Published in Data Science and Engineering (DSE) Record 2023 Vol. 4 No. 1 pp. 36-51
Abstract
This independent study is a comparative study on privacy impact assessment metrics on multi-domain transactional processing: case study of Registration Office, Chiang Mai University. a privacy impact assessment should be conducted on which personal data, and what the high-risk data are, in order to guide other entities that have multi-domain linkage for doing a DPIA (Data Protection Impact Assessment) on high-risk data to ensure the security of personal infor-mation Including the storage and management of various per-sonal info-mation appropriately. The researcher used the three tools, which include GS1 tool, iPIA tool, and SPIA tool, and conducted a DPIA using the ISO-IEC-27001-2013 Standard Framework and NIST Cybersecurity Framework to be guidelines for designing the specified DPIA.