Extending ISO/IEC 29110 basic profile with privacy-by-design approach: A case study in the health care sector

Miguel Ehecatl Morales-Trujillo, Gabriel Alberto Garcia-Mireles

Research output: Contribution to conferencePaper

12 Scopus citations

Abstract

© 2018 IEEE. Privacy related elements have become an essential part of any information system. Previous studies reveal a scarcity of research on privacy in software processes, few engineering practices and a lack of methodological support to address privacy requirements in software systems. Introducing Privacy-by-Design (PbD) into software developments is an advantageous solution to tackle privacy related concerns. This paper presents an integration of PbD goals into the ISO/IEC 29110 Basic profile for small software development organizations. The most frequently encountered privacy goals as well as privacy addressing practices from previous methodological proposals were taken into account and included in the form of tasks, work products and roles. As a practical example, we describe a real life project development of a health care system that motivated the creation of the ISO/IEC 29110 PbD extension.
Original languageAmerican English
Pages56-64
Number of pages9
DOIs
StatePublished - 26 Dec 2018
EventProceedings - 2018 International Conference on the Quality of Information and Communications Technology, QUATIC 2018 -
Duration: 26 Dec 2018 → …

Conference

ConferenceProceedings - 2018 International Conference on the Quality of Information and Communications Technology, QUATIC 2018
Period26/12/18 → …

Fingerprint

Dive into the research topics of 'Extending ISO/IEC 29110 basic profile with privacy-by-design approach: A case study in the health care sector'. Together they form a unique fingerprint.

Cite this