{"title":"Studying Data Privacy Management in Small and Medium-Sized IT Companies","authors":"M. Jäntti","doi":"10.1109/IIT50501.2020.9299050","DOIUrl":null,"url":null,"abstract":"Today, poorly implemented information security and data privacy measures may cause significant threats to companies’ existence and business continuity. Additionally, European Union has established strong data protection regulation rules for companies operating within EU. In order to be compliant with these new rules and regulations, organizations have to put a lot of resources to create data privacy policies and plans as well as to adjust tools to manage data privacy requests and fullfill privacy by design and privacy by default principles. Especially for small and medium-sized (SME) Information Technology (IT) firms and software development organizations with limited resources, new GDPR legislation and stricter requirements for information security have caused several challenges and uncertainty on what is adequate level of data privacy. In this paper, we focus on exploring Finnish IT SMEs and their actions and feelings on data privacy and information security. The research problem of this study is: How small and medium sized companies have prepared for growing data privacy and information security requirements? The main contribution of this paper is to show how small and medium sized IT companies in Northern Savo region did prepare for EU data privacy regulation and what types of challenges did exist in the GDPR preparation phase.","PeriodicalId":128526,"journal":{"name":"2020 14th International Conference on Innovations in Information Technology (IIT)","volume":"150 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 14th International Conference on Innovations in Information Technology (IIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IIT50501.2020.9299050","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Today, poorly implemented information security and data privacy measures may cause significant threats to companies’ existence and business continuity. Additionally, European Union has established strong data protection regulation rules for companies operating within EU. In order to be compliant with these new rules and regulations, organizations have to put a lot of resources to create data privacy policies and plans as well as to adjust tools to manage data privacy requests and fullfill privacy by design and privacy by default principles. Especially for small and medium-sized (SME) Information Technology (IT) firms and software development organizations with limited resources, new GDPR legislation and stricter requirements for information security have caused several challenges and uncertainty on what is adequate level of data privacy. In this paper, we focus on exploring Finnish IT SMEs and their actions and feelings on data privacy and information security. The research problem of this study is: How small and medium sized companies have prepared for growing data privacy and information security requirements? The main contribution of this paper is to show how small and medium sized IT companies in Northern Savo region did prepare for EU data privacy regulation and what types of challenges did exist in the GDPR preparation phase.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
