A Model Enabling Law Compliant Privacy Protection through the Selection and Evaluation of Appropriate Security Controls

This paper proposes a security controls selection model, that supports data controllers in their effort to methodologically choose security measures compliant to privacy protection laws being in force, and proposes a process to assess (methodologically) the privacy protection requirements according to the related legal provisions and the selected and implemented security controls.