Transposition of transnational requirements relating to the protection of personal data and the security of information communicated in a global space while taking into account the groundswell concept

Adam Madleňák,Marek Švec,T Kliestik

doi:10.1051/shsconf/202112906005

Abstract

Research background: The adoption of the GDPR Regulation prompted the introduction of a unified regulation on the protection of personal data and highlighted the need to implement security measures relating to information disseminated across businesses operating in several mainly European countries. In practice, the adopted internal standards at the group level are expected to be introduced to the internal environment of individual local subsidiaries. The need to take into account specificities of national legal systems, as well as a specific environment capable of creating a secondary response - a groundswell has also became important. The legal framework of privacy protection in relation to the confidentiality of information disclosed by employers thus represents a fundamental challenge for the interaction between global requirements and local legislation, taking into account the specific assumptions of the business entity concerned. Purpose of the article: The aim of the paper is to describe the range of problems and solutions regarding the process of introducing internal processes of business entities in terms of data security. Moreover, the paper also pays attention to personal data protection legislation. Methods: In an effort to achieve the set goal, the authors used analytical, inductive, deductive and comparative research methods in order to identify areas of problems in relation to intrusion into the privacy of individuals in the online environment and internal communication channels. By synthesising knowledge published in domestic and foreign literature it was possible to draw up the key terminology. Findings & Value added: The experience of the authors in setting up the internal environment of business entities with regard to the issues in question (personal data protection and security of information disclosed in connection with the decision-making power of national regulators) contributes to the knowledge in the given field.

Highlights

The effort to unify approaches in individual legal sectors at the European and non-European level has sparked an interest in unifying the rules within multinational companies, in particular groups and holdings
A typical practical example is the adoption of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), as a result of which the effort to enforce unified group regulations governing the protection of personal data in the internal environment of all property-related business entities or those that meet the condition of mutual relationship between the controlled and the controlling person came to the forefront
Looking for ways to improve the process of transposition of transnational data security and data protection requirements into local legislation is, basically, unnecessary

Summary

Introduction

The effort to unify approaches in individual legal sectors at the European and non-European level has sparked an interest in unifying the rules within multinational companies, in particular groups and holdings. A typical practical example is the adoption of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter "GDPR"), as a result of which the effort to enforce unified group regulations governing the protection of personal data in the internal environment of all property-related business entities or those that meet the condition of mutual relationship between the controlled and the controlling person came to the forefront Fulfilment of this requirement, i.e. the unified approach to personal data protection and data security in general across related enterprises is the basic starting point for obtaining data by central management from subsidiaries and their verification and implementing general supervision in this regard. A controlled enterprise and its controlling enterprise shall be presumed to constitute a group”

Objectives

Methods

Results

Conclusion