Project deliverable Open Access

MyHealthMyData (MHMD): Deliverable 2.6 - Privacy-by-design and compliance assessment

Cristofaro, Lorenzo; Panetta, Rocco

JSON-LD ( Export

  "inLanguage": {
    "alternateName": "eng", 
    "@type": "Language", 
    "name": "English"
  "description": "<p>This deliverable represents the&nbsp;<em>data protection impact assessment</em>&nbsp;(DPIA) of the MHMD project. It has been produced to&nbsp;assess and&nbsp;certify the&nbsp;compliance of the MHMD system to the data privacy and security constraints and requirements set out in the GDPR.&nbsp;</p>\n\n<p>The DPIA is a tool&nbsp;especially required in the GDPR when the processing on a large scale of special categories of data takes place and consists of&nbsp;a process for building and demonstrating compliance.&nbsp;It is&nbsp;designed to&nbsp;describe the processing, assess its necessity and proportionality, and help manage the risks to the rights and freedoms of data subjects&nbsp;which may result from the envisaged operations involving personal data, in order to identify and then adopt the measures which allow the controller to best address such risks.&nbsp;In line with the risk-based approach underpinning by the GDPR, carrying out a DPIA is not mandatory for every processing operation: this is only required where a type of processing, on account of its nature, scope, context and purposes, is likely to result in a &laquo;high risk&raquo; to the rights and freedoms of natural persons (Art. 35.1).</p>\n\n<p>The MHMD&nbsp;<em>Privacy by design and compliance assessment&nbsp;</em>describes&nbsp;MHMD actors&nbsp;with relevant roles, obligations and responsibilities,&nbsp;personal data categories and processing operations involved,&nbsp;system components&nbsp;(user and hospital interfaces, data catalogue, blockchain architecture model),&nbsp;data usage modalities&nbsp;(i.e., data sharing and secure local computation),&nbsp;data de-identification measures and&nbsp;system security.</p>", 
  "license": "", 
  "creator": [
      "affiliation": "Panetta & Associati", 
      "@type": "Person", 
      "name": "Cristofaro, Lorenzo"
      "affiliation": "Panetta & Associati", 
      "@type": "Person", 
      "name": "Panetta, Rocco"
  "url": "", 
  "datePublished": "2019-10-31", 
  "@context": "", 
  "identifier": "", 
  "@id": "", 
  "@type": "CreativeWork", 
  "name": "MyHealthMyData (MHMD): Deliverable 2.6 - Privacy-by-design and compliance assessment"
All versions This version
Views 165166
Downloads 145145
Data volume 562.7 MB562.7 MB
Unique views 151152
Unique downloads 124124


Cite as