Matters of Conceptualization and Security in the Building of One-stop-shop e-Government Solutions in Europe: Experiences from the European OneStopGov project.

Slides:



Advertisements
Similar presentations
1 COMPUTER GENERATED & STORED RECORDS CONTROLS Presented by COSCAP-SA.
Advertisements

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
The Data Protection (Jersey) Law 2005.
Auditing Computer Systems
Naklo, A.Komšo 1 eInvoices and Tax Regulation Andja Komšo Tax Administration.
1 Output Controls Ensure that system output is not lost, misdirected, or corrupted and that privacy is not violated. Exposures of this sort can cause serious.
Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005
Data Protection Overview
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
Lawyer at the Brussels Bar Lecturer at the University of Strasbourg Assistant at the University of Brussels Data Protection & Electronic Communications.
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.
CLOUD AND SECURITY: A LEGISLATOR'S PERSPECTIVE 6/7/2013.
Principle of Protection By C’Les Jensema About ARMA International and the Generally Accepted Recordkeeping Principles® ARMA International (
The Data Protection Act 1998 The Eight Principles.
Introduction To Plastic Card Industry (PCI) Data Security Standards (DSS) April 28,2012 Cathy Pettis, SVP ICUL Service Corporation.
Overview of the EU Food Safety Requirements
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
Insufficient personal data protection Personal Data protection Act.
Information Security What is Information Security?
Implementing Low-Cost e-Gov Solutions in Europe, in Africa, All over the Globe: Report on Experiences Marios Chatzidimitriou, Adamantios Koumpis ALTEC.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Data protection as an integral part of OOP implementations: The Austrian approach Peter Kustor.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN Stephen.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Workshop 4 Tutor: William Yeoh School of Computer and Information Science Secure and High Integrity System (INFT 3002)
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.
Prague, 19 – 22 April 2006 OneStopGov 4 th Eastern European e-Gov Days 2006 A life-event oriented framework and platform for one-stop government: The OneStopGov.
Contingency Management Indiana University of Pennsylvania John P. Draganosky.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
-1- WORKSHOP ON DATA PROTECTION AND DATA TRANSFERS TO THIRD COUNTRIES Technical and organizational security measures Skopje, 16 May - 17 May 2011 María.
LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.
Data Protection Laws in the European Union John Armstrong CMS Cameron McKenna.
Information Security and Privacy in HRIS
Judicial Training on Data Protection and Privacy Rights
COMPUTER SECURITY CONCEPTS
Issues of personal data protection in scientific research
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
GDPR Overview Gydeline – October 2017
GDPR Overview GDPR - General Data Protection Regulations
GDPR Overview Gydeline – October 2017
Data Protection & Freedom of Information- An Introduction
GENERAL DATA PROTECTION REGULATION (GDPR)
Cloud Access Security Broker Lets Enterprises Enforce Security and Compliance in Office 365 Partner Logo “Skyhigh helps us securely enable high-impact.
The General Data Protection Regulation (GDPR)
G.D.P.R General Data Protection Regulations
Archiving of Electronic Records
GDPR Workshop MEU Symposium Prague 2018
Information Handling Research Student Induction Day
Remote access to confidential data
The General Data Protection Regulation: Are You Ready?
Lorenzo Biasiolo 3°AI INFORMATION SECURITY.
Welcome IITA Inbound Insider Webinar: An Introduction to GDPR
PLANNING A SECURE BASELINE INSTALLATION
Dr Elizabeth Lomas The General Data Protection Regulation (GDPR): Changing the data protection landscape Dr Elizabeth Lomas
Neopay Practical Guides #2 PSD2 (Should I be worried?)
The supervision of personal data processing by EU institutions and bodies => data protection and privacy, why it matters, for you as citizens and as EU.
Definition Of Computer Security
Presentation transcript:

Matters of Conceptualization and Security in the Building of One-stop-shop e-Government Solutions in Europe: Experiences from the European OneStopGov project Marios Chatzidimitriou, Adamantios Koumpis ALTEC S.A. Research Division Greece

OneStopGov project Aims to specify, develop and evaluate a life- event oriented, integrated, interoperable platform for online one-stop government Life-event: a specific situation or event in the life of a citizen or a life cycle of an organization that requires a set of public services to be performed One-stop government: the integration of public services from a citizen’s point of view

Security in research projects Research projects do not take into account full and exact real world parameters, sometimes even the – most important one - security But customers do not risk investing in something they cannot see working Not taking into account the aspect of security in scope of the OneStopGov project, will  result in problem in designing the exploitation plan as OneStopGov project will be unable to be applied in real life situation  Create problems in convincing possible customers to invest

OneStopGov legislation aspects The European Union has prepared a number of Acts, Directives and Regulations  EU members have to follow and adapt them in their legislation OneStopGov will provide online government services, thus it is essential to  Be compliant with the legislation of the Public Authority’s country where it will be adopted  Be able to ensure data privacy and safety issues for the citizen

Data protection Data protection principles aim to establish conditions under which it is legitimate and lawful to process personal data Protection of personal data comprises organizational, technical, and logical- technical procedures and measures to  Protect personal data  Prevent accidental or deliberate unauthorized destruction, modification or loss of data  Prevent unauthorized processing of data

Personal data protection measures (1/2) Protecting premises, equipment and systems software, including input-output units Protecting software applications used to process personal data Preventing unauthorized access to personal data during transmission thereof, including transmission via telecommunications means and networks

Personal data protection measures (2/2) Ensuring effective methods of  Blocking  Destruction, erasure  Anonymisation of personal data Enabling subsequent determination of  when individual personal data were entered into a filing system, used or otherwise processed and  who did so

Data protection in OneStopGov A life-event comprises of many public services that have to be executed in a transparent way for the user The user should provide all data needed at once, and just wait for the result He should also be given the chance to store data he provides, or data that are resulted from previous life-events’ execution

Legal and security considerations Can data be stored in the e-Government portal for later use?  Yes, with permission of the person concerned for non-sensitive data  Personal data are considered sensitive if they refer to one’s: ethnic origin, national or ethnic minority, political choice or opinion, religious or other sorts of ideology, membership in unions, state of health, pathological addictions, sexual life, criminal records

Legal and security considerations What if user does not want any data stored?  Then according to legislation, the portal may store temporarily all the data until they are not needed any more  Data are discarded after the end of the life-event User should be able to view, verify the authenticity and accuracy of his or her own personal data

And after the software is ready… The computer on which the e-Government portal will be installed, must follow security measures:  Steady: uninterruptible power supply system, restricting user rights in computer systems, safe server rooms with alarm and access control  Temporal: periodic password exchange, archiving, antivirus control, computer stuff control, control of data storage for archives

Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.