1. Data breaches in healthcare: security mechanisms for attack mitigationLili Nemec Zlatolas, Tatjana Welzer-Družovec, Lenka Lhotska, 2024, izvirni znanstveni članek Opis: The digitalisation of healthcare has increased the risk of cyberattacks in this sector, targeting sensitive personal information. In this paper, we conduct a systematic review of existing solutions for data breach mitigation in healthcare, analysing 99 research papers. There is a growing trend in research emphasising the security of electronic health records, data storage, access control, and personal health records. The analysis identified the adoption of advanced technologies, including Blockchain and Artificial Intelligence, alongside encryption in developing resilient solutions. These technologies lay the foundations for addressing the prevailing cybersecurity threats, with a particular focus on hacking or malicious attacks, followed by unauthorised access. The research highlights the development of strategies to mitigate data breaches and stresses the importance of technological progress in strengthening data security. The paper outlines future directions, highlighting the need for continuous technological progress and identifying the gaps in the attack mitigations.
Ključne besede: data security, privacy, sensitive personal information, electronic health records, cybersecurity
Objavljeno v DKUM: 23.08.2024; Ogledov: 109; Prenosov: 9
 Celotno besedilo (1,51 MB) |
2. Cyber (in)security of personal data and information in times of digitizationMiha Dvojmoč, Mojca Tancer Verboten, 2022, izvirni znanstveni članek Opis: In an employment relationship, work and pay are no longer the only important aspects, as importance is increasingly shifting toward obligations concerning the protection of personal data and privacy arising from the prohibition of causing harm to the employer and the duty of loyalty to the employer. The article deals with the constitutionally protected right to privacy and the protection of personal data from the point of view of ensuring cyber security at the employer. The employer is obligated to protect the right to privacy by legal provisions, whereas from the point of view of ensuring the protection of privacy and information, the employer must protect, first and foremost, the personal data of employees. The main purpose of the legal protection of personal data is the lawful and fair processing of the personal data of individuals. Employers are thus facing an increasing number of risks related to the safety of employees and the security of business processes, and it is therefore important to establish comprehensive corporate security to ensure adequate security across all levels.
Ključne besede: cyber security, protection of personal data, protection of privacy, cyber threats, protection of business secrets
Objavljeno v DKUM: 11.06.2024; Ogledov: 150; Prenosov: 30
Celotno besedilo (375,13 KB)
Gradivo ima več datotek! Več... |
3. The policing perspective of personal data protection and the right to be forgotten in Europe and in the Republic of SloveniaMiha Dvojmoč, Tinkara Bulovec, Katja Eman, 2023, pregledni znanstveni članek Opis: Purpose:
The article raises the question, whether the data protection regulation in
police procedures is sufficient and whether it does not ‘harm’ the person subject
to the procedure.
Design/Methods/Approach:
The impact, advantages and disadvantages of legislative changes on
implementing specific police tasks (e.g. biometric data, facial recognition
systems and automatic identification of vehicle registration plates) are presented,
emphasising regulation in the Republic of Slovenia as a systematic literature
review.
Findings:
The latest changes in personal data protection were related to the definition,
collection, processing, use, transmission and storage of personal data. An
individual has rights relating to access to information, processing, correction,
restrictions on use, transferability, deletion and objection to the processing of
personal data. When police operate within the law, their powers must align with
constitutional and legal provisions. This alignment safeguards interventions
in individual privacy. Yet, without legal clarity, known as lex certa, there’s a
risk of actions becoming unwarranted intrusions into rights and freedoms. A
consensus is needed between the protection of individual privacy and enabling
the effective investigation and control of crime by law enforcement authorities.
Research Limitation/Implications:
The research was focus only on data protection regulation in police
procedures.
Practical Implication:
The findings of the article offer insight into data protection regulation in
police procedures and highlights the gaps and formulate starting points for
future research. Originality/Value:
The article is the first systematic literature review in data protection in police
procedures in Slovenia.
Ključne besede: protection of personal data, GDPR, police procedures, right to be forgotten, Slovenia
Objavljeno v DKUM: 15.01.2024; Ogledov: 287; Prenosov: 17
 Povezava na datoteko
Gradivo ima več datotek! Več... |
4. Is the essential facilities doctrine fit for access to data cases? The data protection aspectRok Dacar, 2022, izvirni znanstveni članek Opis: Personal data can be of great economic value for companies as it is an essential input for the offering of a wide array of services. One way for a company to obtain access to essential personal data controlled by another company is by demanding mandatory access on the grounds of the essential facilities doctrine. Such access, however, can violate the right to the protection of personal data of the data subjects if it is not based on one of the legitimate grounds for the processing of personal data set by the GDPR. Two of these grounds are especially likely to be applicable to the access to personal data mandated using the essential facilities doctrine: the interpretation of the Commission decision or the judgment of the Court of Justice ordering the granting of access as a legal obligation and the legitimate interest of the company requesting access, for such access. The anonymisation of personal data is not a viable option for the circumvention of the rules of the GDPR as anonymised personal data loses most of its economic relevance for companies.
Ključne besede: essential facilities doctrine, right to protection of personal data, grounds for processing personal data, anonymisation of personal data, General Data Protection Regulation
Objavljeno v DKUM: 26.09.2023; Ogledov: 394; Prenosov: 13
Celotno besedilo (657,05 KB)
Gradivo ima več datotek! Več... |
5. The Impact of the EU General Data Protection Regulation (GDPR) on mobile devicesDomen Hribar, Miha Dvojmoč, Blaž Markelj, 2018, izvirni znanstveni članek Opis: Purpose:
The purpose of this paper is to examine novelties introduced by the European Regulation (2016/679) on the Protection of Natural Persons with Regard to the Processing of Personal Data (GDPR) and its key impacts on mobile device users. The paper also presents some of the main changes affecting both natural persons and legal entities. Further, certain issues that might occur while implementing the Regulation are raised together with the degree of individuals’ awareness of the need to protect the personal data stored on their mobile devices.
Design/Methods/Approach:
For the purpose of this paper, we reviewed the legislation, Slovenian and international literature, brochures and media stories in the field of personal data protection. We also used a questionnaire to determine the degree of awareness of the importance of protecting personal data among the general population.
Findings:
The findings show that no revolutionary changes are introduced. Nevertheless, quite a few novelties concern data controllers and processors. In particular, penalties for breaching the GDPR are now much higher. Individuals’ rights are strengthened and easier to control. In contrast, data controllers and processors are subject to more stringent duties and legal obligations. These changes also apply to mobile device users. The research findings show that individuals are relatively well aware of the concept of personal data; however, the scope of their knowledge shrinks as this concept becomes increasingly complex. Familiarity with the new Regulation (2016/679) having been introduced at the EU level was claimed by 55% of the respondents (N = 195).
Research Limitations / Implications:
The limitations stem from the selective choice of the GDPR’s impact on mobile device users. More important influences are emphasised.
Originality/Value:
The findings will help both individuals and legal entities understand the changes brought to the area of data protection and tackle them more successfully.
Ključne besede: personal data protection, GDPR, Personal Data Protection Act, mobile devices
Objavljeno v DKUM: 20.04.2020; Ogledov: 1403; Prenosov: 88
Celotno besedilo (366,32 KB)
Gradivo ima več datotek! Več... |
