Skip to main content

Implementing GDPR in the Charity Sector: A Case Study.

Tools

Henriksen-Bulmer, J., Faily, S. and Jeary, S., 2019. Implementing GDPR in the Charity Sector: A Case Study. In: 13th International IFIP Summer School on Privacy and Identity Management – Fairness, accountability and transparency in the age of big data, 20-24 August 2018, Vienna, Austria.

Full text available as:

[img]
Preview
 PDF
paper_4.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.
419kB

Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk.

Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material.

Official URL: https://www.ifip-summerschool.org/

Abstract

Due to their organisational characteristics, many charities are poorly prepared for the General Data Protection Regulation (GDPR). We present an exemplar process for implementing GDPR and the DPIA Data Wheel, a DPIA framework devised as part of the case study, that accounts for these characteristics. We validate this process and framework by conducting a GDPR implementation with a charity that works with vulnerable adults. This charity processes both special category (sensitive) and personally identifiable data. This GDPR implementation was conducted and devised for the charity sector, but can be equally applied in any organisation that needs to implement GDPR or conduct DPIAs.

Item Type:Conference or Workshop Item (Paper)
Additional Information:Proceedings - https://www.ifip-summerschool.org/proceedings/ Proceedings of the previous summer schools have been published with Springer in the IFIP Advances in Information and Communication Technology (AICT) series from the 3rd summer school on. https://link.springer.com/bookseries/6102
Uncontrolled Keywords:Privacy; Case Study; General Data Protection Regulation; GDPR; Contextual Integrity; Privacy Risk; Data Protection Impact Assessment; DPIA;
Group:Faculty of Science & Technology
ID Code:31799
Deposited By: Symplectic RT2
Deposited On:15 Feb 2019 14:33
Last Modified:14 Mar 2022 14:14

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -