{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,15]],"date-time":"2026-06-15T10:56:17Z","timestamp":1781520977451,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":15,"publisher":"ACM","license":[{"start":{"date-parts":[[2026,6,16]],"date-time":"2026-06-16T00:00:00Z","timestamp":1781568000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2026,6,17]]},"DOI":"10.1145\/3816713.3818219","type":"proceedings-article","created":{"date-parts":[[2026,6,15]],"date-time":"2026-06-15T10:34:51Z","timestamp":1781519691000},"page":"1-8","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Towards a data model for mapping the Personal Data Protection Act (PDPA) of Thailand onto the European General Data Protection Regulation (GDPR)"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-0580-0241","authenticated-orcid":false,"given":"Worarat","family":"Krathu","sequence":"first","affiliation":[{"name":"School of Information Technology, KMUTT, Thungkru, Bangkok, Thailand"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-7022-450X","authenticated-orcid":false,"given":"Sunisa","family":"Sathapornvajana","sequence":"additional","affiliation":[{"name":"School of Information Technology, KMUTT, Thungkru, Bangkok, Thailand"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1684-3865","authenticated-orcid":false,"given":"Maleerat","family":"Maliyaem","sequence":"additional","affiliation":[{"name":"King Mongkut's University of Technology North Bangkok, Bangsue, Bangkok, Thailand"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-5851-6703","authenticated-orcid":false,"given":"Hathairat","family":"Ketmaneechairat","sequence":"additional","affiliation":[{"name":"King Mongkut's University of Technology North Bangkok, Bangsue, Bangkok, Thailand"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0250-6884","authenticated-orcid":false,"given":"Guntur Budi","family":"Herwanto","sequence":"additional","affiliation":[{"name":"Universitas Gadjah Mada, Daerah Istimewa, Yogyakarta, Indonesia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0665-6126","authenticated-orcid":false,"given":"Edgar","family":"Weippl","sequence":"additional","affiliation":[{"name":"University of Vienna, Vienna, Wien, Austria"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2998-742X","authenticated-orcid":false,"given":"Gerald","family":"Quirchmayr","sequence":"additional","affiliation":[{"name":"University of Vienna, Vienna, Wien, Austria"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8295-9252","authenticated-orcid":false,"given":"A Min","family":"Tjoa","sequence":"additional","affiliation":[{"name":"Vienna University of Technology, Vienna, Wien, Austria"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2026,6,16]]},"reference":[{"key":"e_1_3_3_1_2_2","volume-title":"The Standard Data Protection Model: A method for Data Protection advising and controlling on the basis of uniform protection goals (Version 3.0a)","author":"L\u00e4nder Conference of the Independent Data Protection Supervisory Authorities of the Federation and the","year":"2022","unstructured":"Conference of the Independent Data Protection Supervisory Authorities of the Federation and the L\u00e4nder. 2022. The Standard Data Protection Model: A method for Data Protection advising and controlling on the basis of uniform protection goals (Version 3.0a). Technical Report. AK Technik of the Independent Data Protection Supervisory Authorities of the Federation and the L\u00e4nder. https:\/\/www.datenschutz-mv.de\/static\/DS\/Dateien\/Datenschutzmodell\/SDM_V3_en.pdf"},{"key":"e_1_3_3_1_3_2","doi-asserted-by":"publisher","unstructured":"Benjamin Edwards Steven Hofmeyr and Stephanie Forrest. 2016. Hype and heavy tails: A closer look at data breaches. Journal of Cybersecurity 2 1 (December 2016) 3\u201314. 10.1093\/cybsec\/tyw003","DOI":"10.1093\/cybsec\/tyw003"},{"key":"e_1_3_3_1_4_2","volume-title":"PDPA Self-Assessment Checklist for Organizations","author":"(ETDA) Electronic Transactions Development Agency","year":"2021","unstructured":"Electronic Transactions Development Agency (ETDA). 