Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Presentation

Architecture Principles for Data Privacy of Cloud-Based Medical-Device Services

  • May 2018
  • By Andrzej Knafel (Roche Diagnostics International, Ltd.)
  • This talk describes architecture principles for addressing GDPR data privacy requirements sufficiently enough to operate software products in most global regions.
  • Publisher: Software Engineering Institute
  • This presentation was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.
  • Abstract

    The European Union's GDPR (General Data Protection Regulation) adds to the varying data privacy laws and regulations of multiple countries and regions. This presentation describes architecture principles for addressing the data privacy requirements sufficiently enough to operate these products in most of the global regions, not having region/country specific implementations but only regional deployment and configuration—enabling alignment among various cloud products (saving development and operation costs).

    The architecture aspects addressed include solutions for data classification, data residency, encryption, anonymization/pseudonymization, key management, user residency and user access control/identity management, consent management, audit trail, data breach detection/data loss prevention, storage redundancy/backup-restore, portability, and data subject related functionality (e.g., erasure of personal data).

  • Download

Part of a Collection

SATURN 2018 Presentations