Data Privacy Assessment: An Exemplary Case for Higher Education Institutions
The European General Data Protection Regulation (GDPR), which became applicable in May 2018, obliges companies and thus Higher Education Institutions (HEIs) to (re)assess their data privacy procedures, in particular the processing of personal data. As the new law unfolds an extraterritorial scope,...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
International School for Social and Business Studies
2019-12-01
|
| Series: | International Journal of Management, Knowledge and Learning |
| Subjects: | |
| Online Access: | https://www.issbs.si/press/ISSN/2232-5697/8_221-241.pdf |
| Summary: | The European General Data Protection Regulation (GDPR), which became applicable in May 2018, obliges companies and thus Higher Education Institutions (HEIs) to (re)assess their data privacy procedures, in particular the
processing of personal data. As the new law unfolds an extraterritorial scope,
HEIs located outside the European Union (EU) also need to examine whether
they are affected, and, if so, take the necessary measures. There is a lack
of discussion and approaches in the current literature as to how HEIs can
comply with the GDPR regulations. The aim of this study is therefore to analyse scientific publications in order to deliver two results: Firstly, consolidated
relevant recommendations and requirements in the context of GDPR, and,
secondly, an instrument to help HEIs to raise their GDPR awareness. The latter was built by applying design science guidelines and resulted on a whole
of 44 controls that yield a total score. The resulting value can serve as an indicator of HEI’s accordance with GDPR regulations. In addition, the compiled
controls can be used as a management instrument to assess the measures
taken and to continuously promote compliance with GDPR. |
|---|---|
| ISSN: | 2232-5107 2232-5697 |