Skip to main content
Login | Suomeksi | På svenska | In English

Browsing by Subject "GDPR"

Sort by: Order: Results:

  • Data privacy in software design : case dLearn.Helsinki 
    Ahonen, Heikki (2020)
    The research group dLearn.Helsinki has created a software for defining the work life competence skills of a person, working as a part of a group. The software is a research tool for developing the mentioned skills of users, and users can be of any age, from school children to employees in a company. As the users can be of different age groups, the data privacy of different groups has to be taken into consideration from different aspects. Children are more vulnerable than adults, and may not understand all the risks imposed to-wards them. Thus in the European Union the General Data Protection Regulation (GDPR)determines the privacy and data of children are more protected, and this has to be taken into account when designing software which uses said data. For dLearn.Helsinki this caused changes not only in the data handling of children, but also other users. To tackle this problem, existing and future use cases needed to be planned and possibly implemented. Another solution was to implement different versions of the software, where the organizations would be separate. One option would be determining organizational differences in the existing SaaS solution. The other option would be creating on-premise versions, where organizations would be locked in accordance to the customer type. This thesis introduces said use cases, as well as installation options for both SaaS and on-premise. With these, broader views of data privacy and the different approaches are investigated, and it can be concluded that no matter the approach, the data privacy of children will always prove a challenge.
  • EU:n tietosuoja-asetuksen GDPR:n vaikutus suomalaisissa pk-yrityksissä 2018-2020 
    Auvo, Markus (2022)
    As everyday life becomes digital, more and more daily things are done online. In particular, the increased use of mobile devices has accelerated this development. People are increasingly leaving information online about themselves that can be used to identify a person. On 25 May 2018, the European Union’s General Data Protection Regulation, the GDPR, was repealed in the European Union, repealing the previous European Union Data Protection Directive. The GDPR sets out how personal information should be stored and who can process it. The thesis examined how the introduction of GDPR has affected the customer data storage solutions and IT processes of Finnish SMEs during 2018-2020. The companies were examined in three phases: before, during and after the introduction of the GDPR. The study looked at the number of data breaches in the EU and the penalties imposed for them, and compared the situation in Finland. In addition, Finnish SMEs were interviewed for the dissertation. The interview was conducted as a questionnaire interview with 15 companies. The thesis found that Finland did not stand out in any way among other EU countries in GDPR violations. The answers received as a result of the survey revealed that there has been a clear variation in the interpretation of the content of the GDPR in Finland, which has affected the measures taken by companies. Based on the survey, the measures have also been influenced by the organization and organizational culture. However, the reliability of the results is affected by the small sample size.
  • GDPR, Blockchain and the Right to be Forgotten 
    Ture, Tsegaye (2021)
    The introductory section of the thesis discusses on the European General Data Protection Regulation, abbreviated GDPR, background information and historical facts. The second section covers basic concepts of personal data and GDPR enforcement. The third section gives detailed analysis on data subject rights as well as best practices for GDPR compliance to avoid penalties. The fourth section concentrates on the technical aspects of the right to be forgotten, solely concentrating on the technical aspects of permanent erasure/deletion of personal or corporate data in compliance with the customer’s desire. Permanent deletion or erasure of data, technically addressing the issue of the right to be forgotten and block chain network technology are the main focus areas of the thesis. The fifth section of the thesis profoundly elaborates block chain and the relation with GDPR compliance in particular. Then the thesis resumes explaining about security aspects and encryption, confidentiality, integrity and availability of data as well as authentication, authorization and auditing mechanisms in relation to the GDPR. The last section of the thesis is the conclusion and recommendation section which briefly summarizes the entire discussion and tries to suggest further improvements

Yhteystiedot

HELSINGIN YLIOPISTO