Den digitalt suveräna staten : En undersökning av inställningen till nationell datalagring av personuppgifter hos statliga myndigheter / The digitally sovereign state : An investigation into the attitude towards national data storage of personal data within Swedish public authorities

Gordon Hultsjö, Joel

January 2021

The number of scandals during the past years regarding the use and misuse of digital storage of personal infor-mation in combination with the implementation of the General Data Protection Regulation (GDPR) within the EU member states, has resulted in a resurfaced discussion of sovereignty within the public sphere in relation to the storage of digital information. This master thesis examines the attitudes towards national data storage of personal data within twenty Swedish public agencies in the context of the analytical term Digital sovereignty.The thesis uses semi-structured interviews with employees working with data protection and qualitative con-tent analysis of internal documents connected to personal data management, in order to examine Swedish govern-ment agencies attitudes towards national data storage of personal information. The responses of the interviews and the internal policy documents in the area of personal data protections is viewed through the analytic term Digital sovereignty. The government agency the Swedish social security agency’s definition of Digital sovereignty is used in the thesis, which focuses on national governments ability to have control over both the technical and geograph-ical processing and storage of their citizen’s personal data.The thesis concludes that Swedish authorities takes the risk of transfer of personal data to third countries outside of the EU very seriously, while they also see the need to find legal ways to transfer personal data to these same countries. The thesis also concludes that Swedish government agencies try to avoid cloud services and are cautious in their use due to the implications they have for information and data security, while other research have shown that cloud services are used extensively within Swedish government agencies. The thesis also concludes that there is a lack of interest in national data storage of personal information within Swedish government, which can partially be attributed to the relationship between the General Data Protections Regulation and data storage regulation on a national level in Sweden. This leads to the final conclusion in this thesis, which is that there is some indication that the future of storage of personal data with the EU member states lies not in nationally managed cloud services, but rather in a federated cloud service on EU-level such as the currently ongoing project Gaia-X. This is a two years master's thesis in Archival science.

Digital Sovereignty

Cloud Service

Data storage

GDPR

Government Agencies

Information security

Digital suveränitet

Molntjänst

Datalagring

Dataskyddsförordningen

GDPR

Personuppgifter

Statliga myndigheter

Informationssäkerhet

Tredjelandsöverföring.

Other Humanities not elsewhere specified

Övrig annan humaniora

The human connection to information security : A qualitative study on policy development, communication and compliance in government agencies / Den mänskliga kopplingen till informationssäkerhet : En kvalitativ studie om policyutveckling, kommunikation och efterlevnad inom statliga myndigheter

Abdulhadi, Osama

January 2023

The human factor and insider threats play a crucial role in information security. In today’s digital age, protecting organizational data requires a deep understanding of human behaviour and its impact on information security. The increasing volume of electronically stored data has led to a rise in cyber threats and breaches, necessitating effective information security policies and regulations. This study focuses on the experiences and perspectives of employees and top management in government agencies regarding the development, communication, compliance, and attitudes towards information security policies and regulations. Semi-structured interviews were conducted with participants from both top management or information security officers and regular employees, which allowed for an in-depth exploration of their experiences and perspectives. The findings show that government agencies systematically develop policies by engaging stakeholders, ensuring accessibility, and adhering to legal frameworks. Addressing the human factor involves training, awareness programs, and top management support. Policy development and implementation include risk assessment, stakeholder identification, objective setting, continuous review, and integration into daily operations. Communication channels such as intranets, training, coordinators, and awareness events are utilized, but their effectiveness is not directly measured. Proposed improvements include enhancing accessibility, improving policy document management, and using clearer language. Employees generally possess a positive attitude towards information security, though their understanding varies, and challenges to their understanding include complex language and unclear instructions. Compliance also varies, with difficulties arising from technical terminology and information overload. Enhanced compliance can be achieved through simplified language, providing better resources, and top management support. Proactive incident management focuses on learning and risk minimization. The human factor and insider threats remain significant concerns, which emphasizes the need for further education, awareness training, and motivation.

Communication

compliance

development

effectiveness

government agencies

human factor

information security

information security awareness

information security culture

information security management system

information security policy

insider threat

Information Systems, Social aspects

The Legal Powers of Health Agencies--Recent Developments

Sikora, Vincent A.

01 April 2002

No description available.

animals

prevention & control)

government agencies

guideline adherence

humans

meat (standards)

Pennsylvania

public health

public policy

United States

United States Department of Agriculture

standards)