The benefits and challenges of general data protection regulation for the information technology sector

AuthorNazar Poritskiy, Flávio Oliveira, Fernando Almeida
DOIhttps://doi.org/10.1108/DPRG-05-2019-0039
Pages510-524
Publication Date12 Aug 2019
The benets and challenges of general
data protection regulation for the
information technology sector
Nazar Poritskiy, Flávio Oliveira and Fernando Almeida
Abstract
Purpose The implementation of European data protection is a challenge for businesses and has
imposed legal, technical and organizational changes for companies. This study aims to explore the
benefits and challenges that companies operating in the information technology (IT) sector have
experienced in applying the European data protection. Additionally,this study aims to explore whether
the benefits and challenges faced by these companies were different considering their dimension and
the state of implementationof the regulation.
Design/methodology/approach This study adopts a quantitative methodology, based on a survey
conducted with Portuguese IT companies. The survey is composed of 30 questions divided into three
sections, namely, control data; assessment; and benefits and challenges. The survey was created on
Google Drive and distributed amongPortuguese IT companies between March and April of 2019. The
data were analyzed usingthe Stata software using descriptive and inferentialanalysis techniques using
the ANOVA one-waytest.
Findings A total of 286 responses were received. The main benefits identified by the application of
European data protection include increased confidence and legal clarification. On the other hand, the
main challengesinclude the execution of audits to systems and processesand the application of the right
to erasure. The findings allow us to conclude that the state of implementation of the general data
protection regulation (GDPR), and the type of company are discriminating factors in the perception of
benefitsand challenges.
Research limitations/implications This study has essentially practical implications. Based on the
synthesisof the benefits and challenges posed by the adoption of Europeandata protection, it is possible
to assess the relativeimportance and impact of the benefits and challengesfaced by companies in the IT
sector. However, thisstudy does not explore the type of challenges that are placed at each stage of the
adoption of European data protection and does not take into account the specificities of the activities
carriedout by each of these companies.
Originality/value The implementationof the GDPR is still in an initial phase. This study is pioneeringin
synthesizingthe main benefits and challenges of its adoptionconsidering the companies operatingin the
IT sector. Furthermore, this study explores the impact of the size of the company and the status of
implementationof the GDPR on the perception of the establishedbenefits and challenges.
Keywords Data protection, Benefits, Portugal, Privacy, Challenges, Information technology sector
Paper type Research paper
Introduction
The protection of citizens regarding their personal data are a fundamental right. The
globalization and rapid technological change have enabled citizens to easily share, often
without having their explicit prior knowledge, information about their behavior and
preferences. Many times this information becomes globally accessible to other companies
and organization. Studies conducted by McDermott (2017) and Polykalas and Prezerakos
(2019) indicate that increasinglybig data tools enable a cross-analysis of personal data and
Nazar Poritskiy, Fla
´vio
Oliveira are both based at
ISPGaya, Vila Nova de
Gaia, Porto, Portugal.
Fernando Almeida is based
at Faculty of Engineering,
University of Porto, Porto,
Portugal.
Received 26 May 2019
Revised 25 June 2019
Accepted 25 July 2019
PAGE 510 jDIGITAL POLICY, REGULATION AND GOVERNANCE jVOL. 21 NO. 5 2019, pp. 510-524, ©Emerald Publishing Limited, ISSN 2398-5038 DOI 10.1108/DPRG-05-2019-0039

To continue reading

Request your trial