2021. PDPA Self-Assessment Checklist for Organizations. Technical Report. Ministry of Digital Economy and Society."},{"key":"e_1_3_3_1_5_2","unstructured":"European Union. 2016. Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95\/46\/EC (General Data Protection Regulation). OJ L 119 4.5.2016 p. 1\u201388. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016R0679"},{"key":"e_1_3_3_1_6_2","doi-asserted-by":"publisher","unstructured":"Emad Fallatah. 2025. Ensuring Compliance: Data Privacy Audits Under Global Privacy Regulations. International Journal of Applied Economics Finance and Accounting 22 (2025) 133\u2013144. 10.33094\/ijaefa.v22i2.2308","DOI":"10.33094\/ijaefa.v22i2.2308"},{"key":"e_1_3_3_1_7_2","unstructured":"GDPR.eu. n. d.. GDPR compliance checklist. https:\/\/gdpr.eu\/checklist\/ Retrieved May 9 2026."},{"key":"e_1_3_3_1_8_2","unstructured":"Kingdom of Thailand. 2019. Personal Data Protection Act B.E. 2562 (2019). Royal Thai Government Gazette Vol. 136 Part 69 A 24 May 2019. https:\/\/ratchakitcha.soc.go.th\/documents\/17082307.pdf"},{"key":"e_1_3_3_1_9_2","unstructured":"Mahidol University. [n. d.]. Faculty-level MU PDPA Compliance Checklist. https:\/\/privacy.mahidol.ac.th\/pdpa-mu-checklist\/ Retrieved May 9 2026."},{"key":"e_1_3_3_1_10_2","doi-asserted-by":"publisher","unstructured":"Raimundas Matulevi\u010dius Jake Tom Kaspar Kala and Eduard Sing. 2020. A Method for Managing GDPR Compliance in Business Processes. 10.1007\/978-3-030-58135-0_9","DOI":"10.1007\/978-3-030-58135-0_9"},{"key":"e_1_3_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-93417-4_31"},{"key":"e_1_3_3_1_12_2","doi-asserted-by":"crossref","unstructured":"N. Pantlin C. Wiseman and M. Everett. 2018. Supply chain arrangements: The ABC to GDPR compliance\u2014A spotlight on emerging market practice in supplier contracts in light of the GDPR. Computer law & Security review 34 4 (2018) 881\u2013885.","DOI":"10.1016\/j.clsr.2018.06.009"},{"key":"e_1_3_3_1_13_2","unstructured":"Personal Data Protection Committee (PDPC). 2023. Guidelines for Personal Data Controllers and Personal Data Processors Based on Consultations Regarding the Enforcement of the Personal Data Protection Act B.E. 2562 (2019). https:\/\/www.pdpc.or.th\/10801\/ Retrieved May 9 2026."},{"key":"e_1_3_3_1_14_2","unstructured":"Personal Data Protection Committee (PDPC). 2023. Practical Guideline Manual on the Principles and Scope of Personal Data Protection under the Official Information Act B.E. 2540 (1997) and the Personal Data Protection Act B.E. 2562 (2019). https:\/\/www.pdpc.or.th\/10794\/ Retrieved May 9 2026."},{"key":"e_1_3_3_1_15_2","unstructured":"Rajamangala University of Technology Phra Nakhon. [n. d.]. Checklist for Compliance with the Personal Data Protection Act B.E. 2562 (PDPA) for Units of Rajamangala University of Technology Phra Nakhon. https:\/\/www.rmutp.ac.th\/web2561\/wp-content\/uploads\/2022\/10\/2_6_RMUTP_PDPA_Compliance_Checklist_v0.pdf Retrieved May 9 2026."},{"key":"e_1_3_3_1_16_2","doi-asserted-by":"publisher","unstructured":"Charnsak Srisawatsakul Waransanang Boontarig and Gerald Quirchmayr. 2023. A Process Model for Data Protection Impact Assessment in Thailand\u2019s Healthcare Sector. ICIC Express Letters 17 (2023) 81\u201390. 10.24507\/icicel.17.01.81","DOI":"10.24507\/icicel.17.01.81"}],"event":{"name":"IAIT 2026: 14th International Conference on Advances in Information Technology","location":"Bangkok Thailand","acronym":"IAIT '26"},"container-title":["Proceedings of the 14th International Conference on Advances in Information Technology"],"original-title":[],"deposited":{"date-parts":[[2026,6,15]],"date-time":"2026-06-15T10:37:34Z","timestamp":1781519854000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3816713.3818219"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6,16]]},"references-count":15,"alternative-id":["10.1145\/3816713.3818219","10.1145\/3816713"],"URL":"https:\/\/doi.org\/10.1145\/3816713.3818219","relation":{},"subject":[],"published":{"date-parts":[[2026,6,16]]},"assertion":[{"value":"2026-06-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}