Advanced search
1 file | 1.35 MB Add to list

Enterprise architecture management as a solution for addressing general data protection regulation requirements in a big data context: a systematic mapping study

Georgios Georgiadis (UGent) and Geert Poels (UGent)
Author
Organization
Abstract
Context: Big Data Analytics is a rapidly emerging IT practice whose applications offer benefits for a wide variety of business areas across an organisation. Given the wide scope of applications, the many types of processing involved, including those for purposes not yet foreseen, and the inherent privacy concerns resulting from collecting and storing personal data, the newly introduced General Data Protection Regulation (GDPR) poses specific challenges for safeguarding the security and protection of big data. These challenges are not limited to the IT function but extend across the entire organisation. This raises the question whether Enterprise Architecture Management (EAM), as an approach for ensuring the coherence, strategic alignment and focus on value creation of all organisational resources, offers guidance for addressing those challenges in a holistic manner, and thus provides a fruitful ground for developing an approach for complying to GDPR requirements in a Big Data context. Objective: This study surveys the state-of-the-art in research on security, privacy, and protection of big data. The focus is on investigating which specific issues and challenges have been identified and whether these have been linked to GDPR requirements. Further, it examines whether previous research has investigated the potential of EAM in addressing those challenges and what the main findings of those studies are. Method: We used Systematic Mapping Review (SMR), which is a methodology for literature review aimed at surveying the state-of-the-art in a research field as it is documented in the scientific literature. Further, we used Template Analysis, which is a thematic analysis technique, for coding the texts of the selected papers, classifying the research studies, and interpreting the different themes addressed in the literature. Results: Our study indicates that only few researchers have explored the use of EAM practices in relation to data security and protection in a Big Data context. We further identified seven trends within the areas under consideration that could be subjects for further research. Conclusions: Our study does not invalidate the potential of EAM to help addressing GDPR requirements in a Big Data context. However, how EAM practices may contribute to risk management and data governance in environments where big data are being processed, is still a huge research gap, which we intend to address in our future research.
Keywords
Big data, Data protection, Data protection directive, Enterprise architecture management, General data protection regulation, Governance, Information security, Privacy, Systematic literature mapping

Downloads

  • Georgiadis-Poels2021 Article EnterpriseArchitectureManageme.pdf
    • full text (Published version)
    • |
    • open access
    • |
    • PDF
    • |
    • 1.35 MB

Citation

Please use this url to cite or link to this publication:

MLA
Georgiadis, Georgios, and Geert Poels. “Enterprise Architecture Management as a Solution for Addressing General Data Protection Regulation Requirements in a Big Data Context: A Systematic Mapping Study.” INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT, SPRINGER HEIDELBERG, 2021, doi:doi.org/10.1007/s10257-020-00500-5.
APA
Georgiadis, G., & Poels, G. (2021). Enterprise architecture management as a solution for addressing general data protection regulation requirements in a big data context: a systematic mapping study. INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT. https://doi.org/doi.org/10.1007/s10257-020-00500-5
Chicago author-date
Georgiadis, Georgios, and Geert Poels. 2021. “Enterprise Architecture Management as a Solution for Addressing General Data Protection Regulation Requirements in a Big Data Context: A Systematic Mapping Study.” INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT. https://doi.org/doi.org/10.1007/s10257-020-00500-5.
Chicago author-date (all authors)
Georgiadis, Georgios, and Geert Poels. 2021. “Enterprise Architecture Management as a Solution for Addressing General Data Protection Regulation Requirements in a Big Data Context: A Systematic Mapping Study.” INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT. doi:doi.org/10.1007/s10257-020-00500-5.
Vancouver
1.
Georgiadis G, Poels G. Enterprise architecture management as a solution for addressing general data protection regulation requirements in a big data context: a systematic mapping study. INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT. 2021;
IEEE
[1]
G. Georgiadis and G. Poels, “Enterprise architecture management as a solution for addressing general data protection regulation requirements in a big data context: a systematic mapping study,” INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT, 2021.
@article{8688062,
  abstract     = {Context:
Big Data Analytics is a rapidly emerging IT practice whose applications offer benefits for a wide variety of business areas across an organisation. Given the wide scope of applications, the many types of processing involved, including those for purposes not yet foreseen, and the inherent privacy concerns resulting from collecting and storing personal data, the newly introduced General Data Protection Regulation (GDPR) poses specific challenges for safeguarding the security and protection of big data. These challenges are not limited to the IT function but extend across the entire organisation. This raises the question whether Enterprise Architecture Management (EAM), as an approach for ensuring the coherence, strategic alignment and focus on value creation of all organisational resources, offers guidance for addressing those challenges in a holistic manner, and thus provides a fruitful ground for developing an approach for complying to GDPR requirements in a Big Data context.


Objective:
This study surveys the state-of-the-art in research on security, privacy, and protection of big data. The focus is on investigating which specific issues and challenges have been identified and whether these have been linked to GDPR requirements. Further, it examines whether previous research has investigated the potential of EAM in addressing those challenges and what the main findings of those studies are.


Method:
We used Systematic Mapping Review (SMR), which is a methodology for literature review aimed at surveying the state-of-the-art in a research field as it is documented in the scientific literature. Further, we used Template Analysis, which is a thematic analysis technique, for coding the texts of the selected papers, classifying the research studies, and interpreting the different themes addressed in the literature.


Results:
Our study indicates that only few researchers have explored the use of EAM practices in relation to data security and protection in a Big Data context. We further identified seven trends within the areas under consideration that could be subjects for further research.


Conclusions:
Our study does not invalidate the potential of EAM to help addressing GDPR requirements in a Big Data context. However, how EAM practices may contribute to risk management and data governance in environments where big data are being processed, is still a huge research gap, which we intend to address in our future research.},
  author       = {Georgiadis, Georgios and Poels, Geert},
  journal      = {INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT},
  keywords     = {Big data,Data protection,Data protection directive,Enterprise  architecture management,General data protection regulation,Governance,Information security,Privacy,Systematic literature mapping},
  language     = {eng},
  pages        = {50},
  publisher    = {SPRINGER HEIDELBERG},
  title        = {Enterprise architecture management as a solution for addressing general data protection regulation requirements in a big data context: a systematic mapping study},
  url          = {http://dx.doi.org/doi.org/10.1007/s10257-020-00500-5},
  year         = {2021},
}

Altmetric
View in Altmetric
Web of Science
Times cited: