Remote Work and Data Protection: How do Organisations Secure Personal Data Protection Compliance from Home?

Authors

  • Sofia Ribeiro University of Porto, Faculty of Engineering, INESC TEC (PORTUGAL)

DOI:

https://doi.org/10.34630/bobcatsss.vi.4983

Keywords:

data protection, GDPR, information security, remote work, digital transformation

Abstract

In the Information Society, business processes tend to become increasingly digital and operate in the virtual world. With the recent pandemic, this transformation has become almost mandatory. With their workers performing their duties remotely, organisations feel the need to digitally adapt their processes. Among several aspects of concern in these transmutations, one stands out: data protection. How can data protection be controlled remotely? Workers take to their homes their work equipment, their documents and their information with them - full of personal data. With the entry into force of the GDPR, organisations have a duty to register the treatment of information containing personal data. This requires that information circuits be controlled, i.e., a mapping of business processes and the information contained and transmitted in them. A case study was carried out with focus on the activities of the Data Protection Group of a private Portuguese research and development company in order to discover how an organisation, where the main asset is information, controls and monitors data protection compliance.

References

Babbs, A. (2020). How to leverage data security in a post-Covid world. Computer Fraud & Security, 2020(10), 8–11. https://doi.org/10.1016/S1361-3723(20)30107-X

Borkovich, D. J., & Skovira, R. J. (2020). Working From Home: Cybersecurity in the Age of Covid-19. Issues in Information Systems, 21(4), 234–246. Retrieved from https://www.iacis.org/iis/2020/4_iis_2020_234-246.pdf

Comissão Nacional de Proteção de Dados. (2020). Orientações sobre o controlo à distância em regime de teletrabalho.

European Parliament, & Council of the European Union. (2016). Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the European Union. Retrieved from: https://eur-lex.europa.eu/eli/reg/2016/679/oj

INESC TEC. (2020). INESC TEC - Institution. Retrieved May 14, 2020, from https://www.inesctec.pt/en/institution

Koehler, T., Cervini, P., & Vetter, J. (2020). The abrupt shift to remote working has amplified cyber security problems. Retrieved from http://eprints.lse.ac.uk/106456/1/usapp_2020_08_22_the_abrupt_shift_to_remote_working_has_ amplified.pdf

Lueck, M. (2020). GDPR in the new remote-working normal. Computer Fraud & Security, 8, 14– 16. https://doi.org/10.1016/S1361-3723(20)30086-5

Malecki, F. (2020). Overcoming the security risks of remote working. Computer Fraud & Security, 7, 10–12. https://doi.org/10.1016/S1361-3723(20)30074-9

Nagel, L. (2020). The influence of the COVID-19 pandemic on the digital transformation of work. International Journal of Sociology and Social Policy, (ahead-of-print). https://doi.org/10.1108/IJSSP-07-2020-0323

Peltier, T. R. (2014). Information Security Fundamentals (Second Edi). CRC Press. Retrieved from https://books.google.pt/books?id=MSPFAAAAQBAJ

Pham, M. (2020). COVID-19 and the Future of Work Security: Is Remote Work Really Secure? Retrieved from https://www.wrike.com/blog/remote-work-security-survey/

Ridder, H. G. (2017). The theory contribution of case study research designs. Business Research, 10(2), 281–305. https://doi.org/10.1007/s40685-017-0045-z

Schallmo, D. R. A., & Williams, C. A. (2018). History of Digital Transformation. In Digital Transformation Now! Guiding the Successful Digitalization of Your Business Model (pp. 3–8). Cham, Switzerland: Springer Nature. https://doi.org/10.1007/978-3-319-72844-5_2

Škiljić, A. (2020). Cybersecurity and remote working: Croatia’s (non-)response to increased cyber threats. International Cybersecurity Law Review, 1(1–2), 51–61. https://doi.org/10.1365/s43439- 020-00014-3

Tessian. (2020). The State of Data Loss Prevention: Why DLP Has Failed and What the Future Looks Like. Retrieved from https://www.tessian.com/research/the-state-of-data- loss-prevention-2020/

Vial, G. (2019). Understanding digital transformation: A review and a research agenda. Journal of Strategic Information Systems, 28(2), 118–144. https://doi.org/10.1016/j.jsis.2019.01.003

Wiley, A., McCormac, A., & Calic, D. (2020). More than the individual: Examining the relationship between culture and Information Security Awareness. Computers & Security, 88, 101640. https://doi.org/10.1016/j.cose.2019.101640

Yin, R. K. (2018). Case study research and applications: Design and methods (6th ed.). Los Angeles: SAGE. https://doi.org/10.1177/109634809702100108

Downloads

Published

2023-02:-09

How to Cite

Ribeiro, S. (2023). Remote Work and Data Protection: How do Organisations Secure Personal Data Protection Compliance from Home?. Bobcatsss, 246–255. https://doi.org/10.34630/bobcatsss.vi.4983

Issue

Bobcatsss 2021: Digital Transformation

Section

Papers

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.