Abstract
The collection and processing of personal data offers great opportunities for technological advances, but the accumulation of vast amounts of personal data also increases the risk of misuse for malicious intentions, especially in health care. Therefore, personal data are legally protected, e.g., by the European General Data Protection Regulation (GDPR), which states that individuals must be transparently informed and have the right to take control over the processing of their personal data. In real applications privacy policies are used to fulfill these requirements which can be negotiated via user interfaces. The literature proposes privacy languages as an electronic format for privacy policies while the users privacy preferences are represented by preference languages. However, this is only the beginning of the personal data life-cycle, which also includes the processing of personal data and its transfer to various stakeholders. In this work we define a personal privacy workflow, considering the negotiation of privacy policies, privacy-preserving processing and secondary use of personal data, in context of health care data processing to survey applicable Privacy Enhancing Technologies (PETs) to ensure the individuals’ privacy. Based on a broad literature review we identify open research questions for each step of the workflow.
Highlights
In the age of digitisation the importance of developments such as Big Data, artificial intelligence and Industry 4.0 increases, especially in the health care sector
Requested data are used within the controller environment for various processing purposes, e.g., determination of contacts to track down chains of infection, which is documented in the controllers privacy policy (PP)
Privacy languages are a valid approach to ensure the above mentioned properties and can be utilised to technically document that controllers comply with the given legal framework of the General Data Protection Regulation (GDPR)
Summary
In the age of digitisation the importance of developments such as Big Data, artificial intelligence and Industry 4.0 increases, especially in the health care sector. Different measures in different countries and their consequences can be observed and new insights can be drawn from them to develop a ‘best practice’ To these technical possibilities, that arise with collecting, processing and sharing data, the side of protecting the users personal rights has to be considered. Every user has to give his explicit consent to process his personal data, like location data (GPS) or phone numbers, for a specific purpose like medical research or tracking With this small example, it comes to mind, that privacy has an important part for implementing and using such apps.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
