R. Accorsi, Automated Privacy Audits to Complement the Notion of Control for Identity Management, pp.39-48, 2008.

R. Accorsi and T. Stocker, Automated Privacy Audits Based on Pruning of Log Data, 2008 12th Enterprise Distributed Object Computing Conference Workshops, 2008.
DOI : 10.1109/EDOCW.2008.18

J. Bace and C. Rozwell, Understanding the Components of Compliance, 2006.

K. Bailey, A three-level measurement model, Quality and Quantity, vol.12, issue.140, pp.225-245, 1984.
DOI : 10.1007/BF00156457

S. Banescu, M. Petkovi, and N. Zannone, Measuring Privacy Compliance Using Fitness Metrics, LNCS, vol.7481, pp.114-119, 2012.
DOI : 10.1007/978-3-642-32885-5_8

A. Boxwala, J. Kim, J. Grillo, and L. Ohno-machado, Using statistical and machine learning to help institutions detect suspicious access to electronic health records, Journal of the American Medical Informatics Association, vol.18, issue.4, pp.498-505, 2011.
DOI : 10.1136/amiajnl-2011-000217

D. Butin, L. Métayer, and D. , Log Analysis for Data Protection Accountability (Extended Version) Research report no, p.INRIA, 2013.

A. Cavoukian, The Security-privacy Paradox: Issues, Misconceptions and Strategies, Information Privacy Commission/Ontario and Deloitte & Touche, 2003.

Y. Chen and B. Malin, Detection of anomalous insiders in collaborative environments via relational analysis of access logs, Proceedings of the first ACM conference on Data and application security and privacy, CODASPY '11, pp.63-74
DOI : 10.1145/1943513.1943524

E. Duffy, Facilitating Patient and Administrator Analyses of Electronic Health Record Accesses, 2013.

D. Fabbri and K. Lefevre, Explanation-based auditing, Proc. of the VLDB Endowment, pp.1-12, 2011.
DOI : 10.14778/2047485.2047486

D. Garg, L. Jia, and A. Datta, Policy auditing over incomplete logs, Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pp.151-162, 2011.
DOI : 10.1145/2046707.2046726

S. Gupta, Modeling and Detecting Anomalous Topic Access in EMR Audit logs, 2013.

S. Heatley and J. Otto, Data mining computer audit logs to detect computer misuse, International Journal of Intelligent Systems in Accounting, Finance & Management, vol.7, issue.3, 1998.
DOI : 10.1002/(SICI)1099-1174(199809)7:3<125::AID-ISAF146>3.0.CO;2-L

M. Kahmer, M. Gilliot, and G. Muller, Automating Privacy Compliance with ExPDT, 2008 10th IEEE Conference on E-Commerce Technology and the Fifth IEEE Conference on Enterprise Computing, E-Commerce and E-Services, pp.87-94, 2008.
DOI : 10.1109/CECandEEE.2008.122

B. Kitchenham, Procedures for performing systematic reviews, 2004.

R. Nickerson, U. Varshney, and J. Muntermann, A method for taxonomy development and its application in information systems, European Journal of Information Systems, vol.17, issue.5, pp.336-359, 2013.
DOI : 10.1057/ejis.2008.38

S. Sackmann, M. Kähmer, M. Gilliot, and L. Lowis, A Classification Model for Automating Compliance, 2008 10th IEEE Conference on E-Commerce Technology and the Fifth IEEE Conference on Enterprise Computing, E-Commerce and E-Services, pp.79-86, 2008.
DOI : 10.1109/CECandEEE.2008.99

R. Samavi and M. P. Consens, L2TAP+SCIP: An Audit-based Privacy Framework Leveraging Linked Data, Proceedings of the 8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, pp.719-726, 2012.
DOI : 10.4108/icst.collaboratecom.2012.250607

H. S. Venter, M. S. Olivier, and J. H. Eloff, PIDS: a privacy intrusion detection system, Internet Research, vol.14, issue.5, pp.360-365, 2004.
DOI : 10.1145/293411.293778