DeepAI
Log In Sign Up

Are we there yet? Understanding the challenges faced in complying with the General Data Protection Regulation (GDPR)

08/22/2018
by   Sean Sirur, et al.
0

The EU General Data Protection Regulation (GDPR), enforced from 25th May 2018, aims to reform how organisations view and control the personal data of private EU citizens. The scope of GDPR is somewhat unprecedented: it regulates every aspect of personal data handling, includes hefty potential penalties for non-compliance, and can prosecute any company in the world that processes EU citizens' data. In this paper, we look behind the scenes to investigate the real challenges faced by organisations in engaging with the GDPR. This considers issues in working with the regulation, the implementation process, and how compliance is verified. Our research approach relies on literature but, more importantly, draws on detailed interviews with several organisations. Key findings include the fact that large organisations generally found GDPR compliance to be reasonable and doable. The same was found for small-to-medium organisations (SMEs/SMBs) that were highly security-oriented. SMEs with less focus on data protection struggled to make what they felt was a satisfactory attempt at compliance. The main issues faced in their compliance attempts emerged from: the sheer breadth of the regulation; questions around how to enact the qualitative recommendations of the regulation; and the need to map out the entirety of their complex data networks.

READ FULL TEXT

page 1

page 2

page 3

page 4

03/09/2019

Analyzing the Impact of GDPR on Storage Systems

The recently introduced General Data Protection Regulation (GDPR) is for...
07/23/2020

Model Driven Engineering for Data Protection and Privacy: Application and Experience with GDPR

In Europe and indeed worldwide, the General Data Protection Regulation (...
03/02/2021

Compliance Requirements in Large-Scale Software Development: An Industrial Case Study

Regulatory compliance is a well-studied area, including research on how ...
05/31/2022

DLT Compliance Reporting

The IS discourse on the potential of distributed ledger technology (DLT)...
01/16/2020

Fast Compliance Checking with General Vocabularies

We address the problem of complying with the GDPR while processing and t...
05/22/2022

rgpdOS: GDPR Enforcement By The Operating System

The General Data Protection Regulation (GDPR) forces IT companies to com...