Research on Self-evaluation Index System of Personal Data Protection Based on GDPR

Xu Jicang; An Xiaomi; Sun Jiarui; Wu Guojiao; Wang Li

doi:10.13266/j.issn.0252-3116.2018.23.014

Library and Information Service >

2018 , Vol. 62 >Issue 23: 113 - 118

DOI: https://doi.org/10.13266/j.issn.0252-3116.2018.23.014

Research on Self-evaluation Index System of Personal Data Protection Based on GDPR

Xu Jicang ,
An Xiaomi ,
Sun Jiarui ,
Wu Guojiao ,
Wang Li

Expand

1. School of Information Resource Management School, Renmin University of China, Beijing 100872;
2. Key Laboratory of Data Engineering and Knowledge Engineering, Ministry of Education, Beijing 100872;
3. Smart City Research Center, Renmin University of China, Beijing 100872

Received date: 2018-06-01

Revised date: 2018-08-12

Online published: 2018-12-05

Fold

Abstract

[Purpose/significance]This paper aims to solve the problem of China's enterprises facing the European General Data Protection Regulation (GDPR) related European personal data management problems and to establish and improve China's personal data protection evaluation index system, promoting the management of corporate personal data protection in China.[Method/process]Based on the specific terms of GDPR, this paper uses AHP analytic hierarchy process to construct a self-evaluation index system for personal data protection based on GDPR for Chinese enterprises.[Result/conclusion]The index system can meet the basic needs of existing enterprises to carry out self-evaluation of GDPR. At the same time, the indicators derived from the GDPR clause in the system have reference value for improving national standards such as Information Security Technology Personal Information Security Regulations.

Key words： GDPR; personal data protection; index system; AHP analysis

Cite this article

Xu Jicang , An Xiaomi , Sun Jiarui , Wu Guojiao , Wang Li . Research on Self-evaluation Index System of Personal Data Protection Based on GDPR[J]. Library and Information Service, 2018 , 62(23) : 113 -118 . DOI: 10.13266/j.issn.0252-3116.2018.23.014

References

[1] 桂畅旎. 欧盟《通用数据保护法案》的影响与对策[J]. 中国信息安全,2017(7):90-93.
[2] EU Congress. General Data Protection Regulation (GDPR)[EB/OL].[2018-04-14]. https://gdpr-info.eu/.
[3] 办公自动化编辑部.应对GDPR[J]. 办公自动化,2017,22(16):17.
[4] 王进. 论个人信息保护中知情同意原则之完善——以欧盟《一般数据保护条例》为例[J]. 广西政法管理干部学院学报,2018,33(1):59-67.
[5] 刘云. 欧洲个人信息保护法的发展历程及其改革创新[J]. 暨南学报(哲学社会科学版),2017,39(2):72-84.
[6] 张建文,张哲. 个人信息保护法域外效力研究——以欧盟《一般数据保护条例》为视角[J]. 重庆邮电大学学报(社会科学版),2017,29(2):36-43.
[7] 何治乐,黄道丽. 欧盟《一般数据保护条例》的出台背景及影响[J]. 信息安全与通信保密,2014(10):72-75.
[8] 彭星. 欧盟《一般数据保护条例》浅析及对大数据时代下我国征信监管的启示[J]. 武汉金融,2016(9):42-45.
[9] 全国信息安全标准化技术委员会.GB/Z 28828-2012, 信息安全技术公共及商用服务信息系统个人信息保护指南[S].北京:中国标准出版社,2013.
[10] 黄子河. 个人信息安全国家标准蓄势待发[J]. 中国经济和信息化,2012(7):90-91.
[11] 人民网.我国首个个人信息保护国家标准2月1日起实施[EB/OL].[2018-03-21]. http://politics.people.com.cn/n/2013/0121/c1027-20274730.html.
[12] 北京大学互联网法律中心,中国科学技术法学会.互联网企业个人信息保护测评标准[J].网络法律评论,2015,17(1):3-9.
[13] 北京大学互联网法律中心,中国科学技术法学会.互联网企业个人信息保护抽样测评报告(2017)[J].网络法律评论,2016,(1):232-240.
[14] 张哲. 探微与启示:欧盟个人数据保护法上的数据可携权研究[J]. 广西政法管理干部学院学报,2016,31(6):43-48.
[15] 编辑部.《互联网企业个人信息保护测评标准》发布[J].信息网络安全,2014(4):98.
[16] 全国信息安全标准化技术委员会.GB/T 35273-2017, 信息安全技术个人信息安全规范[EB/OL].[2018-10-08]. http://c.gb688.cn/bzgk/gb/showGb?type=online&hcno=4FFAA51D63BA21B9EE40C51DD3CC40BE.
[17] 李晓琳,黄春林. 网络经济时代中国企业面临的挑战及对策[J]. 中国管理信息化,2009,12(17):98-100.

Options

Outlines

模态框（Modal）标题

Abstract

Cite this article

References