Abstract
The data-intensive digital supply chain management (SCM) ecosystems seem to be impacted by the recent changes in the regulations and advancement in technologies such as Artificial Intelligence, Big Data, Analytics, Networking, IoT including proliferation of less expensive hardware devices. There is limited guidance available on how to govern the logistics sector, particularly from a regulatory compliance perspective. Through this paper, we investigate the impact of General Data Protection Regulation (GDPR) on digitized SCM. The key questions are: What are the GPDR specific legal obligations? What is the best approach to manage data access, quality, privacy, security and ownership effectively in SCM? This research paper aims to assist researchers and practitioners to understand the impact of GDPR on SCM, provide the 4I (Identify, Insulate, Inspect, Improve) Framework and its applicability to streamline the GDPR compliance activities.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Manyika, J., Chui, M., Bughin, J., Dobbs, R., Bisson, P., Marrs, A.: Disruptive Technologies: Advances that will Transform Life, Business, and the Global Economy, vol. 180. McKinsey Global Institute San Francisco, CA (2013)
Survey Analysis: Top Digital SCM Take-Aways From Gartner’s 10th Annual SCM Technology User Wants and Needs Study https://www.gartner.com/document/3825464? (2017)
Gartner. Gartner Says Supply Chain Management Market Will Exceed $13 Billion in 2017, Up 11 Percent from 2016 (2017)
Charles, W., Chase, J.C.: The digital revolution is changing the supply chain landscape. J. Bus. Forecast. (2016)
Jalali, S., Bhatnagar, I.: Leveraging Internet of Things technologies and equipment data for an integrated approach to service planning and execution. In: 2015 IEEE Region 10 Symposium, 13–15 May 2015, pp 49–52. https://doi.org/10.1109/tensymp.2015.21
Mark Barratt, A.O.: Antecedents of supply chain visibility in retail supply chains: a resource-based theory perspective. J. Oper. Manage. (2007)
Kilian, J., Sarrazin, H., Yeon, H.: Building a design-driven culture Online verfügbar unter: http://www.mckinseycom/business-functions/marketing-and-sales/our-insights/building-a-design-driven-culture (0406 2017) (2015)
Supply Chain Systems Under Transformation—Key Trends and Growth Insights. Frost & Sullivan (2017)
Gartner. Get Ready for the Impact of GDPR on Content and Collaboration (2018)
Ben-Daya, M., Hassini, E., Bahroun, Z.: Internet of things and supply chain management: a literature review. Int. J. Prod. Res.1–24. (2017). https://doi.org/10.1080/00207543.2017.1402140
Chaudhuri, A.: Internet of things data protection and privacy in the era of the General Data Protection Regulation. J. Data Prot. Priv. 1,64–75 (2016)
Li, H., Yu, L., He, W.: The Impact of GDPR on Global Technology Development. Taylor & Francis (2019)
Amankwah-Amoah, J., Wang, X.: Opening editorial: contemporary business risks: an overview and new research agenda. J. Bus. Res. 97, 208–211. (2019). https://doi.org/10.1016/j.jbusres.2019.01.036
Accenture WEF: Industrial Internet of Things: Unleashing the Potential of Connected Products and Services (2015)
Hon, W.K., Millard, C.: Banking in the cloud: Part 2—regulation of cloud as ‘outsourcing’. Comput. Law Secur. Rev. 34, 337–357. (2018). https://doi.org/10.1016/j.clsr.2017.11.006
Walker-Osborn. Spotlight on the Cloud: Highlighting Industry Trends. Accessed 11 Mar 2018 (2016)
van den Broek, T., van Veenstra, A.F.: Governance of big data collaborations: how to balance regulatory compliance and disruptive innovation. Technol. Forecast. Soc. Change 129, 330–338. (2018). https://doi.org/10.1016/j.techfore.2017.09.040
Mayank, Y.: Ascertaining the factors that influence the acceptance and purposeful use of cloud computing in medical libraries in India. New Libr. World 117, 644–658. (2016). https://doi.org/10.1108/nlw-04-2016-0025
Hon, W.K., Millard, C.: Banking in the cloud: Part 3—contractual issues. Comput. Law Secur. Rev. (2018). https://doi.org/10.1016/j.clsr.2017.11.007
Holder, C., Khurana, V., Hook, J., Bacon, G., Day, R.: Robotics and law: key legal and regulatory implications of the robotics age (part II of II). Comput. Law Secur. Rev. 32, 557–576. (2016). https://doi.org/10.1016/j.clsr.2016.05.011
Akhir, E.A.P., Hughes, R.T., Cox, K.: Information Model to Support Sustainable Procurement, vol 95 (2017)
