Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/59941

Making Sense of the General Data Protection Regulation—Four Categories of Personal Data Access Challenges

File Size Format  
0501.pdf 349.25 kB Adobe PDF View/Open

Item Summary

Title:Making Sense of the General Data Protection Regulation—Four Categories of Personal Data Access Challenges
Authors:Grundstrom, Casandra
Väyrynen, Karin
Iivari, Netta
Isomursu, Minna
Keywords:Privacy and Economics
Internet and the Digital Economy
data access, GDPR, insurance organizations, personal data, sensemaking
Date Issued:08 Jan 2019
Abstract:The General Data Protection Regulation (GDPR) was enforced in the pan-European area on May 25th, 2018. From the perspective of data access research, among others, this introduces significant changes into organizations and their practices. However, so far, there is limited research offering insights into such a new policy phenomenon for organizations from the perspective of access to personal data. This paper is based on an ethnographic study of a 2-day workshop in which five European insurance organizations came together to share the results of sensemaking in their organizations and knowledge around the GDPR. We examined how the participants interpreted the GDPR and the compliance challenges they faced. These challenges are categorized into four dimensions of personal data access, as follows: Procedure, Protection, Privacy, and Proliferation. These challenges are significant for any organization that acts as a processor and/or controller to consider.
Pages/Duration:10 pages
URI:http://hdl.handle.net/10125/59941
ISBN:978-0-9981331-2-6
DOI:10.24251/HICSS.2019.605
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
https://creativecommons.org/licenses/by-nc-nd/4.0/
Appears in Collections: Privacy and Economics


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons