A comprehensive concept map for adequate protection and effective management of personal information in networked Chinese services

AuthorXiaomi An, Wenlin Bai, Hepu Deng, Shuyang Sun, Yu Dong, Wenrui Zhong, Jufang Hu
DOIhttps://doi.org/10.1108/EL-04-2014-0059
Pages1047-1064
Publication Date02 Nov 2015
A comprehensive concept map
for adequate protection and
effective management of
personal information in
networked Chinese services
Xiaomi An
Key Laboratory of Data Engineering and Knowledge Engineering of the
Ministry of Education, and School of Information Resources Management,
Renmin University of China, Beijing, China
Wenlin Bai
School of Information Resources Management,
Renmin University of China, Beijing, China
Hepu Deng
School of Information Resources Management, Renmin University of
China, Beijing, China, and School of Business Information Technology and
Logistics, RMIT University, Melbourne, Australia
Shuyang Sun, Yu Dong and Wenrui Zhong
School of Information Resources Management,
Renmin University of China, Beijing, China, and
Jufang Hu
University Library, Renmin University of China, Beijing, China
Abstract
Purpose – This paper aims to develop a comprehensive concept map to guide adequate protection and
effective management of personal information in the provision of networked services in China through
comprehensively considering the multi-disciplinary perspective of personal information protection and
management with respect to their multi-dimensional applications, multi-directional controls and
multi-contextual analysis in today’s networked environments. There are different perspectives on what
personal information protection and management is about, why and how personal information should
be protected and managed in the literature. Little, however, is known about the relationships between
This research is nancially supported by The National Social Science Foundation of China Major
Program (Project number: 13 &ZD 184), the Fundamental Research Funds for the Central
Universities, and the Research Funds of Renmin University of China (No. 15XNLQ08) and the
Beijing National Social Science Foundation (Project number: 13&ZHB103). The authors wish to
thank Sha Liu, Yongni Yu, Li Zheng and Hao Chen for collecting data of online survey to help this
study.
The current issue and full text archive of this journal is available on Emerald Insight at:
www.emeraldinsight.com/0264-0473.htm
Information in
networked
Chinese
services
1047
Received 3 April 2014
Revised 10 September 2014
30 October 2014
Accepted 1 December 2014
TheElectronic Library
Vol.33 No. 6, 2015
pp.1047-1064
©Emerald Group Publishing Limited
0264-0473
DOI 10.1108/EL-04-2014-0059
these multiple perspectives and their implications to personal information protection and management
in the real-world practice.
Design/methodology/approach – A multi-methods approach is adopted in the study, including a
comprehensive review of the related literature, a content analysis of the relevant laws, polices,
standards, a multi-cases study of the relevant network services providers and an online survey of the
Chinese citizens who are the end-users of the networked services to adequately achieve the objective of
this study. The concept map building technique is used as a tool for conducting the meta-synthesis of
the ndings from multiple data resources in the development of a comprehensive concept map for
personal information protection and management.
Findings – This study rationalizes the importance of the identication of personal information for
adequate protection and effective management. It identies ve perspectives on personal information
protection and management, namely, law, economics, sociology, information technology and
information resources management for their applications at the organizational level. Five types of
personal information are identied in the study for protection and management, namely, identiable
personal information, personal identity information, personal moral right information, personal civil
right and interest information and personal business and transaction information. An integrated
approach consisting of risk control, security control and users control is proposed for personal
information protection and management in the provision of networked services in China. The study
shows that not enough attention has been paid to the personal information protection and management
from multi-disciplinary perspectives with respect to their multi-dimensional applications,
multi-directional controls and multi-contextual analysis in the literature. There is a lack of
understanding of what, why and how personal information is protected and managed in real-world
practices in China.
Practical implications – The investigation of the issues of personal information protection and
management with respect to the relevant laws, polices, standards, networked services and
organizations can lead to a better understanding of what, why and how personal information is
protected and managed in real-world practices in China. The development of a comprehensive concept
map for personal information protection and management can be used as an effective guideline for the
formulation and implementation of appropriate strategies and policies in individual organizations for
providing their stakeholders with quality-networked services in today’s highly connected network
environment in China.
Originality/value – The paper is the rst step of a comprehensive study on the protection and
management of personal information for the provision of networked services in China. It provides a
solid foundation for further research with respect to the personal information protection and
management. It is the rst of this kind of studies to answer the questions of what types of personal
information needed to be protected, why and how they should be protected in conformity with laws,
regulations, polices, standards and the needs of networked services and business activities of
organizations.
Keywords China, Information resources management, Personal information protection,
Networked services
Paper type Research paper
1. Introduction
With the rapid development of e-government and e-business in China (Molla and Deng,
2009), an increasing amount of personal information is collected, processed, shared and
stored while providing networked services to support business collaborations and
innovations (An et al., 2014) within and across organizations. This leads to numerous
problems in handling personal information, including excessive collection of personal
information, publishing personal information without consent and illegal selling of
EL
33,6
1048

To continue reading

Request your trial