Repository logo
 
Profile Picture
Person

Oliveira, Pedro

Metadata only
0000-0001-8346-1694

Filters

2018 - 20207
Reset filters

Settings

Author: Lopes, Isabel Maria × Subject: Regulation (EU) 2016/679 ×

Search Results

Now showing 1 - 7 of 7
  • EU general data protection regulation Implementation: an institutional theory view
    Publication . Lopes, Isabel Maria; Guarda, Teresa; Oliveira, Pedro
    The General Data Protection Regulation entered into force on 25 May 2018, but was approved on 27 April 2016. The General Data Protection Regulation (GDPR) aims to ensure the coherence of natural persons’ protection within the European Union (EU), comprising very important innovative rules that will be applied across the EU and will directly affect every Member State. The organizations/Institutions had two years to implement it. Despite this, it has been observed that, in several sectors of activity, the number of organi-zations having adopted that control is low. This study aimed to identify the factors which condition the implementation the GDPR by organizations. Methodologically, the study involved interviewing the officials in charge of information systems in 18 health clinics in Portugal. The factors facilitating and inhibiting the implementation of GDPR are presented and discussed. Based on these factors, a set of recommendations to enhance the implemen-tation of the measures proposed by the regulation is made. The study used Institutional Theory as a theoretical framework. The results are discussed in light of the data collected in the survey and possible future works are identi-fied.
    2019Conference object Restricted access Show more
  • Implementation of ISO 27001 standards as GDPR compliance facilitator
    Publication . Lopes, Isabel Maria; Guarda, Teresa; Oliveira, Pedro
    Personal Data Protection has been among the most discussed topics lately and a reason for great concern among organizations. The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. The regulation will fundamentally reshape the way in which data is handled across every sector. The organizations had two years to implement it. As referred by many authors, the implementation of the regulation has not been an easy task for companies. The question we aim to answer in this study is how far the implementation of ISO 27001 standards might represent a facilitating factor to organizations for an easier compliance with the regulation. In order to answer this question, several websites (mostly of consulting companies) were analyzed, and the aspects considered as facilitating are listed in this paper.
    2019Journal article Restricted access Show more
  • Implementation of the general data protection regulation: a survey in health clinics
    Publication . Lopes, Isabel Maria; Oliveira, Pedro
    The new General Data Protection Regulation (GDPR) was approved on April 27 2016. The GDPR 2016/679 aims to ensure the coherence of natural persons’ protection within the European Union (EU), comprising very important innovative rules that will be applied across the EU and will directly affect every Member State. Furthermore, it aims to overcome the existing fragmented regulations and to modernise the principles of privacy in the EU. This regulation will come into force in May 2018, bringing along several challenges for citizens, companies and other private and public organisations. The protection of personal data is a fundamental right. The GDPR considers a ‘special category of personal data’, which includes data regarding health, since this is sensitive data and is therefore subject to special conditions regarding treatment and access by third parties. This premise provides the focus of this research work, where the implementation of the GDPR in health clinics in Portugal is analysed. The results are discussed in light of the data collected in the survey and possible future works are identified.
    2018Conference object Open access Show more
  • The 4 dimensions of the GDPR framework: an institutional theory perspective
    Publication . Lopes, Isabel Maria; Guarda, Teresa; Oliveira, Pedro
    The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. The regulation will fundamentally reshape the way in which data is handled across every sector. The organizations had two years to implement it. Despite this, it has been observed that, in several sectors of activity, the number of organizations having adopted that control is low. This study aimed to identify the factors which condition the adoption the GDPR by organizations. Methodologically, the study involved interviewing the officials in charge of information systems in 18 health clinics in Portugal. The factors facilitating and inhibiting the implementation of GDPR are presented and discussed. Based on these factors, a set of recommendations are made to enhance the adoption of the measures proposed by the regulation. The study used Institutional Theory as a theoretical framework. The results are discussed in light of the data collected in the survey and possible future works are identified.
    2020Conference object Restricted access Show more
  • How ISO 27001 can help achieve GDPR compliance
    Publication . Lopes, Isabel Maria; Guarda, Teresa; Oliveira, Pedro
    Personal Data Protection has been among the most discussed topics lately and a reason for great concern among organizations. The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. The regulation will fundamentally reshape the way in which data is handled across every sector. The organizations had two years to implement it. As referred by many authors, the implementation of the regulation has not been an easy task for companies. The question we aim to answer in this study is how far the implementation of ISO 27001 standards might represent a facilitating factor to organizations for an easier compliance with the regulation. In order to answer this question, several websites (mostly of consulting companies) were analyzed, and the aspects considered as facilitating are listed in this paper.
    2019Conference object Restricted access Show more
  • Evaluation of the implementation of the general data protection regulation in health clinics
    Publication . Lopes, Isabel Maria; Oliveira, Pedro
    The new General Data Protection Regulation (GDPR) was approved on April 27 2016. The GDPR 2016/679 aims to ensure the coherence of natural persons’ protection within the European Union (EU), comprising very important innovative rules that will be applied across the EU and will directly affect every Member State. Furthermore, it aims to overcome the existing fragmented regulations and to modernise the principles of privacy in the EU. This regulation will come into force in May 2018, bringing along several challenges for citizens, companies and other private and public organisations. The protection of personal data is a fundamental right. The GDPR considers a ‘special category of personal data’, which includes data regarding health, since this is sensitive data and is therefore subject to special conditions regarding treatment and access by third parties. This premise provides the focus of this research work, where the implementation of the GDPR in health clinics in Portugal is analysed. The results are discussed in light of the data collected in the survey and possible future works are identified.
    2018Journal article Restricted access Show more
  • General data protection regulation in health clinics
    Publication . Lopes, Isabel Maria; Guarda, Teresa; Oliveira, Pedro
    The focus on personal data has merited the EU concerns and attention, resulting in the legislative change regarding privacy and the protection of personal data. The General Data Protection Regulation (GDPR) aims to reform existing measures on the protection of personal data of European Union citizens, with a strong impact on the rights and freedoms of individuals in establishing rules for the processing of personal data. The GDPR considers a special category of personal data, the health data, being these considered as sensitive data and subject to special conditions regarding treatment and access by third parties. This work presents the evolution of the applicability of the Regulation (EU) 2016/679 six months after its application in ortuguese health clinics. The results of the present study are discussed in the light of future literature and work are dentified.
    2020Journal article Restricted access Show more