Development of a Web Application in the field of Data Protection
In recent years, the global IT landscape has undergone a revolution in terms of the processing of personal data. The European Union enacted the General Data Protection Regulation (GDPR) in May 2018.
Andreas Goerre, 2021
Bachelor Thesis, Institute for Information Systems, HSW FHNW
Betreuende Dozierende: Emanuel Löffler
Keywords: Data Protection Web Application SME GDPR
Views: 24 - Downloads: 7
Three years after GDPR came into force, many enterprises still do not comply. Especially micro and small businesses are overwhelmed by the complexity of the regulation. Due to the abstract and broad formulation of GDPR, the requirements are often unclear. Several online tools are trying to help enterprises on their path to GDPR compliance. However, the self-assessments tools are not suited for micro and small businesses due to their complexity. The goal of the project is to develop a prototypical web application which provides a self-assessment for GDPR compliance dedicated to SMEs.
Design science research was used as methodology for the project. First, the knowledge base needed to be established through literature research about GDPR and its implications for SMEs. An expert interview with a data protection consultant supported the literature research with practical insights. An analysis of two existing self-assessment tools provided valuable insights for the development of the web application. After the development of the prototype, an evaluation in form of technical and field tests was conducted.
The conducted research proved that SMEs are struggling to comply with GDPR. Rather than as-sessing complete GDPR compliance, the developed web application is intended to assess basic concepts of GDPR in a simple way and motivate micro and small business to think about data pro-tection. The developed web application provides a well-designed user interface and is structured in a way that allows simple adjustments of the content. As the content itself is not in the scope of the bachelor thesis, a follow-up project for the provision of the content is needed to release the web ap-plication. The evaluation of the prototype resulted in the finding that micro and small business own-ers are interested in using the prototype once the content is provided. However, it also became ob-vious that the problem of GDPR compliance for SMEs is not going to be solved through a single tool and many small pieces need to be put together to facilitate the path to GDPR compliance for SMEs. The prototypical self-assessment tool could potentially be one of these pieces.
Studiengang: Wirtschaftsinformatik (Bachelor)
Fachbereich der Arbeit: Business Information System & IT-Management