010-9146-4 10.1136/jme.2009.029918 10.1007/978-3-319-44760-5_2 10.1145/3477314.3507107 |
| ContentType | Journal Article |
| Copyright | Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2024 |
| Copyright_xml | – notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2024 |
| DBID | 97E ESBDL RIA RIE AAYXX CITATION 7SC 7SP 7SR 8BQ 8FD JG9 JQ2 L7M L~C L~D AAMOE ADTPV AOWAS D8T DG3 ZZAVC ADTOC UNPAY DOA |
| DOI | 10.1109/ACCESS.2024.3360864 |
| DatabaseName | IEEE All-Society Periodicals Package (ASPP) 2005–Present IEEE Xplore Open Access (Activated by CARLI) IEEE All-Society Periodicals Package (ASPP) 1998–Present IEEE Electronic Library (IEL) CrossRef Computer and Information Systems Abstracts Electronics & Communications Abstracts Engineered Materials Abstracts METADEX Technology Research Database Materials Research Database ProQuest Computer Science Collection Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional SWEPUB Karlstads universitet full text SwePub SwePub Articles SWEPUB Freely available online SWEPUB Karlstads universitet SwePub Articles full text Unpaywall for CDI: Periodical Content Unpaywall DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef Materials Research Database Engineered Materials Abstracts Technology Research Database Computer and Information Systems Abstracts – Academic Electronics & Communications Abstracts ProQuest Computer Science Collection Computer and Information Systems Abstracts Advanced Technologies Database with Aerospace METADEX Computer and Information Systems Abstracts Professional |
| DatabaseTitleList | Materials Research Database |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website – sequence: 2 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher – sequence: 3 dbid: UNPAY name: Unpaywall url: https://proxy.k.utb.cz/login?url=https://unpaywall.org/ sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering Computer Science |
| EISSN | 2169-3536 |
| EndPage | 19650 |
| ExternalDocumentID | oai_doaj_org_article_a47ef83ce2ce4418844862b4e863ce87 10.1109/access.2024.3360864 oai_DiVA_org_kau_98433 10_1109_ACCESS_2024_3360864 10418587 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: Region Värmland, Sweden, through the Digital Health Innovation (DHINO) Project grantid: RUN/220266 funderid: 10.13039/501100014195 – fundername: Vinnova via the DigitalWell Arena Project grantid: 2018-03025 funderid: 10.13039/501100001858 |
| GroupedDBID | 0R~ 4.4 5VS 6IK 97E AAJGR ABAZT ABVLG ACGFS ADBBV AGSQL ALMA_UNASSIGNED_HOLDINGS BCNDV BEFXN BFFAM BGNUA BKEBE BPEOZ EBS EJD ESBDL GROUPED_DOAJ IPLJI JAVBF KQ8 M43 M~E O9- OCL OK1 RIA RIE RNS AAYXX CITATION 7SC 7SP 7SR 8BQ 8FD JG9 JQ2 L7M L~C L~D AAMOE ADTPV AOWAS D8T DG3 ZZAVC ADTOC UNPAY |
