GDPR compliance guidebook for employees at a single University of Applied Sciences in Southern Finland
Hohtar, Elizabeth (2019)
Hohtar, Elizabeth
2019
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2019052311653
https://urn.fi/URN:NBN:fi:amk-2019052311653
Tiivistelmä
The purpose of this thesis project is to produce the guidebook under the name "GDPR compliance guidebook for employees at a single University of Applied Sciences in Southern Finland", which was commissioned by Laurea University of Applied Sciences. The objectives are to follow the requirements of the project's client and workplace supervisor Tiina Ranta, produce an informative and useful guidebook and study the appropriate legislation such as General Data Protection Regulation. The guidebook was created in response to high risks in data protection with the purpose to lower these risks.
The "GDPR compliance guidebook for employees at a single University of Applied Sciences in Southern Finland" was based on the risk assessment summary created by Tiina Ranta, the Head of Security at Laurea University of Applied Sciences. The literature review was conducted in order to study the General Data Protection Regulation that was enforced in May 2018.
The methods included planning and organizing the text layout of the guidebook as well as following the requirements from the thesis project’s client. The material was collected and analysed for further use in the guidebook. The meetings with the client and data protection officer helped to establish specifications for the guidebook. Furthermore, the advice and feedback from the client and data protection officer helped to improve the structure of the guidebook.
The result of the thesis project is the structured text for the GDPR compliance guidebook. The produced guidebook met all requirements with satisfaction. The guidebook contains 4 short sections based on general risk assessment summary. Each section contains legislation, which is the General Data Protection Regulation with the addition of the Universities of Applied Sciences Act. The sections of the guidebook include real-life case examples, recommendations, and questions, which are meant to trigger a discussion and critical thinking analysis.
In conclusion, recommendations include improving guidebook in the future by adding new cases and new knowledge on General Data Protection Regulation, creating an electronic interactive version of the guidebook to engage more people and producing a GDPR-related webpage on Laurea University of Applied Sciences website for everyone to be aware of their data protection rights.
The "GDPR compliance guidebook for employees at a single University of Applied Sciences in Southern Finland" was based on the risk assessment summary created by Tiina Ranta, the Head of Security at Laurea University of Applied Sciences. The literature review was conducted in order to study the General Data Protection Regulation that was enforced in May 2018.
The methods included planning and organizing the text layout of the guidebook as well as following the requirements from the thesis project’s client. The material was collected and analysed for further use in the guidebook. The meetings with the client and data protection officer helped to establish specifications for the guidebook. Furthermore, the advice and feedback from the client and data protection officer helped to improve the structure of the guidebook.
The result of the thesis project is the structured text for the GDPR compliance guidebook. The produced guidebook met all requirements with satisfaction. The guidebook contains 4 short sections based on general risk assessment summary. Each section contains legislation, which is the General Data Protection Regulation with the addition of the Universities of Applied Sciences Act. The sections of the guidebook include real-life case examples, recommendations, and questions, which are meant to trigger a discussion and critical thinking analysis.
In conclusion, recommendations include improving guidebook in the future by adding new cases and new knowledge on General Data Protection Regulation, creating an electronic interactive version of the guidebook to engage more people and producing a GDPR-related webpage on Laurea University of Applied Sciences website for everyone to be aware of their data protection rights.