Since 2018, companies have to respect the General Data Protection Regulation (GDPR). However, research has indicated that for many small and medium-sized enterprises (SME) it remains difficult to fully comply with the GDPR. This article describes SME's knowledge and challenges with regard to the implementation of the GDPR, from the perspective of sectoral organisations. By conducting qualitative interviews with sectoral organisations, we can come to the conclusion that SME's knowledge and awareness of the GDPR is limited. SMEs encounter many difficulties, for example in relation to the topics of transparency, Data Protection Impact Assessment (DPIA) and the concepts of controller and processor. Useful tools, accessible information and the necessary support must be provided in the future.
|Publisher||Studies on Media, Information and Telecommunication (SMIT)|
|Number of pages||14|
|Publication status||Published - 15 Jun 2020|