| ID | FETCH-LOGICAL-c446t-1488c3bd5f2829b26c35aede135c58d5c42ee699442dc7a86443967b4c29a3e93 |
| IEDL.DBID | DOA |
| ISSN | 2169-3536 |
| IngestDate | Wed Aug 27 01:29:41 EDT 2025 Wed Aug 20 00:10:41 EDT 2025 Thu Aug 21 06:38:12 EDT 2025 Mon Jun 30 07:06:44 EDT 2025 Thu Apr 24 23:02:57 EDT 2025 Wed Oct 01 04:52:17 EDT 2025 Wed Aug 27 02:12:31 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Language | English |
| License | https://creativecommons.org/licenses/by/4.0/legalcode cc-by |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c446t-1488c3bd5f2829b26c35aede135c58d5c42ee699442dc7a86443967b4c29a3e93 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| ORCID | 0000-0003-0778-4736 0000-0001-9005-0543 0000-0003-1750-649X 0000-0002-0418-4121 |
| OpenAccessLink | https://doaj.org/article/a47ef83ce2ce4418844862b4e863ce87 |
| PQID | 2924036312 |
| PQPubID | 4845423 |
| PageCount | 26 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_a47ef83ce2ce4418844862b4e863ce87 unpaywall_primary_10_1109_access_2024_3360864 ieee_primary_10418587 crossref_citationtrail_10_1109_ACCESS_2024_3360864 swepub_primary_oai_DiVA_org_kau_98433 proquest_journals_2924036312 crossref_primary_10_1109_ACCESS_2024_3360864 |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | 20240000 2024-00-00 20240101 2024 2024-01-01 |
| PublicationDateYYYYMMDD | 2024-01-01 |
| PublicationDate_xml | – year: 2024 text: 20240000 |
| PublicationDecade | 2020 |
| PublicationPlace | Piscataway |
| PublicationPlace_xml | – name: Piscataway |
| PublicationTitle | IEEE access |
| PublicationTitleAbbrev | Access |
| PublicationYear | 2024 |
| Publisher | IEEE The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
| Publisher_xml | – name: IEEE – name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
| References | ref57 ref56 ref59 ref58 ref53 ref52 ref55 ref54 Shostack (ref84) 2014 Clarke (ref20); 28 (ref75) 1995 ref50 Creswell (ref93) 2007 ref45 ref48 ref47 ref42 ref41 ref44 ref43 ref49 ref8 ref9 ref4 ref6 ref5 ref40 ref35 ref37 ref36 ref31 ref30 ref33 ref32 Kitchenham (ref15) 2004; 33 ref38 Bisztray (ref46) ref26 ref25 ref22 ref21 Howard (ref85) 2003 ref28 Barends (ref94) 2017 ref29 Howard (ref79) 2006; 8 Treacy (ref34) 2020 Yin (ref87) 2009; 5 ref14 ref97 ref96 ref11 ref10 Di Iorio (ref7) 2009; 35 (ref95) 2014 ref16 ref19 ref92 Bruza (ref72) 1989 Corte (ref27) 2022 Sion (ref51) 2020; 15 ref89 ref86 Henriksen-Bulmer (ref90) 2020 ref88 (ref17) 2015 ref82 ref81 Lipton (ref77) 2010; 104 ref83 Biolchini (ref39) 2005 ref78 Wright (ref91) 2012; 6 (ref24) 2014 ref74 ref76 van Puijenbroek (ref12) ref2 ref1 (ref3) 2016; 119 (ref18) 2017 ref71 ref70 ref73 Fritsch (ref13) 2008 ref68 (ref23) 2011 ref67 ref69 ref64 ref63 ref66 ref65 Wuyts (ref80) 2015 ref60 ref62 ref61 |
