Abstract

Abstract The purpose of the study is to analyze the existing requirements for personal data security and assess the impact of these requirements on the enterprises security in the Russian Federation. Research method: the problem of ensuring the security of personal data in accordance with the requirements of the Federal law of the Russian Federation FZ-152 and the international General Data Protection Regulation is investigated. The article analyzes the possible risks of interrupting the normal activities of enterprises in the Russian Federation due to violations of these requirements for personal data protection and the imposition of significant fines by international regulators. Numerical relationships are estimated between the amount of fines for violations of established requirements, including General Data Protection Regulation, and the cost of creating an effectiveness personal data protection system. Estimates of the permissible degree of influence of the General Data Protection Regulation requirements on the enterprises security in the Russian Federation are obtained. Research result: a study and comparison of possible penalties for violation of compliance with the requirements of the Federal law of the Russian Federation FZ-152 and the international General Data Protection Regulation was performed. Risk assessments of sanctions for violation of the established requirements for personal data protection were obtained. The analysis of the cost of preparing a personal data protection system for compliance with the requirements of the General Data Protection Regulation was performed. Based on the data obtained, examples of calculating the degree of maturity of the security system are presented – based on the ratio of the share of the budget allocated for security in relation to the cost of creating an effectiveness personal data protection system and based on the ratio of the amount of the fine for violation of the established requirements. The importance of accounting for the costs of personal data security to ensure the security of enterprises in the Russian Federation, taking into account the requirements of the General Data Protection Regulation, is shown

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.