Refine
Departments, institutes and facilities
- Fachbereich Wirtschaftswissenschaften (1243)
- Fachbereich Informatik (1148)
- Fachbereich Angewandte Naturwissenschaften (766)
- Fachbereich Ingenieurwissenschaften und Kommunikation (636)
- Institut für funktionale Gen-Analytik (IFGA) (584)
- Institut für Technik, Ressourcenschonung und Energieeffizienz (TREE) (485)
- Präsidium (403)
- Fachbereich Sozialpolitik und Soziale Sicherung (402)
- Institute of Visual Computing (IVC) (313)
- Institut für Cyber Security & Privacy (ICSP) (307)
Document Type
- Article (2431)
- Conference Object (1806)
- Part of a Book (942)
- Book (monograph, edited volume) (452)
- Part of Periodical (411)
- Report (201)
- Contribution to a Periodical (118)
- Doctoral Thesis (106)
- Working Paper (94)
- Preprint (90)
Year of publication
Keywords
- Lehrbuch (88)
- Deutschland (34)
- Nachhaltigkeit (30)
- Controlling (25)
- Unternehmen (25)
- Management (20)
- Corporate Social Responsibility (18)
- Betriebswirtschaftslehre (17)
- Digitalisierung (17)
- Machine Learning (17)
The European General Data Protection Regulation requires the implementation of Technical and Organizational Measures (TOMs) to reduce the risk of illegitimate processing of personal data. For these measures to be effective, they must be applied correctly by employees who process personal data under the authority of their organization. However, even data processing employees often have limited knowledge of data protection policies and regulations, which increases the likelihood of misconduct and privacy breaches. To lower the likelihood of unintentional privacy breaches, TOMs must be developed with employees’ needs, capabilities, and usability requirements in mind. To reduce implementation costs and help organizations and IT engineers with the implementation, privacy patterns have proven to be effective for this purpose. In this chapter, we introduce the privacy pattern Data Cart, which specifically helps to develop TOMs for data processing employees. Based on a user-centered design approach with employees from two public organizations in Germany, we present a concept that illustrates how Privacy by Design can be effectively implemented. Organizations, IT engineers, and researchers will gain insight on how to improve the usability of privacy-compliant tools for managing personal data.
Users should always play a central role in the development of (software) solutions. The human-centered design (HCD) process in the ISO 9241-210 standard proposes a procedure for systematically involving users. However, due to its abstraction level, the HCD process provides little guidance for how it should be implemented in practice. In this chapter, we propose three concrete practical methods that enable the reader to develop usable security and privacy (USP) solutions using the HCD process. This chapter equips the reader with the procedural knowledge and recommendations to: (1) derive mental models with regard to security and privacy, (2) analyze USP needs and privacy-related requirements, and (3) collect user characteristics on privacy and structure them by user group profiles and into privacy personas. Together, these approaches help to design measures for a user-friendly implementation of security and privacy measures based on a firm understanding of the key stakeholders.