Abstract
Research background: The adoption of the GDPR Regulation prompted the introduction of a unified regulation on the protection of personal data and highlighted the need to implement security measures relating to information disseminated across businesses operating in several mainly European countries. In practice, the adopted internal standards at the group level are expected to be introduced to the internal environment of individual local subsidiaries. The need to take into account specificities of national legal systems, as well as a specific environment capable of creating a secondary response - a groundswell has also became important. The legal framework of privacy protection in relation to the confidentiality of information disclosed by employers thus represents a fundamental challenge for the interaction between global requirements and local legislation, taking into account the specific assumptions of the business entity concerned.
Purpose of the article: The aim of the paper is to describe the range of problems and solutions regarding the process of introducing internal processes of business entities in terms of data security. Moreover, the paper also pays attention to personal data protection legislation.
Methods: In an effort to achieve the set goal, the authors used analytical, inductive, deductive and comparative research methods in order to identify areas of problems in relation to intrusion into the privacy of individuals in the online environment and internal communication channels. By synthesising knowledge published in domestic and foreign literature it was possible to draw up the key terminology.
Findings & Value added: The experience of the authors in setting up the internal environment of business entities with regard to the issues in question (personal data protection and security of information disclosed in connection with the decision-making power of national regulators) contributes to the knowledge in the given field.