Original scientific paper
https://doi.org/10.25234/pv/23972
GDPR COMPLIANCE CHALLENGES IN CROATIAN MICRO, SMALL AND MEDIUM SIZED ENTERPRISES
Anamarija Mladinić
orcid.org/0009-0009-2597-7348
; Croatian Personal Data Protection Agency, Selska cesta 136, 10000 Zagreb, Croatia
Zdravko Vukić
; Croatian Personal Data Protection Agency, Selska cesta 136, 10000 Zagreb, Croatia
Ante Rončević
orcid.org/0000-0003-2527-9506
; University North, Trg dr. Žarka Dolinara 1, 48000 Koprivnica
Abstract
The General Data Protection Regulation (EU) 2016/679 which applies uniformly since 25th May 2018 in the European Economic Area (EEA) requires small and medium enterprises (SMEs) to respect the right to personal data protection of their clients, customers, and employees. The GDPR is designed to strengthen the data protection rights of all individuals within the EEA ensuring more effective protection for consumers and increased privacy considerations for businesses. However, even after more than four years of its entry into full application, the implementation of the GDPR is still an issue for Croatian SMEs, who, unlike the larger companies, very often lack the human and financial resources to comply with the data protection legal framework. This paper covers theoretical considerations and results of an online survey conducted with 345 SMEs in the Republic of Croatia with the aim to gain insights into their GDPR compliance hurdles. The results of the study have shown that the level of understanding of obligations arising from the GDPR among Croatian SMEs is rather low and that compliance with the data protection legal framework is not at a satisfactory level.
Keywords
compliance; Croatian SMEs; data protection authorities; General Data Protection Regulation (GDPR); personal data protection
Hrčak ID:
312961
URI
Publication date:
29.12.2023.
Visits: 1.095 *