Applied Sciences (Oct 2023)

An Open-Source Software Tool to Facilitate Data Protection Impact Assessments

  • Layla Tabea Riemann,
  • Felicia P. S. Hähner,
  • Ann-Kathrin Schmitz,
  • Maximilian Ataian,
  • Matthias Jaster,
  • Frank Ückert

DOI
https://doi.org/10.3390/app132011230
Journal volume & issue
Vol. 13, no. 20
p. 11230

Abstract

Read online

In the realm of medical research, preserving patient privacy while facilitating effective research and collaborations poses a significant challenge. Data protection impact assessments (DPIAs) and associated methodologies have emerged as a response to this dual imperative. DPIAs necessitate expertise across diverse domains, resulting in a complex procedural landscape. To address this, we present “DPIA click&go”, a user-friendly tool designed to streamline the DPIA process in a plug-and-play manner. This tool enables users to semi-automatically select risks from predefined categories, construct evaluation matrices, access risk-mitigating measures, and re-evaluate risks after the application of mitigation strategies. Tailoring risks and measures to each institute’s needs is essential, facilitated by the provided data model, considerably simplifying DPIA creation at an institutional level. The efficacy of the DPIA click&go tool was validated with a real-world project, comparing its performance with a manually created DPIA in terms of risk coverage and mitigation strategies. The promising outcomes of this tool underscore its potential within the national data protection landscape, suggesting its possible foundational role in harmonizing data protection practices at a larger, potentially, European or global, scale.

Keywords