| References_xml | – ident: ref88 doi: 10.1007/s10664-008-9102-8 – ident: ref45 doi: 10.1145/3465481.3469207 – ident: ref67 doi: 10.1016/j.jss.2014.05.075 – volume: 6 volume-title: Privacy Impact Assessment year: 2012 ident: ref91 doi: 10.1007/978-94-007-2543-0 – ident: ref10 doi: 10.1002/spy2.101 – ident: ref76 doi: 10.2307/40041279 – volume-title: Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals With Regard to the Processing of Personal Data and on the Free Movement of Such Data year: 1995 ident: ref75 – ident: ref70 doi: 10.1007/s00766-005-0021-6 – volume: 28 start-page: 1 volume-title: Proc. Austral. Law Reform Commission Workshop ident: ref20 article-title: What’s privacy – ident: ref29 doi: 10.1007/s00766-010-0115-7 – ident: ref37 doi: 10.1016/j.cose.2019.03.010 – ident: ref74 doi: 10.1007/978-3-030-16744-8_12 – ident: ref1 doi: 10.1057/9781137033710.0006 – ident: ref31 doi: 10.1007/978-3-030-95484-0_25 – ident: ref9 doi: 10.1007/978-3-030-95484-0_25 – start-page: 1 year: 2022 ident: ref27 article-title: Data protection impact assessment methods for the urban environment – volume: 8 volume-title: The Security Development Lifecycle year: 2006 ident: ref79 – ident: ref8 doi: 10.1007/978-94-007-2543-0_21 – ident: ref56 doi: 10.1007/978-3-319-67280-9_4 – start-page: 1 volume-title: SICHERHEIT 2008—Sicherheit, Schutz und Zuverlássigkeit. Beitráge der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft Fü Informatik year: 2008 ident: ref13 article-title: Towards a research road map for the management of privacy risks in information systems – volume-title: Privacy Impact Assessment (PIA) Methodology (How To Carry Out a PIA) year: 2015 ident: ref17 – ident: ref33 doi: 10.1007/978-3-030-42048-2_9 – ident: ref19 doi: 10.1093/idpl/ipr002 – year: 2005 ident: ref39 article-title: Systematic review in software engineering – ident: ref83 doi: 10.1109/MSP.2011.47 – volume-title: Conducting Privacy Impact Assessments Code of Practice year: 2014 ident: ref24 – start-page: 107 volume-title: Systems, Software and Services Process Improvement year: 2020 ident: ref34 article-title: A developer driven framework for security and privacy in the doi: 10.1007/978-3-030-56441-4_8 – ident: ref38 doi: 10.1016/j.jss.2018.06.073 – ident: ref81 doi: 10.3390/s23031458 – ident: ref22 doi: 10.1007/978-3-319-47072-6_15 – ident: ref43 doi: 10.1002/jrsm.1378 – ident: ref61 doi: 10.1007/s00766-008-0067-3 – volume-title: The Semantics of Data Flow Diagrams year: 1989 ident: ref72 – ident: ref5 doi: 10.1016/j.clsr.2011.11.007 – ident: ref49 doi: 10.1109/ARES.2016.95 – volume-title: Threat Modeling: Designing for Security year: 2014 ident: ref84 – ident: ref97 doi: 10.1109/ACCESS.2022.3190373 – ident: ref42 doi: 10.5210/ojphi.v5i2.4623 – ident: ref21 doi: 10.1057/ejis.2013.18 – ident: ref59 doi: 10.1145/1013115.1013129 – ident: ref2 doi: 10.2139/ssrn.4426146 – volume-title: Qualitative Inquiry and Research Design: Choosing Among Five Approaches year: 2007 ident: ref93 – volume-title: Privacy and Data Protection Impact Assessment Framework for RFID Applications year: 2011 ident: ref23 – ident: ref32 doi: 10.1007/978-3-319-98385-1_7 – ident: ref68 doi: 10.1109/ARES.2012.29 – ident: ref26 doi: 10.1007/978-3-030-00305-0_17 – ident: ref44 doi: 10.1145/2601248.2601268 – volume-title: Writing Secure Code year: 2003 ident: ref85 – ident: ref6 doi: 10.1007/978-3-031-02349-1_9 – volume: 33 start-page: 1 year: 2004 ident: ref15 article-title: Procedures for performing systematic reviews publication-title: Keele, UK, Keele Univ. – ident: ref40 doi: 10.1080/13511610.2013.761748 – ident: ref53 doi: 10.1016/j.imu.2020.100361 – ident: ref30 doi: 10.1108/ICS-04-2019-0047 – volume-title: CEBMa Guideline for Critically Appraised Topics in Management and Organizations year: 2017 ident: ref94 – ident: ref89 doi: 10.1088/1742-6596/1679/5/052047 – ident: ref11 doi: 10.1145/3167132.3167288 – ident: ref35 doi: 10.1109/CRISIS.2012.6378941 – ident: ref60 doi: 10.1007/s13369-021-05476-z – ident: ref73 doi: 10.1109/SPW.2015.13 – ident: ref86 doi: 10.1007/s00766-009-0080-1 – ident: ref28 doi: 10.1109/SPW.2019.00023 – ident: ref69 doi: 10.1109/ICDCS.2018.00157 – ident: ref41 doi: 10.30950/jcer.v9i1.513 – ident: ref92 doi: 10.1109/MS.2005.6 – ident: ref25 doi: 10.1093/idpl/ipu001 – ident: ref48 doi: 10.1007/978-3-030-55196-4_1 – volume: 5 volume-title: Case Study Research: Design and Methods year: 2009 ident: ref87 – ident: ref57 doi: 10.1007/978-3-319-41763-9_10 – ident: ref4 doi: 10.1016/j.clsr.2009.02.002 – volume-title: GDPR Implementation Case Study Protocol year: 2020 ident: ref90 – start-page: 185 volume-title: Proc. Open Identity Summit ident: ref46 article-title: Data protection impact assessment in identity control management with a focus on biometrics – ident: ref55 doi: 10.1007/s00500-019-03986-5 – ident: ref14 doi: 10.1109/TSE.2023.3290237 – ident: ref54 doi: 10.1145/3538969.3544462 – ident: ref52 doi: 10.3390/fi12050093 – ident: ref62 doi: 10.1109/EuroSPW.2018.00017 – ident: ref36 doi: 10.1016/j.clsr.2021.105640 – volume-title: Critical Appraisal of a Qualitative Study) year: 2014 ident: ref95 – ident: ref63 doi: 10.1145/3554364.3559115 – ident: ref78 doi: 10.1109/EuroSPW51379.2020.00047 – ident: ref82 doi: 10.1007/978-3-642-31668-5_19 – ident: ref47 doi: 10.1007/978-3-030-35055-0_1 – ident: ref66 doi: 10.1145/3167132.3167414 – ident: ref96 doi: 10.1109/TSE.2021.3106280 – volume: 15 start-page: 1 year: 2020 ident: ref51 article-title: DPMF: A modeling framework for data protection by design publication-title: Enterprise Model. Inf. Syst. Architectures (EMISAJ) – year: 2015 