Att efterleva GDPR : En kvalitativ intervjustudie om handlingar, förberedelser och utmaningar kring införandet av den nya allmänna dataskyddsförordningen.

Sammanfattning: Because of the increased digitization, the amount of data that companies process has increased significant. The EU Commission, the European Parliament and the Council of Ministers have therefore instituted a new law to ensure that data is handled correctly. This new law comes into force on May 25th 2018 and is called GDPR, or the General Data Protection Regulation. This law stands over the recent “Personuppgiftslagen” (PuL) and therefore require higher standards on system development, communication and routines which leads to a whole new approach to data management. This essay explains the structure of the law, but focuses on finding out what specific actions the companies implement to comply with the law's requirements. The focus is also on studying whether these actions (and the law itself) will affect the activities and what the businesses themselves consider to be the greatest challenges for compliance at the moment.