GDPR in Focus: A Literature Review to Bridge Knowledge Gaps
Negi, Ankita (2024)
Negi, Ankita
2024
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2024112730711
https://urn.fi/URN:NBN:fi:amk-2024112730711
Tiivistelmä
The thesis explores the multi-layered compliance landscape of the GDPR to address significant research gaps on its theoretical understanding and practical implementation. This study employs an exploratory research design that combines a systematic literature review of 169 academic papers with semi-structured interviews with professionals to uncover critical gaps and develop actionable insights in the field of GDPR studies. Funnel analysis was used to synthesize findings, a process of progressively narrowing broad compliance themes down to detailed challenges and opportunities. It highlighted serious issues in regulatory complexity, interdisciplinary integration challenges, and the absence of tailored, cost-effective approaches for SMEs. The study also demonstrated the compliance hurdles of industries identified as high-risk sectors, such as those in healthcare and e-commerce, where the high reliance on sensitive data increases compliance burdens. The investigation emphasizes how AI-driven compliance tools, privacy-preserving technologies, and strong data governance frameworks are beneficial in facilitating compliance.
Comparative analyses involving global regulations like the CCPA, PDPB, and PIPL depict both challenges and opportunities in the pursuit of international harmonization of data protection standards while considering unique local regulatory contexts. It also points out a number of shortfalls in the actual enforcement of consumer rights and investigates issues such as the so called "privacy paradox," where consumer behavior does not comply with the stated level of privacy concern.
This thesis synthesizes fragmented insights from legal, technological, and organizational perspectives into a comprehensive framework for GDPR compliance. It connects theoretical discourse with practical application and lays the foundation for future research and a roadmap for organizations toward sustainable compliance. The findings underpin long-term benefits that come along with compliance, such as increased trust by consumers, operational efficiency, and competitive advantage, therefore rendering this work a vital contribution to GDPR scholarship and practice.
Comparative analyses involving global regulations like the CCPA, PDPB, and PIPL depict both challenges and opportunities in the pursuit of international harmonization of data protection standards while considering unique local regulatory contexts. It also points out a number of shortfalls in the actual enforcement of consumer rights and investigates issues such as the so called "privacy paradox," where consumer behavior does not comply with the stated level of privacy concern.
This thesis synthesizes fragmented insights from legal, technological, and organizational perspectives into a comprehensive framework for GDPR compliance. It connects theoretical discourse with practical application and lays the foundation for future research and a roadmap for organizations toward sustainable compliance. The findings underpin long-term benefits that come along with compliance, such as increased trust by consumers, operational efficiency, and competitive advantage, therefore rendering this work a vital contribution to GDPR scholarship and practice.