Authors: Jarkko Hyysalo ; Harri Hirvonsalo ; Jaakko Sauvola and Samuli Tuoriniemi

Affiliation: University of Oulu, Finland

ISBN: 978-989-758-194-6

Keyword(s): Consent Management, Digital Health, Data Intensive Services, Sensitive Transactions, Security Architecture.

Abstract: Digitalization of data intensive services presents several challenges, such as how to safely manage and use the multitude of personal data across various public, private and commercial service providers. Guaranteed privacy is especially critical in sensitive cases like health data management and processing. A key challenge and enabler for efficient data utilization is the need for an adequate consent management framework that meets the General Data Protection Regulation (GDPR). To facilitate sensitive secure data transactions where end-control always resides with the individual, a consent management architecture (CMA) is defined, utilizing the new MyData approach. The proposed CMA enables context-driven authorization of multi-sourced data for safe access by various health services. CMA proof-of-concept and experiences are described and discussed to concretize and evaluate the suggested architecture. Consent management and authorization topics are discussed as a service function of the MyData Operator. The technical APIs required for registering and authorizing data sources and data services via the Operator are demonstrated and analyzed to expedite development of this important area within the research and industrial communities. (More)

Paper citation in several formats:
Hyysalo, J.; Hirvonsalo, H.; Sauvola, J. and Tuoriniemi, S. (2016). Consent Management Architecture for Secure Data Transactions.In Proceedings of the 11th International Joint Conference on Software Technologies - Volume 1: ICSOFT-EA, (ICSOFT 2016) ISBN 978-989-758-194-6, pages 125-132. DOI: 10.5220/0005941301250132

