Data Privacy Assessment: An Exemplary Case for Higher Education Institutions
Data Privacy Assessment: An Exemplary Case for Higher Education Institutions
Author(s): Ali Habbabeh, Bettina Schneider, Petra Maria AsprionSubject(s): Higher Education , ICT Information and Communications Technologies
Published by: Mednarodna fakulteta za družbene in poslovne študije
Keywords: assessment instrument; assessment tool; data privacy; European General Data Protection Regulation; higher education institutions;
Summary/Abstract: The European General Data Protection Regulation (GDPR), which became applicable in May 2018, obliges companies and thus Higher Education Institutions (HEIs) to (re)assess their data privacy procedures, in particular the processing of personal data. As the new law unfolds an extraterritorial scope, HEIs located outside the European Union (EU) also need to examine whether they are affected, and, if so, take the necessary measures. There is a lack of discussion and approaches in the current literature as to how HEIs can comply with the GDPR regulations. The aim of this study is therefore to analyse scientific publications in order to deliver two results: Firstly, consolidated relevant recommendations and requirements in the context of GDPR, and, secondly, an instrument to help HEIs to raise their GDPR awareness. The latter was built by applying design science guidelines and resulted on a whole of 44 controls that yield a total score. The resulting value can serve as an indicator of HEI’s accordance with GDPR regulations. In addition, the compiled controls can be used as a management instrument to assess the measures taken and to continuously promote compliance with GDPR.
Journal: International Journal of Management, Knowledge and Learning
- Issue Year: 8/2019
- Issue No: 2
- Page Range: 221-241
- Page Count: 21
- Language: English