ident: ref80 article-title: LINDDUN privacy threat modeling: A tutorial – ident: ref16 doi: 10.1186/2046-4053-4-1 – ident: ref58 doi: 10.1109/EuroSPW54576.2021.00043 – start-page: 1 volume-title: Proc. Int. Workshop Privacy Eng., 3rd Int. Workshop Privacy Eng., 38th IEEE Symp. Security Privacy ident: ref12 article-title: Privacy impact assessments in practice: Outcome of a descriptive field research in The Netherlands – ident: ref65 doi: 10.1109/SPW.2019.00025 – ident: ref71 doi: 10.1007/s10664-010-9146-4 – volume: 35 start-page: 753 issue: 12 year: 2009 ident: ref7 article-title: Privacy impact assessment in the design of transnational public health information systems: The BIRO project publication-title: J. Med. Ethics doi: 10.1136/jme.2009.029918 – volume: 119 start-page: 1 year: 2016 ident: ref3 article-title: Regulation (EU) 2016/679 of the European parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/EC (general data protection regulation) publication-title: J. Eur. Union – volume: 104 start-page: 477 year: 2010 ident: ref77 article-title: Mapping online privacy publication-title: Nw. UL Rev. – volume-title: Article 29 Data Protection Working Party. Guidelines on Data Protection Impact Assessment (DPIA) and Determining Whether Processing is ‘Likely to Result in a High Risk’ for the Purposes of Regulation 2016/679 year: 2017 ident: ref18 – ident: ref50 doi: 10.1007/978-3-319-44760-5_2 – ident: ref64 doi: 10.1145/3477314.3507107 |
| SSID | ssj0000816957 |
| Score | 2.3900802 |
| Snippet | Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy... |
| SourceID | doaj unpaywall swepub proquest crossref ieee |
| SourceType | Open Website Open Access Repository Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 19625 |
| SubjectTerms | Bibliographies Computer Science data protection impact assessment Datavetenskap General Data Protection Regulation Guidelines Literature reviews maturity Performance evaluation Privacy privacy by design Privacy impact assessment privacy risks Protocols review Risk assessment Risk management Systematic review Systematics Threat modeling validity |
| SummonAdditionalLinks | – databaseName: IEEE Electronic Library (IEL) dbid: RIE link: http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1Lb9QwELZoL9ADz6IGCvIBbmTJ2o4f3MLSqiBaEFDUm2U7E2m1q2zV3QDl1-NHNtoFgbhFjiN7MmPPjMfzDULPisKKseEuH3MJudf4JLfcM6QBSQT3Gp7H24SnZ_zknL27KC_6ZPWYCwMA8fIZjMJjjOXXC9eFozK_wgPUihQ7aEcIlZK1hgOVUEFClaJHFhoX6mU1mXgivA9I2IhS7o13tqV9Ikh_X1Vl28BMoKF76GbXXprr72Y-31A6x3fQ2Xq66a7JbNSt7Mj9_A3J8b_puYtu9-YnrpK83EM3oL2P9jZACR-gHx9a7K1CfDTggONFgz9eTb8Zd43fxqxKXA2Anti09fD203Q523x3GutTx_0Vlq9whT8PwNH4_QDojFOAYh-dHx99mZzkfX2G3HkncpV7T0o6auuyCeFYS7ijpYEaxrR0paxLxwgAV4oxUjth_O_31g8XljmiDAVFH6LddtHCAcLCKupdu7o0AR-MOWVDBJHTRlBpSQEZImu-adeDl4caGnMdnZhC6cRsHZite2Zn6MXw0WXC7vh399dBIIauAXg7Nnie6X4da8MENJI6IA68JSmld285sQwk941SZGg_8HljvMTiDB2u5Uv3u8RSExXQEDkdkww9TzK3Nfqb6dcqjj4znVaSUZqhfBDJP2gyscTmFk2P_jKdx-hW6JbOkg7R7uqqgyfeulrZp3FV_QJNbh82 