Qualifying and measuring transparency: A medical data system case study

Dayana Spagnuelo*, Cesare Bartolini, Gabriele Lenzini

*Corresponding author for this work

Research output: Contribution to JournalArticle

Abstract

Transparency is a data processing principle enforced by the GDPR but purposely left open to interpretation. As such, the means to adhere to it are left unspecified. Article 29 Working Party provides practical guidance on how to interpret transparency, however there are no defined requirements nor ways to verify the quality of the implementation of transparency in a service. We address this problem. We discuss and define applicable metrics for transparency, propose how a measurement can be conducted in an operative system, and suggest a practical way in which these metrics can be interpreted in order to increase confidence that transparency is realised in a system.

Original languageEnglish
Article number101717
Pages (from-to)1-20
Number of pages20
JournalComputers & Security
Volume91
Early online date10 Jan 2020
DOIs
Publication statusPublished - 1 Apr 2020

    Fingerprint

Keywords

  • GDPR
  • Measurement
  • Medical data system
  • Metric
  • Requirement engineering
  • Transparency

Cite this