A4 Artikkeli konferenssijulkaisussa
Organisational GDPR Investments and Impacts (2023)
Hirvonen, P. (2023). Organisational GDPR Investments and Impacts. In A. Andreatos, & C. Douligeris (Eds.), Proceedings of the 22nd European Conference on Cyber Warfare and Security (pp. 584-591). Academic Conferences International. Proceedings of the European Conference on Cyber Warfare and Security, 22. https://doi.org/10.34190/eccws.22.1.1107
JYU-tekijät tai -toimittajat
Julkaisun tiedot
Julkaisun kaikki tekijät tai toimittajat: Hirvonen, Pauliina
Emojulkaisu: Proceedings of the 22nd European Conference on Cyber Warfare and Security
Emojulkaisun toimittajat: Andreatos, Antonios; Douligeris, Christos
Konferenssi:
- European Conference on Cyber Warfare and Security
Konferenssin paikka ja aika: Athens, Greece, 22.-23.6.2023
ISBN: 978-1-914587-69-6
eISBN: 978-1-914587-70-2
Lehti tai sarja: Proceedings of the European Conference on Cyber Warfare and Security
ISSN: 2048-8602
eISSN: 2048-8610
Julkaisuvuosi: 2023
Ilmestymispäivä: 19.06.2023
Sarjan numero: 22
Lehden numero: 1
Artikkelin sivunumerot: 584-591
Kirjan kokonaissivumäärä: 724
Kustantaja: Academic Conferences International
Julkaisumaa: Britannia
Julkaisun kieli: englanti
DOI: https://doi.org/10.34190/eccws.22.1.1107
Julkaisun avoin saatavuus: Avoimesti saatavilla
Julkaisukanavan avoin saatavuus: Kokonaan avoin julkaisukanava
Julkaisu on rinnakkaistallennettu (JYX): https://jyx.jyu.fi/handle/123456789/88127
Tiivistelmä
The aim of this empirical multi-case study is to understand the GDPR investments and impacts of the organisations. Among these, the measuring experiences related to GDPR and information security (Isec), and the future expectations are examined. Several interesting findings were recognised, which also enabled further suggestions. First, an understanding of the organisations’ investments and their impact is built by gathering information about the actions that organisations made to fulfil the GDPR requirements. In the second phase, it is deemed necessary to examine how organisations experience the measures and evaluation of GDPR development and progress, in order to understand how respondents, end up evaluating the impact of their investments. In the third phase it is considered necessary to consider the future development of GDPR and the challenges and opportunities it brings to organisations, in order to understand how the experiences so far affect preparations for the future. The final phase of evaluation focuses on finding out what impact the GDPR has had on organisations. On the one hand, it is possible that the total investment in the GDPR may also correlate with the development of the organisational Isec maturity, because GDPR has brought more resources and visibility to the organisation’s Isec, and operations have become more systematic. On the other hand, organisations with an already high level of Isec maturity and organisations operating in a regulatory-focused industry may accept the GDPR-based Isec investments more easily. If GDPR is tightly integrated with both the organisation’s information security and the business functions under the responsibility of executive management, it may support the organisation’s business and information security development. This research serves GDPR authorities, organisational executives, persons in charge of GDPR/information security/cybersecurity, service providers and academia.
YSO-asiasanat: tietoturva; tietosuoja; organisaatiot
Vapaat asiasanat: GDPR investments; empirical GDPR research; organisational GDPR impacts; privacy impacts; information security development; privacy development assessment
Liittyvät organisaatiot
OKM-raportointi: Kyllä
VIRTA-lähetysvuosi: 2023
JUFO-taso: 1
