Towards a readiness model derived from critical success factors, for the general data protection regulation implementation in higher education institutions
Background: Present the relevance of the study and highlights the key points of literature overview. Purpose: As of May 25, 2018, General Data Protection Regulation (GDPR) has become mandatory for all organizations, public or private, that handle personal data of European citizens, regardless of the...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
University of Novi Sad - Faculty of Economics, Subotica
2023-01-01
|
Series: | Strategic Management |
Subjects: | |
Online Access: | https://scindeks-clanci.ceon.rs/data/pdf/1821-3448/2023/1821-34482301004F.pdf |
_version_ | 1797832951641145344 |
---|---|
author | Fernandes José Machado Carolina Feliciana Amaral Luís |
author_facet | Fernandes José Machado Carolina Feliciana Amaral Luís |
author_sort | Fernandes José |
collection | DOAJ |
description | Background: Present the relevance of the study and highlights the key points of literature overview. Purpose: As of May 25, 2018, General Data Protection Regulation (GDPR) has become mandatory for all organizations, public or private, that handle personal data of European citizens, regardless of their physical location. Higher education institutions (HEIs), namely public universities, are no exception to this requirement and, as in many other organizations, many HEIs begin the process of implementing the GDPR without meeting the minimum conditions necessary for implementation. The purpose of this study, therefore, is to present a model to determine the level of readiness of HEIs regarding the implementation of the GDPR. Study design/methodology/approach: With the objective of designing a new artefact as a readiness model for the implementation of the GDPR, this study follows Design Science Research as an approach to be used to build the readiness model, based on a set of 16 critical success factors (CSFs) previously determined. Findings/conclusions: A readiness model was designed, based on a set of 16 CSFs related to the implementation of GDPR in HEIs. Limitations/future research: This is a new area of study that needs further development, namely through the practical application of the model, allowing the improvement of the measurement levels of the different CSFs. Practical implications: The determined readiness model allows HEIs to realize a priori if they have the necessary conditions for the implementation of the GDPR, giving useful indications of the organizational dimensions and the CSFs that compose them where better performance is necessary to ensure a successful implementation. Originality/Value: As far as we know, this is the first model of readiness based on CSFs related to the implementation of GDPR in HEIs, being therefore a first contribution to the development of this area. |
first_indexed | 2024-04-09T14:15:56Z |
format | Article |
id | doaj.art-154bba94f3334157ab7d56c3966f82b5 |
institution | Directory Open Access Journal |
issn | 1821-3448 2334-6191 |
language | English |
last_indexed | 2024-04-09T14:15:56Z |
publishDate | 2023-01-01 |
publisher | University of Novi Sad - Faculty of Economics, Subotica |
record_format | Article |
series | Strategic Management |
spelling | doaj.art-154bba94f3334157ab7d56c3966f82b52023-05-05T08:12:56ZengUniversity of Novi Sad - Faculty of Economics, SuboticaStrategic Management1821-34482334-61912023-01-012814191821-34482301004FTowards a readiness model derived from critical success factors, for the general data protection regulation implementation in higher education institutionsFernandes José0https://orcid.org/0000-0001-7229-7884Machado Carolina Feliciana1https://orcid.org/0000-0002-9685-1576Amaral Luís2https://orcid.org/0000-0002-9426-3834University of Minho, Campus de Gualtar, School of Economics and Management, Braga, PortugalUniversity of Minho, Campus de Gualtar, School of Economics and Management, Braga, PortugalUniversity of Minho, Campus de Azurém, School of Engineering, Guimarães, PortugalBackground: Present the relevance of the study and highlights the key points of literature overview. Purpose: As of May 25, 2018, General Data Protection Regulation (GDPR) has become mandatory for all organizations, public or private, that handle personal data of European citizens, regardless of their physical location. Higher education institutions (HEIs), namely public universities, are no exception to this requirement and, as in many other organizations, many HEIs begin the process of implementing the GDPR without meeting the minimum conditions necessary for implementation. The purpose of this study, therefore, is to present a model to determine the level of readiness of HEIs regarding the implementation of the GDPR. Study design/methodology/approach: With the objective of designing a new artefact as a readiness model for the implementation of the GDPR, this study follows Design Science Research as an approach to be used to build the readiness model, based on a set of 16 critical success factors (CSFs) previously determined. Findings/conclusions: A readiness model was designed, based on a set of 16 CSFs related to the implementation of GDPR in HEIs. Limitations/future research: This is a new area of study that needs further development, namely through the practical application of the model, allowing the improvement of the measurement levels of the different CSFs. Practical implications: The determined readiness model allows HEIs to realize a priori if they have the necessary conditions for the implementation of the GDPR, giving useful indications of the organizational dimensions and the CSFs that compose them where better performance is necessary to ensure a successful implementation. Originality/Value: As far as we know, this is the first model of readiness based on CSFs related to the implementation of GDPR in HEIs, being therefore a first contribution to the development of this area.https://scindeks-clanci.ceon.rs/data/pdf/1821-3448/2023/1821-34482301004F.pdfgeneral data protection regulationcritical success factorsdesign science researchreadiness modelmaturity modelhigher education institutions |
spellingShingle | Fernandes José Machado Carolina Feliciana Amaral Luís Towards a readiness model derived from critical success factors, for the general data protection regulation implementation in higher education institutions Strategic Management general data protection regulation critical success factors design science research readiness model maturity model higher education institutions |
title | Towards a readiness model derived from critical success factors, for the general data protection regulation implementation in higher education institutions |
title_full | Towards a readiness model derived from critical success factors, for the general data protection regulation implementation in higher education institutions |
title_fullStr | Towards a readiness model derived from critical success factors, for the general data protection regulation implementation in higher education institutions |
title_full_unstemmed | Towards a readiness model derived from critical success factors, for the general data protection regulation implementation in higher education institutions |
title_short | Towards a readiness model derived from critical success factors, for the general data protection regulation implementation in higher education institutions |
title_sort | towards a readiness model derived from critical success factors for the general data protection regulation implementation in higher education institutions |
topic | general data protection regulation critical success factors design science research readiness model maturity model higher education institutions |
url | https://scindeks-clanci.ceon.rs/data/pdf/1821-3448/2023/1821-34482301004F.pdf |
work_keys_str_mv | AT fernandesjose towardsareadinessmodelderivedfromcriticalsuccessfactorsforthegeneraldataprotectionregulationimplementationinhighereducationinstitutions AT machadocarolinafeliciana towardsareadinessmodelderivedfromcriticalsuccessfactorsforthegeneraldataprotectionregulationimplementationinhighereducationinstitutions AT amaralluis towardsareadinessmodelderivedfromcriticalsuccessfactorsforthegeneraldataprotectionregulationimplementationinhighereducationinstitutions |