Authors:
Dominik Huth
;
Michael Vilser
;
Gloria Bondel
and
Florian Matthes
Affiliation:
Chair of Software Engineering for Business Information Systems, Department of Informatics, Technical University of Munich, Boltzmannstr. 3, Garching, Germany
Keyword(s):
Data Protection Management, General Data Protection Regulation, GDPR, Enterprise Architecture Management.
Abstract:
The General Data Protection Regulation has forced organizations worldwide to rethink their processing activities of personal data. One of the key difficulties of ensuring GDPR compliance is the scope of the regulation and its interdisciplinarity: Data protection management (DPM) has to address challenges on the legal, business and technical level over the entire organization. Enterprise architecture management (EAM) is a well-established discipline that follows a holistic approach to strategically develop the enterprise architecture, consisting of people, processes, applications, and their interrelationships. Thus, DPM can be considered a stakeholder in the EA management process. In this paper, we report on a survey with 38 data protection officers that investigates the main challenges for DPM, as well as the collaboration between DPM and EAM during the implementation of the GDPR.