A Privacy-driven Enterprise Architecture Meta-Model for Supporting Compliance with the General Data Protection Regulation

Burmeister, Fabian
Drews, Paul
Schirmer, Ingrid
Journal Title
Journal ISSN
Volume Title
The processing of personal data has evolved into an integral component of businesses by providing several data-driven opportunities. Simultaneously, businesses struggle with the associated responsibility for privacy, as recent data scandals have shown. As a consequence, the European Commission has passed the General Data Protection Regulation (GDPR) to enhance the rights of citizens and the requirements on data protection. This paper argues that enterprise architecture (EA) models can be a key to compliance with the GDPR. Following an incremental research approach, we categorize the major obligations resulting from the GDPR, derive essential stakeholder concerns and outline necessary EA elements for capturing aspects of analytics, security and privacy in EA models. On this basis, a privacy-driven EA meta-model is developed that is capable of answering key concerns resulting from the GDPR.
Enterprise Architecture and Business Process Analysis, Organizational Systems and Technology, Enterprise Architecture, GDPR, Meta-Model, Privacy, Security
Access Rights
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.