Project deliverable Open Access

MyHealthMyData (MHMD): Deliverable 2.6 - Privacy-by-design and compliance assessment

Cristofaro, Lorenzo; Panetta, Rocco

Citation Style Language JSON Export

  "publisher": "Zenodo", 
  "DOI": "10.5281/zenodo.3541594", 
  "language": "eng", 
  "title": "MyHealthMyData (MHMD): Deliverable 2.6 - Privacy-by-design and compliance assessment", 
  "issued": {
    "date-parts": [
  "abstract": "<p>This deliverable represents the&nbsp;<em>data protection impact assessment</em>&nbsp;(DPIA) of the MHMD project. It has been produced to&nbsp;assess and&nbsp;certify the&nbsp;compliance of the MHMD system to the data privacy and security constraints and requirements set out in the GDPR.&nbsp;</p>\n\n<p>The DPIA is a tool&nbsp;especially required in the GDPR when the processing on a large scale of special categories of data takes place and consists of&nbsp;a process for building and demonstrating compliance.&nbsp;It is&nbsp;designed to&nbsp;describe the processing, assess its necessity and proportionality, and help manage the risks to the rights and freedoms of data subjects&nbsp;which may result from the envisaged operations involving personal data, in order to identify and then adopt the measures which allow the controller to best address such risks.&nbsp;In line with the risk-based approach underpinning by the GDPR, carrying out a DPIA is not mandatory for every processing operation: this is only required where a type of processing, on account of its nature, scope, context and purposes, is likely to result in a &laquo;high risk&raquo; to the rights and freedoms of natural persons (Art. 35.1).</p>\n\n<p>The MHMD&nbsp;<em>Privacy by design and compliance assessment&nbsp;</em>describes&nbsp;MHMD actors&nbsp;with relevant roles, obligations and responsibilities,&nbsp;personal data categories and processing operations involved,&nbsp;system components&nbsp;(user and hospital interfaces, data catalogue, blockchain architecture model),&nbsp;data usage modalities&nbsp;(i.e., data sharing and secure local computation),&nbsp;data de-identification measures and&nbsp;system security.</p>", 
  "author": [
      "family": "Cristofaro, Lorenzo"
      "family": "Panetta, Rocco"
  "type": "report", 
  "id": "3541594"
All versions This version
Views 165166
Downloads 145145
Data volume 562.7 MB562.7 MB
Unique views 151152
Unique downloads 124124


Cite as