General Data Protection Regulation (GDPR) in Banking Institutions in Oman
VerifiedAdded on 2023/06/04
|8
|1496
|363
AI Summary
This proposal discusses the scope of GDPR in banking institutions in Oman, the statement of the problem, research question, literature review, findings, and recommendations. GDPR is a compliance requirement that banking institutions need to adhere to, and this proposal provides insights on how to comply with GDPR in Oman.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
GDPR 1
GENERAL DATA PROTECTION REGULATION
By: (NAME)
(COURSE TITLE)
(TUTOR NAME)
(COLLEGE NAME)
(DATE)
GENERAL DATA PROTECTION REGULATION
By: (NAME)
(COURSE TITLE)
(TUTOR NAME)
(COLLEGE NAME)
(DATE)
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
GDPR 2
Abstract
General Data Protection Regulation (GDPR) was adopted on 27th of April by EU. The
regulation then came into full effect on 25th May 2018. The main of GDRP is to make unify and
strengthen data protection for individuals in European Union. GDPR is also intended to address
the misuse of personal information especially PIN numbers for all EU citizens. In addition,
GDPR was intended to address of business landscape in European Union. This proposal
discusses how Oman has approached the issue of GDRP.
Keywords:
GDPR: General Data Protection Regulation
EU: European Union
Abstract
General Data Protection Regulation (GDPR) was adopted on 27th of April by EU. The
regulation then came into full effect on 25th May 2018. The main of GDRP is to make unify and
strengthen data protection for individuals in European Union. GDPR is also intended to address
the misuse of personal information especially PIN numbers for all EU citizens. In addition,
GDPR was intended to address of business landscape in European Union. This proposal
discusses how Oman has approached the issue of GDRP.
Keywords:
GDPR: General Data Protection Regulation
EU: European Union
GDPR 3
Table of Contents
Abstract.......................................................................................................................................................2
Introduction.................................................................................................................................................4
Statement of the problem.............................................................................................................................4
Scope of the proposal..............................................................................................................................4
Research question....................................................................................................................................4
Literature Review........................................................................................................................................5
Discussion and analysis...............................................................................................................................6
Conclusion...................................................................................................................................................7
Introduction
Table of Contents
Abstract.......................................................................................................................................................2
Introduction.................................................................................................................................................4
Statement of the problem.............................................................................................................................4
Scope of the proposal..............................................................................................................................4
Research question....................................................................................................................................4
Literature Review........................................................................................................................................5
Discussion and analysis...............................................................................................................................6
Conclusion...................................................................................................................................................7
Introduction
GDPR 4
This proposal contains four main sections. The first section discusses the scope of the
work. Also, a statement of the problem has been outlined. The second part is the literature
review. In here the proposal has outlined the areas where GDRP has been implemented in the
areas of banking its effects. The third part discusses the findings from the literature review and
gives a recommendation for the findings. The last part is the conclusion.
Statement of the problem
The banking sector is one of the sections all over the world which is highly regulated but
most of the banking institutions especially in Oman have been thrown off by the complex nature
of GDPR which took effect from on 25th May 2018. Due to this proposal will seek to answer one
question. How can banking organizations address the complex nature of GDPR for full
implementation of GDPR?
The scope of the proposal
This proposal mainly covers GDPR issue in banking institutions especially in Oman as
banks in Oman has made a remarkable contribution to growing Oman’s economy. Even though
Oman has not complied with the requirement as required by GDPR regulation, banking
institutions in Oman need to take measures to comply with GDPR as it protects the personal
information of individuals. This because Oman banking institutions collect information of their
customers therefore they have no option except to abide by all the provisions of the GDPR.
Research question
In order to address the issue of complexity, one research question will be answered in this
proposal
1. How Oman has approached the issue of GDRP.
This proposal contains four main sections. The first section discusses the scope of the
work. Also, a statement of the problem has been outlined. The second part is the literature
review. In here the proposal has outlined the areas where GDRP has been implemented in the
areas of banking its effects. The third part discusses the findings from the literature review and
gives a recommendation for the findings. The last part is the conclusion.
Statement of the problem
The banking sector is one of the sections all over the world which is highly regulated but
most of the banking institutions especially in Oman have been thrown off by the complex nature
of GDPR which took effect from on 25th May 2018. Due to this proposal will seek to answer one
question. How can banking organizations address the complex nature of GDPR for full
implementation of GDPR?
The scope of the proposal
This proposal mainly covers GDPR issue in banking institutions especially in Oman as
banks in Oman has made a remarkable contribution to growing Oman’s economy. Even though
Oman has not complied with the requirement as required by GDPR regulation, banking
institutions in Oman need to take measures to comply with GDPR as it protects the personal
information of individuals. This because Oman banking institutions collect information of their
customers therefore they have no option except to abide by all the provisions of the GDPR.
Research question
In order to address the issue of complexity, one research question will be answered in this
proposal
1. How Oman has approached the issue of GDRP.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
GDPR 5
Literature Review
General Data Protection Regulation (GDPR) is a structure which sets developed by the
European Commission so as to make countries in Europe to fit in the current digital age. In 2018
EU agreed on what was to be enforced and how it was to be done. According to the EU, the
digital future can solitary be built on trust. This is to mean that people can only be sure in the
digital world if they're in control of their personal data (Kraus, 2015).
In banking data breaches inevitably happens and most are the times when information
gets lost or even stolen as a result information is released into hands of people who have
malicious intent. Under the terms of the regulation, not every organization is required to ensure
that personal data is gathered under very strict conditions and legally. In banking institutions, this
is not the case as institutions are supposed to deal with information about the financial status of
an individual. This means that those people collect it are obliged to protect the information from
exploitation and misuse as the well as the right of their customer or they will face penalties.
Since most banking institutions do business with EU countries then the GDPR compliance is a
requirement (Kuner, 2014). In Oman, any organization ensures GDPR compliance by first
identifying the reason as to why they need personal data. As an institution in Oman, one must
have a lawful basis of processing and gathering personal information. Example, an organization
might want to gather personal information about individuals to facilitate payment or tax
purposes. Second, an organization is required to process personal information on the basis of
consent. An individual must be informed may be through a written statement with clearly stated
reasons (Paul, 2014). