1 PRIvacy Management Responsibility On a Scrutinized Environment (PRIMROSE) - A management method to address privacy challenges Nuno Alexandre Costa (ncaou@iscte-iul.pt) Instituto Universitário de Lisboa (ISCTE-IUL), Business Research Unit (BRU-IUL), Lisboa, Portugal J. M. Vilas-Boas da Silva (jmvbs@iscte.pt) Instituto Universitário de Lisboa (ISCTE-IUL), Business Research Unit (BRU-IUL), Lisboa, Portugal Isabel Duarte de Almeida (isabel.dalmeida@edu.ulusiada.pt) Universidade Lusíada, (CLISSIS-UL), Lisboa, Portugal Instituto Universitário de Lisboa (ISCTE-IUL), Lisboa, Portugal Monika Maria Möhring (monika.moehring@muk.thm.de) Management und Kommunikation, Technische Hochschule Mittelhessen (THM), Friedberg, Germany Abstract This paper's theoretical contribution is in reporting an innovative privacy management method designated as PRIMROSE - PRIvacy Management Responsibility On a Scrutinized Environment. Research contribution is in introducing a supported process concerning the effective efficient management of privacy requirements occurring in organizations. PRIMROSE was the outcome of deductive reasoning subjected to a focus group and eight DPO interviewees scrutiny. Practical contribution is in setting the missing link regarding a generally recognized privacy management method to guide practitioners in which the elements originate from the qualitative research supporting root definitions semantics, considering, among others, principles, stages, processes, enablers and composite requirements. Keywords: PRIMROSE, privacy management method, data protection. Introduction The European Union’s General Data Protection Regulation (GDPR) was enforced on 25 May 2018 and demands that organizations, i.e. data controllers and processors “implement appropriate technical and organizational measures" to safeguard the “ongoing confidentiality, integrity, availability and resilience of processing systems and services” (Regulation EU, 2016), regarding the management of personal information of EU citizens (Costa et al., 2018).