K. A. Bamberger and D. K. Mulligan, Privacy on the Ground: Driving Corporate Behaviour in the United States and Europe, 2015.

A. Barth, D. Anupam, J. C. Mitchell, and H. F. Nissenbaum, Privacy and contextual integrity: Framework and applications, 2006 Symposium on Security and Privacy, pp.184-198, 2006.

J. S. Bruner, Actual minds, possible worlds

M. A. Cambridge, , 1986.

. Bs-iso-31000, British standards document bs iso 31000:2009: Risk management. principles and guidelines. Tech. rep., British Standard and the International Organization for Standardization, 2009.

, Care Quality Commission (CQC): Care quality commission, 2018.

A. Conley, A. Datta, N. Helen, and D. Sharma, Sustaining privacy and open justice in the transition to online court records: A multidisciplinary inquiry, Maryland Law Review, vol.71, issue.3, pp.772-847, 2012.

J. Darakhshan, Y. Shvartzshnaider, and M. Latonero, It takes a village: A community based participatory framework for privacy design, IEEE European Symposium on Security and Privacy Workshops, Security and Privacy Workshops, pp.112-115, 2018.

A. E. Demirci, Change-specific cynicism as a determinant of employee resistance to change, Is, Guc: The Journal of Industrial Relations and Human Resources, vol.18, issue.4, pp.1-20, 2016.

, European Parliament and the Council of Europe: General data protection regulation (gdpr), Europe, 2016.

F. S. Grodzinsky and H. T. Tavani, Privacy in "the cloud": Applying nissenbaum's theory of contextual integrity, SIGCAS Comput. Soc, vol.41, issue.1, pp.38-47, 2011.

D. C. Hall, Making risk assessments more comparable and repeatable, Systems Engineering, vol.14, issue.2, pp.173-179, 2011.

J. Henriksen-bulmer and S. Faily, Applying contextual integrity to open data publishing, Proceedings of the 31st British HCI Group Annual Conference on People and Computers: Digital Make Believe, 2017.

, ICO: Preparing for the general data protection regulation (gdpr): 12 steps to take now, 2017.

, ICO: General data protection regulation (gdpr) faqs for charities, 2018.

, ISO/IEC 29100: BS ISO/IEC29100: Information technology -security techniques -privacy framework. Tech. rep., British Standard and the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), 2011.

Y. Krupa and L. Vercouter, Handling privacy as contextual integrity in decentralized virtual communities: The privacias framework, Web Intelligence and Agent Systems, vol.10, issue.1, pp.105-116, 2012.

D. K. Mulligan, C. Koopman, and N. Doty, Privacy is an essentially contested concept: a multi-dimensional analytic for mapping privacy, Philosophical Transactions. Series A, Mathematical, Physical, And Engineering Sciences, vol.374, p.19, 2016.

H. Nissenbaum, Privacy as contextual integrity, Washington Law Review, vol.79, issue.1, pp.119-158, 2004.

H. F. Nissenbaum, Privacy in Context: Technology, Policy, and the Integrity of Social Life, 2010.

, NIST: Guide to protecting the confidentiality of personally identifiable information (pii)

, NIST: Guide for conducting risk assessments, National Institute of Standards and Technology

L. Palen and P. Dourish, Unpacking 'privacy' for a networked world, CHI -CONFERENCE, pp.129-136, 2003.

T. Rooney, K. Lawlor, and E. Rohan, Telling tales: Storytelling as a methodological approach in research, Electronic Journal of Business Research Methods, vol.14, issue.2, pp.147-156, 2016.

P. Sanchez-abril, A. Levin, and A. Del-riego, Blurred boundaries: Social media privacy and the twenty-first-century employee, American Business Law Journal, vol.49, issue.1, pp.63-124, 2012.

R. K. Sar and Y. Al-saggaf, Contextual integrity's decision heuristic and the tracking by social network sites, Ethics and Information Technology, vol.16, issue.1, pp.15-26, 2013.

D. J. Solove, A taxonomy of privacy, University of Pennsylvania Law Review, vol.154, issue.3, pp.477-564, 2006.

S. D. Warren and L. D. Brandeis, The right to privacy, Harvard Law Review IV, issue.5, pp.193-220, 1890.

A. F. Westin, Science, privacy, and freedom: Issues and proposals for the 1970's. part i-the current impact of surveillance on privacy, Columbia Law Review, vol.66, issue.6, pp.1003-1050, 1966.

, uk: Data protection act, 2018.

R. K. Yin, Case study research : design and methods, 2013.