Personal data and information security challenges in social work
Author(s) | ||
---|---|---|
Date Issued |
---|
2021 |
Information security and data protection are crucial domains for social services institutions. In this regard, the European Union Directive concerning measures for a high common level of security of network and information systems across the Union, and the General Data Protection Regulation are essential documents in defining standards of information security and data protection. The regulatory initiative of the European Commission reflects the increased need for legislative guidance, as rapid technological developments and globalisation have created new challenges for the protection of personal data and information. In recent years, new forms of information technology (e.g., sensors and mobile devices) have dramatically expanded the range of data that can be measured and analysed. This poses entirely new challenges for information security and personal data protection. At the same time, data accessibility is essential for social services institutions to be competitive in the modern world. New regulations from European Union made data management more complex. At the same time, personnel working under new regulations related to information security and data protection have experienced a lot of challenges while applying them in practice. This aspect is not widely analysed in scientific literature from qualitative point of view. The aim is to reveal the experiences of social workers in ensuring personal data and information security requirements in social services institutions. The choice of the qualitative research methodology was determined by the purpose of the research. For the qualitative research, the focus group method was chosen, reflecting with the study participants their work experience. The focus group discussion was attended by social workers responsible for the protection of information security and personal data in social service institutions. At the stage of data analysis, the discussion records were transcribed. Qualitative content analysis was applied for analyzing the text. The qualitative data analysis revealed that although every organization has prepared documents on personal data protection, social workers still lack the knowledge and competencies to meet the requirements of the General Data Protection Regulation. Findings reveal that institutions are often confronted with the accumulation of redundant information. Although social workers are offered with a wide range of training, there is a lack of training related to the protection of personal data in specific domains. Social workers understand the importance of personal data protection and are committed to developing their competencies.