We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
Toward a taxonomy of corporate data protection malpractices and their causal mechanisms: A regulatory view.
- Authors
Haiping Zhao; Na Jiang; Zhao Cai; Lim, Eric T. K.; Chee-Wee Tan
- Abstract
Corporate data protection malpractices are not uncommon, especially in contemporary technological environments. Embracing a regulatory view, this study attempts to advance a taxonomy of prevailing corporate data protection practices and their causal mechanisms by analyzing cases where organizations were fined for violating data protection legislation. Selecting the General Data Protection Regulation (GDPR) enacted by the European Union (EU) as our benchmark, this study employs an iterative taxonomy development technique as guidance and conducts a thematic analysis on 875 cases of GDPR enforcement. In so doing, we derive a conceptual model comprising 6 focal categories and 28 subcategories of prevailing corporate data protection malpractices existing within organizations as well as 4 main categories and 22 subcategories of causal mechanisms underlying these identified malpractices. Empirical findings from this study not only reinforce corporate data protection malpractices established in prior research but also yield novel malpractices that have been neglected in previous work. From a pragmatic standpoint, this study yields invaluable insights into the prevention and resolution of corporate data protection malpractices for practitioners.
- Subjects
DATA protection; EUROPEAN Union; ORGANIZATION management; GENERAL Data Protection Regulation, 2016; DATA analysis
- Publication
Journal of Information Technology (Sage Publications Inc.), 2023, Vol 38, Issue 3, p319
- ISSN
0268-3962
- Publication type
Article
- DOI
10.1177/02683962231155937