Franke, U.: The cyber insurance market in Sweden. Comput. Secur. 68, 130–144. (2017). https://doi.org/10.1016/j.cose.2017.04.010
Kalman, L.: GDPR and NIS Directive, Accountability, Security and Trust. Olswang (2017)
Edwards, L., McAuley, D., Diver, L.: From privacy impact assessment to social impact assessment. In: 2016 IEEE Security and Privacy Workshops (SPW), 22–26 May 2016. IEEE, pp. 53–57. https://doi.org/10.1109/spw.2016.19
Lahti, J.P., Helo, P., Shamsuzzoha, A., Phusavat, K.: IoT in electricity supply chain: review and evaluation. In: 2017 15th International Conference on ICT and Knowledge Engineering (ICT&KE), 22–24 Nov 2017, pp. 1–6. https://doi.org/10.1109/ictke.2017.8259615
Burden, K., Dauzier, J.: EU update. Comput. Law Secur. Rev. 33, 396–400. (2017). https://doi.org/10.1016/j.clsr.2017.04.002
Mansfield-Devine, S.: Data protection: prepare now or risk disaster. Comput. Fraud Secur. 5–12. (2016). http://dx.doi.org/10.1016/S1361-3723(16)30098-7
al-Khateeb, H., Epiphaniou, G., Reviczky, A., Karadimas, P., Heidari, H.: Proactive threat detection for connected cars using recursive Bayesian estimation. IEEE Sens. J. 1-1. (2018). https://doi.org/10.1109/jsen.2017.2782751
Ducato, R.: Cloud computing for s-Health and the data protection challenge. In: IEEE (2016)
Urquhart, L., McAuley, D.: Avoiding the internet of insecure industrial things. Comput. Law Secur. Rev. (2018). https://doi.org/10.1016/j.clsr.2017.12.004
Prat, N., Comyn-Wattiau, I., Akoka, J.: Artifact evaluation in information systems design-science research—a holistic view. In: PACIS Proceedings, p. 23 (2014)
Kuechler, B., Vaishnavi, V.: On theory development in design science research: anatomy of a research project. Eur. J. Inf. Syst. 17, 489–504 (2008)
Dasgupta, A., Gill, A.Q., Hussain, F.: Privacy of IoT-enabled smart home systems. In: IoT and Smart Home Automation. IntechOpen. (2019). https://doi.org/10.5772/intechopen.84338
Banakar, V., Shah, A., Shastri, S., Wasserman, M., Chidambaram, V.: Analyzing the Impact of GDPR on Storage Systems. arXiv preprint arXiv:190304880 (2019)
Bastos, D., Giubilo, F., Shackleton, M., El-Moussa, F.: GDPR Privacy Implications for the Internet of Things
Collibra. 6 Typical GDPR & Data Governance Questions, Explained. https://www.collibra.com/blog/8-gdpr-questions-answered/. Accessed 20 April 2018
Vargas, L., Hazarika, G., Culpepper, R., Butler, K.R.B., Shrimpton, T., Szajda, D., Traynor, P.: Mitigating risk while complying with data retention laws. Paper presented at the Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, Toronto, Canada (2018)
Security EUAFNaI. Information Sharing and Analysis Center (ISACs)—Cooperative Models (2018)
Yulianto, S., Lim, C., Soewito, B.: Information security maturity model: abest practice driven approach to PCI DSS compliance. In: 2016 IEEE Region 10 Symposium (TENSYMP), IEEE, pp. 65–70 (2016)
Romanou, A.: The necessity of the implementation of Privacy by Design in sectors where data protection concerns arise. Comput. Law Secur. Rev. 34, 99–110. (2018) https://doi.org/10.1016/j.clsr.2017.05.021
Korhonen, J.J., Lapalme, J., McDavid, D., Gill, A.Q.: Adaptive enterprise architecture for the future: towards a reconceptualization of EA. In: 2016 IEEE 18th Conference on Business Informatics (CBI), vol. 1, pp. 272–281 (2016)
Akalu, R.: Privacy, consent and vehicular ad hoc networks (VANETs). Comput. Law Secur. Rev. 34, 37–46. (2018). https://doi.org/10.1016/j.clsr.2017.06.006
Sen, A., Madria, S.: Data analysis of cloud security alliance’s security, trust & assurance registry. In: Proceedings of the 19th International Conference on Distributed Computing and Networking, p. 42. ACM (2018)
Acknowledgements
This research is funded by an Australian Government Research Training Program scholarship program.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Dasgupta, A., Gill, A.Q., Hussain, F. (2020). A Review of General Data Protection Regulation for Supply Chain Ecosystem. In: Barolli, L., Xhafa, F., Hussain, O. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing . IMIS 2019. Advances in Intelligent Systems and Computing, vol 994. Springer, Cham. https://doi.org/10.1007/978-3-030-22263-5_44
Download citation
DOI: https://doi.org/10.1007/978-3-030-22263-5_44
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-22262-8
Online ISBN: 978-3-030-22263-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)