A4 Article in conference proceedings
A Review of GDPR Impacts on Information Security (2022)


Hirvonen, P. (2022). A Review of GDPR Impacts on Information Security. In PACIS 2022 : Proceedings of the 26th Pacific Asia Conference on Information Systems. AI-IS-ASIA : Artificial Intelligence, Information Systems, in Pacific Asia (Article 83). Association for Information Systems. https://aisel.aisnet.org/pacis2022/83/


JYU authors or editors


Publication details

All authors or editorsHirvonen, Pauliina

Parent publicationPACIS 2022 : Proceedings of the 26th Pacific Asia Conference on Information Systems. AI-IS-ASIA : Artificial Intelligence, Information Systems, in Pacific Asia

Place and date of conferenceTaipei/Sydney Virtual Conference5.-9.7.2022

eISBN978-1-958200-01-8

eISSN2689-6354

Publication year2022

Article number83

PublisherAssociation for Information Systems

Publication countryUnited States

Publication languageEnglish

Persistent website addresshttps://aisel.aisnet.org/pacis2022/83/

Publication open accessNot open

Publication channel open access

Publication is parallel published (JYX)https://jyx.jyu.fi/handle/123456789/84624


Abstract

The aim of this literature review is to understand GDPR impacts on information security in organisations. The research question is: What outcomes previous research reveal about the GDPR impacts on information security development? Findings indicated that GDPR has had several impacts divided in six categories here: user profiling and data collection, business impacts, management and compliance, personal competences, skills and career, authorization, authentication and notification obligation and data storage. Findings also indicated that even though GDPR had upraised information security and data protection requirements, it has caused also challenges. Previous research raised important separate issues of GDPR impacts of information security, but did not addressed topic comprehensively. Previous literature did not report best practices of how organisational GDPR impacts are examined. To fill this gap, the framework for observing GDPR impacts of organisations was built.


Keywordsorganisations (systems)data systemsperson registersdata protectiondata securityinformation managementriskseffects (results)businessliterature surveys


Contributing organizations


Ministry reportingYes

Reporting Year2022

JUFO rating1


Last updated on 2024-03-04 at 19:45