| dc.contributor.author | Jäntti, Marko | |
| dc.contributor.editor | El Kassabi, Hadeel; Al Rae, Rawhi | |
| dc.date.accessioned | 2021-02-02T09:27:23Z | |
| dc.date.available | 2021-02-02T09:27:23Z | |
| dc.date.issued | 2020 | |
| dc.identifier.uri | https://erepo.uef.fi/handle/123456789/24411 | |
| dc.description.abstract | Today, poorly implemented information security and data privacy measures may cause significant threats to companies’ existence and business continuity. Additionally, European Union has established strong data protection regulation rules for companies operating within EU. In order to be compliant with these new rules and regulations, organizations have to put a lot of resources to create data privacy policies and plans as well as to adjust tools to manage data privacy requests and fullfill privacy by design and privacy by default principles. Especially for small and medium-sized (SME) Information Technology (IT) firms and software development organizations with limited resources, new GDPR legislation and stricter requirements for information security have caused several challenges and uncertainty on what is adequate level of data privacy. In this paper, we focus on exploring Finnish IT SMEs and their actions and feelings on data privacy and information security. The research problem of this study is: How small and medium sized companies have prepared for growing data privacy and information security requirements? The main contribution of this paper is to show how small and medium sized IT companies in Northern Savo region did prepare for EU data privacy regulation and what types of challenges did exist in the GDPR preparation phase. | |
| dc.language.iso | eng | |
| dc.publisher | IEEE | |
| dc.relation.ispartof | Proceedings of the 2020 14th International Conference on Innovations in Information Technology (IIT) | |
| dc.relation.uri | http://dx.doi.org/10.1109/IIT50501.2020.9299050 | |
| dc.rights | In copyright 1.0 | |
| dc.subject | data privacy | |
| dc.subject | information security | |
| dc.subject | companies | |
| dc.subject | regulation | |
| dc.subject | software | |
| dc.subject | registers | |
| dc.subject | information technology | |
| dc.title | Studying Data Privacy Management in Small and Medium-Sized IT Companies. | |
| dc.description.version | final draft | |
| dc.contributor.department | School of Computing, activities | |
| uef.solecris.id | 76300012 | en |
| dc.type.publication | Artikkelit ja abstraktit tieteellisissä konferenssijulkaisuissa | |
| dc.relation.doi | 10.1109/IIT50501.2020.9299050 | |
| dc.description.reviewstatus | peerReviewed | |
| dc.format.pagerange | 57-62 | |
| dc.relation.isbn | 978-1-7281-8184-4 | |
| dc.relation.issn | 1819-9127 | |
| dc.relation.numberinseries | 2020 | |
| dc.rights.accesslevel | openAccess | |
| dc.type.okm | A4 | |
| uef.solecris.openaccess | Ei | |
| dc.rights.copyright | © 2020 IEEE | |
| dc.type.displayType | Artikkeli | fi |
| dc.type.displayType | Article | en |
| uef.rt.id | 12869 | en |
| dc.rights.url | https://rightsstatements.org/page/InC/1.0/ | |
