Remote Work and Data Protection: How do Organisations Secure Personal Data Protection Compliance from Home?
DOI:
https://doi.org/10.34630/bobcatsss.vi.4983Keywords:
data protection, GDPR, information security, remote work, digital transformationAbstract
In the Information Society, business processes tend to become increasingly digital and operate in the virtual world. With the recent pandemic, this transformation has become almost mandatory. With their workers performing their duties remotely, organisations feel the need to digitally adapt their processes. Among several aspects of concern in these transmutations, one stands out: data protection. How can data protection be controlled remotely? Workers take to their homes their work equipment, their documents and their information with them - full of personal data. With the entry into force of the GDPR, organisations have a duty to register the treatment of information containing personal data. This requires that information circuits be controlled, i.e., a mapping of business processes and the information contained and transmitted in them. A case study was carried out with focus on the activities of the Data Protection Group of a private Portuguese research and development company in order to discover how an organisation, where the main asset is information, controls and monitors data protection compliance.
References
Babbs, A. (2020). How to leverage data security in a post-Covid world. Computer Fraud & Security, 2020(10), 8–11. https://doi.org/10.1016/S1361-3723(20)30107-X
Borkovich, D. J., & Skovira, R. J. (2020). Working From Home: Cybersecurity in the Age of Covid-19. Issues in Information Systems, 21(4), 234–246. Retrieved from https://www.iacis.org/iis/2020/4_iis_2020_234-246.pdf
Comissão Nacional de Proteção de Dados. (2020). Orientações sobre o controlo à distância em regime de teletrabalho.
European Parliament, & Council of the European Union. (2016). Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the European Union. Retrieved from: https://eur-lex.europa.eu/eli/reg/2016/679/oj
INESC TEC. (2020). INESC TEC - Institution. Retrieved May 14, 2020, from https://www.inesctec.pt/en/institution
Koehler, T., Cervini, P., & Vetter, J. (2020). The abrupt shift to remote working has amplified cyber security problems. Retrieved from http://eprints.lse.ac.uk/106456/1/usapp_2020_08_22_the_abrupt_shift_to_remote_working_has_ amplified.pdf
Lueck, M. (2020). GDPR in the new remote-working normal. Computer Fraud & Security, 8, 14– 16. https://doi.org/10.1016/S1361-3723(20)30086-5
Malecki, F. (2020). Overcoming the security risks of remote working. Computer Fraud & Security, 7, 10–12. https://doi.org/10.1016/S1361-3723(20)30074-9
Nagel, L. (2020). The influence of the COVID-19 pandemic on the digital transformation of work. International Journal of Sociology and Social Policy, (ahead-of-print). https://doi.org/10.1108/IJSSP-07-2020-0323
Peltier, T. R. (2014). Information Security Fundamentals (Second Edi). CRC Press. Retrieved from https://books.google.pt/books?id=MSPFAAAAQBAJ
Pham, M. (2020). COVID-19 and the Future of Work Security: Is Remote Work Really Secure? Retrieved from https://www.wrike.com/blog/remote-work-security-survey/
Ridder, H. G. (2017). The theory contribution of case study research designs. Business Research, 10(2), 281–305. https://doi.org/10.1007/s40685-017-0045-z
Schallmo, D. R. A., & Williams, C. A. (2018). History of Digital Transformation. In Digital Transformation Now! Guiding the Successful Digitalization of Your Business Model (pp. 3–8). Cham, Switzerland: Springer Nature. https://doi.org/10.1007/978-3-319-72844-5_2
Škiljić, A. (2020). Cybersecurity and remote working: Croatia’s (non-)response to increased cyber threats. International Cybersecurity Law Review, 1(1–2), 51–61. https://doi.org/10.1365/s43439- 020-00014-3
Tessian. (2020). The State of Data Loss Prevention: Why DLP Has Failed and What the Future Looks Like. Retrieved from https://www.tessian.com/research/the-state-of-data- loss-prevention-2020/
Vial, G. (2019). Understanding digital transformation: A review and a research agenda. Journal of Strategic Information Systems, 28(2), 118–144. https://doi.org/10.1016/j.jsis.2019.01.003
Wiley, A., McCormac, A., & Calic, D. (2020). More than the individual: Examining the relationship between culture and Information Security Awareness. Computers & Security, 88, 101640. https://doi.org/10.1016/j.cose.2019.101640
Yin, R. K. (2018). Case study research and applications: Design and methods (6th ed.). Los Angeles: SAGE. https://doi.org/10.1177/109634809702100108
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.