priority: 102 providerName: IEEE – databaseName: Unpaywall dbid: UNPAY link: http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3fb9MwELage0B74OfQAgP5Ad5I19qOY_MWyqaB2JiAovFk2c5Fqlpl1drCxl_P2UmjFiQkeIscJ87pu7PvcvZ3hLwYDFw-tNKnQ6kgxRWfpU4iIBUolktc4WXcTXh6Jk_G4v1FdtH-cItnYQAgbj6DfriMufwJzK7zQ8kCeZo-xBcIDBLQ3APvisr787K6TXZkhtFzj-yMz86Lb6Gi3FDqlMfc5NOWWPPQxhqEGBQy0edcojcvtpajyNrfllnZ9jgbFtFdcmdVz-3NDzubbaxCx_eIWX9_s_lk2l8tXd___I3a8f8FvE_utg4qLRqNekBuQf2Q7G7QFj4i1x9rin4jPeqYwullRc-vJt-tv6Hv4rlLWnSUn9TWZXf302Qx3bx3GitYxxkYFq9pQT931NL0Q0f5TJsUxh4ZHx99GZ2kbQWH1GOYuUxREOW5K7MqJGwdk55nFkoY8sxnqsy8YABSayFY6XOLeKB_JHMnPNOWg-aPSa--rGGf0NxpjsFfmdnAICa8diHHKHmVc-XYABLC1kAa39KbhyobMxPDnIE2xWiEOm0C-qZFPyGvuofmDbvH37u_CRrSdQ3U3LEBQTStpRsrcqgU98A8oK-pFAbAkjkBSmKjyhOyF4DfGK-BOSEHa4Uz7TyyMEwHvkTJhywhLxsl3Br97eRrEUef2pXRSnCekLTT0T9kagxgS6Yn_9j_gPSWVyt4hq7Y0j1v7e0XljUs5Q priority: 102 providerName: Unpaywall |
| Title | On the Evaluation of Privacy Impact Assessment and Privacy Risk Assessment Methodologies: A Systematic Literature Review |
| URI | https://ieeexplore.ieee.org/document/10418587 https://www.proquest.com/docview/2924036312 https://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-98433 https://ieeexplore.ieee.org/ielx7/6287639/6514899/10418587.pdf https://doaj.org/article/a47ef83ce2ce4418844862b4e863ce87 |
| UnpaywallVersion | publishedVersion |
| Volume | 12 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAFT databaseName: Open Access Digital Library customDbUrl: eissn: 2169-3536 dateEnd: 99991231 omitProxy: true ssIdentifier: ssj0000816957 issn: 2169-3536 databaseCode: KQ8 dateStart: 20130101 isFulltext: true titleUrlDefault: http://grweb.coalliance.org/oadl/oadl.html providerName: Colorado Alliance of Research Libraries – providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals customDbUrl: eissn: 2169-3536 dateEnd: 99991231 omitProxy: true ssIdentifier: ssj0000816957 issn: 2169-3536 databaseCode: DOA dateStart: 20130101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources customDbUrl: eissn: 2169-3536 dateEnd: 99991231 omitProxy: true ssIdentifier: ssj0000816957 issn: 2169-3536 databaseCode: M~E dateStart: 20130101 isFulltext: true titleUrlDefault: https://road.issn.org providerName: ISSN International Centre |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV1Nb9QwEB2hcoAeEB9FBMrKB7gRmtiOY_cWllYF0VIBi8rJsh1HWnWVVt1dSv89YyeNskKCC1fbiTOesWdebL8BeJVltsyNcGkupE_R49PUClRI4yUtBXp4EU8THp-Ioxn_eFacjVJ9hTNhHT1wN3B7hpe-kcx56jy6bikRTwhquZcCC2W8R45ubASm4hosc6GKsqcZyjO1V02nKBECQsrfMiYwkucbrigy9vcpVjajzY5BdBvurdtLc3NtFouRBzp8CA_60JFU3Sc_gju-fQzbI0LBJ_Drc0swoiMHA4c3uWjI6dX8p3E35EO8EUmqgYyTmLYear_Ml-fjuuOYWzqujX65TyrydSB9Jp8GMmbSbS7swOzw4Nv0KO1zK6QOAeAqRRQkHbN10YStVEuFY4Xxtc9Z4QpZF45T74VSnNPalQZHCyMXUVruqDLMK_YUttqL1j8DUlrFEJbVhQncXtwpG3b_BGtKJi3NfAL0dpi164nHQ_6LhY4AJFO6040OutG9bhJ4Mzx02fFu_L35u6C_oWkgzY4FaEq6NyX9L1NKYCdof9RfYPYJ5bu35qD7Gb7UVAUmQ8FymsDrzkQ2en8__17F3s_NWivJGUsgHSzoD5lMTI-5IdPz_yHTC7gf3tn9NNqFrdXV2r_EMGplJ3HGTOKNxwncnZ2cVj9-A7fHF7M |
| linkProvider | Directory of Open Access Journals |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1LbxMxEB5BOZQeyqsVCwV8gBsbEtvrB7cltEohCQha1Jtle71SlGhTNUmh_Hps72aVgEDcVn7Inp2xPePxfAPwsts1vKeZTXtMuNSf-Dg1zDOkdAJz5k94Fl8TjsZscE4_XGQXTbB6jIVxzsXHZ64TPqMvv5jbVbgq8ys8QK0IfhvuZJRyXIdrtVcqIYeEzHiDLdTryjd5v-_J8FYgph1CmFff6db5E2H6m7wq2ypmDRu6B7ur6lLffNez2caxc3IPxusJ169Npp3V0nTsz9-wHP-bovuw3yigKK8l5gHcctVD2NuAJXwEPz5VyOuF6LhFAkfzEn2-mlxre4NOY1wlyltIT6Sroq39MllMN-tGMUN13GHd4i3K0dcWOhoNW0hnVLsoDuD85PisP0ibDA2p9WbkMvW2lLDEFFkZHLIGM0sy7QrXI5nNRJFZip1jUlKKC8u1__1e_2HcUIulJk6SQ9ip5pV7DIgbSbxxV2Q6IIRRK03wITJSciIM7roE8Jpvyjbw5SGLxkxFM6YrVc1sFZitGmYn8LrtdFmjd_y7-bsgEG3TAL0dCzzPVLOSlabclYJYh63zuqQQ3sBl2FAnmC8UPIGDwOeN8WoWJ3C0li_V7BMLhWXAQ2SkhxN4Vcvc1ujvJ9_yOPpUr5QUlJAE0lYk_6BJxySbWzQ9-ct0XsDu4Gw0VMPT8cencDd0qW-WjmBnebVyz7yutTTP4wr7BWfyIoE |
| linkToUnpaywall | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3fb9MwELage0B74OfQAgP5Ad5I19qOY_MWyqaB2JiAovFk2c5Fqlpl1drCxl_P2UmjFiQkeIscJ87pu7PvcvZ3hLwYDFw-tNKnQ6kgxRWfpU4iIBUolktc4WXcTXh6Jk_G4v1FdtH-cItnYQAgbj6DfriMufwJzK7zQ8kCeZo-xBcIDBLQ3APvisr787K6TXZkhtFzj-yMz86Lb6Gi3FDqlMfc5NOWWPPQxhqEGBQy0edcojcvtpajyNrfllnZ9jgbFtFdcmdVz-3NDzubbaxCx_eIWX9_s_lk2l8tXd___I3a8f8FvE_utg4qLRqNekBuQf2Q7G7QFj4i1x9rin4jPeqYwullRc-vJt-tv6Hv4rlLWnSUn9TWZXf302Qx3bx3GitYxxkYFq9pQT931NL0Q0f5TJsUxh4ZHx99GZ2kbQWH1GOYuUxREOW5K7MqJGwdk55nFkoY8sxnqsy8YABSayFY6XOLeKB_JHMnPNOWg-aPSa--rGGf0NxpjsFfmdnAICa8diHHKHmVc-XYABLC1kAa39KbhyobMxPDnIE2xWiEOm0C-qZFPyGvuofmDbvH37u_CRrSdQ3U3LEBQTStpRsrcqgU98A8oK-pFAbAkjkBSmKjyhOyF4DfGK-BOSEHa4Uz7TyyMEwHvkTJhywhLxsl3Br97eRrEUef2pXRSnCekLTT0T9kagxgS6Yn_9j_gPSWVyt4hq7Y0j1v7e0XljUs5Q |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=On+the+Evaluation+of+Privacy+Impact+Assessment+and+Privacy+Risk+Assessment+Methodologies%3A+A+Systematic+Literature+Review&rft.jtitle=IEEE+access&rft.au=Wairimu%2C+Samuel&rft.au=Iwaya%2C+Leonardo+Horn&rft.au=Fritsch%2C+Lothar&rft.au=Lindskog%2C+Stefan&rft.date=2024&rft.issn=2169-3536&rft.eissn=2169-3536&rft.volume=12&rft.spage=19625&rft.epage=19650&rft_id=info:doi/10.1109%2FACCESS.2024.3360864&rft.externalDBID=n%2Fa&rft.externalDocID=10_1109_ACCESS_2024_3360864 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2169-3536&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2169-3536&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2169-3536&client=summon |