Defining Data in the New Paradigm Shift: The Directive vs. General Data Protection Regulation
International Journal of Business Management and Commerce
European Union, General Data Protection Regulation, risk management
Business | Business Analytics
The countless ways data is accessed and protected in Europe, with the arrival of a major European Union (EU) regulation, the General Data Protection Regulation (GDPR), will mandate modifications to company business and information technology (IT) planning with the EU as well as outside territorial business ventures. The financial services base will need to develop an effective security plan with robust breach response variations, while building an infrastructure willing and able to transform into the paradigm data transparency shift – empowered data security rights of all individuals classified as EU citizens. Personal data and processing activities associated within access management raises vulnerabilities and cyber concerns in privileged activities associated with sensitive data. Such unusual activities must be audited and framed around an audit risk model resilient to the transition of personal data privacy and security rights, in addition, to the new regulation. An effective control and legal framework is imperative in the preparation and interpretation of GDPR against business and IT framework designs. The various technical and business complexities which give rise to the levels of risk provokes an analysis of company policies and procedures during the planning phase, in which, should be tested to ensure controllers and processors are complying with data subjects’ rights within the constraints set by GDPR.
Janko, Elizabeth and Yetmar, Scott, "Defining Data in the New Paradigm Shift: The Directive vs. General Data Protection Regulation" (2018). Business Faculty Publications. 324.