We Are Not There Yet: The Implications of Insufficient Knowledge
Management for Organisational Compliance
- URL: http://arxiv.org/abs/2305.04061v1
- Date: Sat, 6 May 2023 14:19:54 GMT
- Title: We Are Not There Yet: The Implications of Insufficient Knowledge
Management for Organisational Compliance
- Authors: Thomas \c{S}erban von Davier, Konrad Kollnig, Reuben Binns, Max Van
Kleek, Nigel Shadbolt
- Abstract summary: This paper presents the findings of an exploratory qualitative study with data protection officers and other privacy professionals.
We found issues with knowledge management to be the underlying challenge of our participants' feedback.
This paper questions what knowledge management or automation solutions may prove to be effective in establishing better computer-supported work environments.
- Score: 25.30364629335751
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Since GDPR went into effect in 2018, many other data protection and privacy
regulations have been released. With the new regulation, there has been an
associated increase in industry professionals focused on data protection and
privacy. Building on related work showing the potential benefits of knowledge
management in organisational compliance and privacy engineering, this paper
presents the findings of an exploratory qualitative study with data protection
officers and other privacy professionals. We found issues with knowledge
management to be the underlying challenge of our participants' feedback. Our
participants noted four categories of feedback: (1) a perceived disconnect
between regulation and practice, (2) a general lack of clear job description,
(3) the need for data protection and privacy to be involved at every level of
an organisation, (4) knowledge management tools exist but are not used
effectively. This paper questions what knowledge management or automation
solutions may prove to be effective in establishing better computer-supported
work environments.
Related papers
- Cybersecurity Challenge Analysis of Work-from-Anywhere (WFA) and Recommendations guided by a User Study [1.1749564892273827]
Many organizations were forced to quickly transition to the work-from-anywhere (WFA) model as a necessity to continue with their operations and remain in business despite the restrictions imposed during the COVID-19 pandemic.
This paper attempts to uncover some challenges and implications related to the cybersecurity of the WFA model.
We conducted an online user study to investigate the readiness and cybersecurity awareness of employers and their employees who shifted to work remotely from anywhere.
arXiv Detail & Related papers (2024-09-11T18:47:04Z) - A BERT-based Empirical Study of Privacy Policies' Compliance with GDPR [9.676166100354282]
This study aims to address challenge of compliance analysis between privacy policies for 5G networks.
We manually collected privacy policies from almost 70 different MNOs and we utilized an automated BERT-based model for classification.
In addition, we present first empirical evidence on the readability of privacy policies for 5G network. we adopted incorporates various established readability metrics.
arXiv Detail & Related papers (2024-07-09T11:47:52Z) - Collection, usage and privacy of mobility data in the enterprise and public administrations [55.2480439325792]
Security measures such as anonymization are needed to protect individuals' privacy.
Within our study, we conducted expert interviews to gain insights into practices in the field.
We survey privacy-enhancing methods in use, which generally do not comply with state-of-the-art standards of differential privacy.
arXiv Detail & Related papers (2024-07-04T08:29:27Z) - Privacy Risks of General-Purpose AI Systems: A Foundation for Investigating Practitioner Perspectives [47.17703009473386]
Powerful AI models have led to impressive leaps in performance across a wide range of tasks.
Privacy concerns have led to a wealth of literature covering various privacy risks and vulnerabilities of AI models.
We conduct a systematic review of these survey papers to provide a concise and usable overview of privacy risks in GPAIS.
arXiv Detail & Related papers (2024-07-02T07:49:48Z) - Navigating Knowledge Management Implementation Success in Government Organizations: A type-2 fuzzy approach [0.0]
The study aims to identify critical success and failure factors for implementing knowledge management systems in government organizations.
The study highlights the critical success factors for knowledge management systems in government organizations, including cooperation, an open atmosphere, staff training, creativity and innovation, removal of organizational constraints, reward policies, role modeling, and focus.
arXiv Detail & Related papers (2024-06-18T07:22:32Z) - Pitfalls in Effective Knowledge Management: Insights from an
International Information Technology Organization [8.847473225998908]
This study aims to identify hindering factors that prevent individuals from effectively sharing and managing knowledge.
Several hindering factors were identified, grouped into personal social topics, organizational social topics, technical topics, environmental topics, and interrelated social and technical topics.
The presented recommendations for mitigating these hindering factors are focused on improving employees' actions, such as offering training and guidelines to follow.
arXiv Detail & Related papers (2023-04-16T09:45:08Z) - Managing Controlled Unclassified Information in Research Institutions [1.7778609937758323]
This work explains the concept of Controlled Unclassified Information (CUI) and the challenges it brings to the research institutions.
A managed research ecosystem is introduced in this work.
arXiv Detail & Related papers (2022-11-27T16:54:24Z) - Distributed Machine Learning and the Semblance of Trust [66.1227776348216]
Federated Learning (FL) allows the data owner to maintain data governance and perform model training locally without having to share their data.
FL and related techniques are often described as privacy-preserving.
We explain why this term is not appropriate and outline the risks associated with over-reliance on protocols that were not designed with formal definitions of privacy in mind.
arXiv Detail & Related papers (2021-12-21T08:44:05Z) - Trustworthy AI Inference Systems: An Industry Research View [58.000323504158054]
We provide an industry research view for approaching the design, deployment, and operation of trustworthy AI inference systems.
We highlight opportunities and challenges in AI systems using trusted execution environments.
We outline areas of further development that require the global collective attention of industry, academia, and government researchers.
arXiv Detail & Related papers (2020-08-10T23:05:55Z) - A vision for global privacy bridges: Technical and legal measures for
international data markets [77.34726150561087]
Despite data protection laws and an acknowledged right to privacy, trading personal information has become a business equated with "trading oil"
An open conflict is arising between business demands for data and a desire for privacy.
We propose and test a vision of a personal information market with privacy.
arXiv Detail & Related papers (2020-05-13T13:55:50Z) - Beyond privacy regulations: an ethical approach to data usage in
transportation [64.86110095869176]
We describe how Federated Machine Learning can be applied to the transportation sector.
We see Federated Learning as a method that enables us to process privacy-sensitive data, while respecting customer's privacy.
arXiv Detail & Related papers (2020-04-01T15:10:12Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.