Conference paper Open Access

Test-driven Approach Towards GDPR Compliance

Pandit, Harshvardhan J.; O'Sullivan, Declan; Lewis, Dave

An organisation using personal data should document its data governance processes to maintain and demonstrate compliance with the General Data Protection Regulation (GDPR). As processes evolve, their documentation should reflect these changes with an assessment showing ongoing compliance. Through this paper, we show how semantic representations of processes are useful towards maintaining ongoing GDPR compliance by using a test-driven approach that generates and checks constraints for adherence to GDPR requirements. We first check whether all required information has been documented, and then whether it is compliant. We prototype our testing approach using a real-world website’s consent mechanism for GDPR compliance, and persist results towards generating documentation. We use previously- published ontologies to represent processes (GDPRov), consent (GConsent), and GDPR (GDPRtEXT), with SHACL used to test requirement constraints.

Paper and Resources: https://w3id.org/GDPRep/semantic-tests
Files (626.9 kB)
Name Size
preprint.pdf
md5:71b83f776ed26de8f80732d536219645
626.9 kB Download
98
42
views
downloads
All versions This version
Views 9898
Downloads 4242
Data volume 26.3 MB26.3 MB
Unique views 8282
Unique downloads 4141

Share

Cite as