{"title":"了解商业企业实施 GDPR 所面临的挑战:系统性文献综述","authors":"Yelena Smirnova, Victoriano Travieso-Morales","doi":"10.1108/ijlma-08-2023-0170","DOIUrl":null,"url":null,"abstract":"<h3>Purpose</h3>\n<p>The general data protection regulation (GDPR) was designed to address privacy challenges posed by globalisation and rapid technological advancements; however, its implementation has also introduced new hurdles for companies. This study aims to analyse and synthesise the existing literature that focuses on challenges of GDPR implementation in business enterprises, while also outlining the directions for future research.</p><!--/ Abstract__block -->\n<h3>Design/methodology/approach</h3>\n<p>The methodology of this review follows the preferred reporting items for systematic reviews and meta-analysis guidelines. It uses an extensive search strategy across Scopus and Web of Science databases, rigorously applying inclusion and exclusion criteria, yielding a detailed analysis of 16 selected studies that concentrate on GDPR implementation challenges in business organisations.</p><!--/ Abstract__block -->\n<h3>Findings</h3>\n<p>The findings indicate a predominant use of conceptual study methodologies in prior research, often limited to specific countries and technology-driven sectors. There is also an inclination towards exploring GDPR challenges within small and medium enterprises, while larger enterprises remain comparatively unexplored. Additionally, further investigation is needed to understand the implications of emerging technologies on GDPR compliance.</p><!--/ Abstract__block -->\n<h3>Research limitations/implications</h3>\n<p>This study’s limitations include reliance of the search strategy on two databases, potential exclusion of relevant research, limited existing literature on GDPR implementation challenges in business context and possible influence of diverse methodologies and contexts of previous studies on generalisability of the findings.</p><!--/ Abstract__block -->\n<h3>Originality/value</h3>\n<p>The originality of this review lies in its exclusive focus on analysing GDPR implementation challenges within the business context, coupled with a fresh categorisation of these challenges into technical, legal, organisational, and regulatory dimensions.</p><!--/ Abstract__block -->","PeriodicalId":46125,"journal":{"name":"International Journal of Law and Management","volume":"22 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2024-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Understanding challenges of GDPR implementation in business enterprises: a systematic literature review\",\"authors\":\"Yelena Smirnova, Victoriano Travieso-Morales\",\"doi\":\"10.1108/ijlma-08-2023-0170\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<h3>Purpose</h3>\\n<p>The general data protection regulation (GDPR) was designed to address privacy challenges posed by globalisation and rapid technological advancements; however, its implementation has also introduced new hurdles for companies. This study aims to analyse and synthesise the existing literature that focuses on challenges of GDPR implementation in business enterprises, while also outlining the directions for future research.</p><!--/ Abstract__block -->\\n<h3>Design/methodology/approach</h3>\\n<p>The methodology of this review follows the preferred reporting items for systematic reviews and meta-analysis guidelines. It uses an extensive search strategy across Scopus and Web of Science databases, rigorously applying inclusion and exclusion criteria, yielding a detailed analysis of 16 selected studies that concentrate on GDPR implementation challenges in business organisations.</p><!--/ Abstract__block -->\\n<h3>Findings</h3>\\n<p>The findings indicate a predominant use of conceptual study methodologies in prior research, often limited to specific countries and technology-driven sectors. There is also an inclination towards exploring GDPR challenges within small and medium enterprises, while larger enterprises remain comparatively unexplored. Additionally, further investigation is needed to understand the implications of emerging technologies on GDPR compliance.</p><!--/ Abstract__block -->\\n<h3>Research limitations/implications</h3>\\n<p>This study’s limitations include reliance of the search strategy on two databases, potential exclusion of relevant research, limited existing literature on GDPR implementation challenges in business context and possible influence of diverse methodologies and contexts of previous studies on generalisability of the findings.</p><!--/ Abstract__block -->\\n<h3>Originality/value</h3>\\n<p>The originality of this review lies in its exclusive focus on analysing GDPR implementation challenges within the business context, coupled with a fresh categorisation of these challenges into technical, legal, organisational, and regulatory dimensions.</p><!--/ Abstract__block -->\",\"PeriodicalId\":46125,\"journal\":{\"name\":\"International Journal of Law and Management\",\"volume\":\"22 1\",\"pages\":\"\"},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2024-01-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Law and Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1108/ijlma-08-2023-0170\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Law and Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ijlma-08-2023-0170","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}
引用次数: 0
摘要
目的《一般数据保护条例》(GDPR)旨在应对全球化和快速技术进步带来的隐私挑战;然而,该条例的实施也为企业带来了新的障碍。本研究旨在分析和综合现有文献,重点关注商业企业实施 GDPR 所面临的挑战,同时勾勒出未来研究的方向。 设计/方法/途径 本综述的方法遵循系统综述和荟萃分析指南的首选报告项目。本综述在 Scopus 和 Web of Science 数据库中采用了广泛的搜索策略,严格应用了纳入和排除标准,对 16 项选定的研究进行了详细分析,这些研究集中于企业组织中的 GDPR 实施挑战。此外,还倾向于探讨中小型企业面临的 GDPR 挑战,而大型企业相对而言仍未得到探讨。本研究的局限性包括:搜索策略依赖于两个数据库、可能排除相关研究、有关企业背景下 GDPR 实施挑战的现有文献有限,以及先前研究的不同方法和背景可能对研究结果的普遍性产生影响。
Understanding challenges of GDPR implementation in business enterprises: a systematic literature review
Purpose
The general data protection regulation (GDPR) was designed to address privacy challenges posed by globalisation and rapid technological advancements; however, its implementation has also introduced new hurdles for companies. This study aims to analyse and synthesise the existing literature that focuses on challenges of GDPR implementation in business enterprises, while also outlining the directions for future research.
Design/methodology/approach
The methodology of this review follows the preferred reporting items for systematic reviews and meta-analysis guidelines. It uses an extensive search strategy across Scopus and Web of Science databases, rigorously applying inclusion and exclusion criteria, yielding a detailed analysis of 16 selected studies that concentrate on GDPR implementation challenges in business organisations.
Findings
The findings indicate a predominant use of conceptual study methodologies in prior research, often limited to specific countries and technology-driven sectors. There is also an inclination towards exploring GDPR challenges within small and medium enterprises, while larger enterprises remain comparatively unexplored. Additionally, further investigation is needed to understand the implications of emerging technologies on GDPR compliance.
Research limitations/implications
This study’s limitations include reliance of the search strategy on two databases, potential exclusion of relevant research, limited existing literature on GDPR implementation challenges in business context and possible influence of diverse methodologies and contexts of previous studies on generalisability of the findings.
Originality/value
The originality of this review lies in its exclusive focus on analysing GDPR implementation challenges within the business context, coupled with a fresh categorisation of these challenges into technical, legal, organisational, and regulatory dimensions.
期刊介绍:
The International Journal of Law and Management is a leading journal addressing all aspects of regulation and law as they impact on organisational development, operations and leadership. Organisations and their leaders operate in an increasingly complex world of emerging regulation across national and international boundaries. The International Journal of Law and Management seeks to acknowledge the dynamics of that environment and provide a platform for articles and contributions to stimulate scholarly debate in the development of law and practice. The International Journal of Law and Management seeks to present the latest research on policy, practice and theoretical perspectives and their impact on the development and leadership of organisations. Contributions of a multi-disciplinary nature are welcome. Coverage includes, but is not limited to: -Employment and industrial law- Corporate governance and social responsibility- Intellectual property- Corporate law and finance- Insolvency- Commercial law and consumer protection- Environmental law- Taxation- Competition law- Regulatory theory