Understanding Data Protection Regulations from a Data Management Perspective: A Capability-Based Approach to EU-GDPR
Détails
Télécharger: Understanding Data Protection Regulations from a Data Management.pdf (400.33 [Ko])
Etat: Public
Version: Final published version
Licence: Non spécifiée
Etat: Public
Version: Final published version
Licence: Non spécifiée
ID Serval
serval:BIB_65AAB323C49C
Type
Actes de conférence (partie): contribution originale à la littérature scientifique, publiée à l'occasion de conférences scientifiques, dans un ouvrage de compte-rendu (proceedings), ou dans l'édition spéciale d'un journal reconnu (conference proceedings).
Collection
Publications
Institution
Titre
Understanding Data Protection Regulations from a Data Management Perspective: A Capability-Based Approach to EU-GDPR
Titre de la conférence
Proceedings of the 14th International Conference on Wirtschaftsinformatik (2019)
Statut éditorial
Publié
Date de publication
24/02/2019
Peer-reviewed
Oui
Langue
anglais
Résumé
The European General Data Protection Regulation (EU-GDPR) has entered into force in May 2018. Its emphasis on individual control and organizational accountability constitutes a new paradigm that requires changes in the way organizations manage personal data. However, organizations face difficulties when implementing EU-GDPR due to a lack of common ground between legal and data management domains. Anchored in the resource-based view theory (RBV), this paper argues that the regulation requires companies to build a dedicated data management capability. It presents a capability model that was developed in an iterative design science process, integrating both interpretation of legal texts and practical insights from focus groups with more than 30 experts and from 3 EU-GDPR projects. The paper advances the regulatory compliance management literature by translating legal data protection concepts for the IS community. It also contributes to practice by enabling organization to set-up systematic approaches towards EU-GDPR compliance.
Mots-clé
EU-GDPR, Data Protection, Regulations, Compliance, Capabilities
Site de l'éditeur
Financement(s)
Autre / Competence Center Corporate Data Quality (CC CDQ)
Création de la notice
16/04/2020 22:28
Dernière modification de la notice
17/04/2020 6:09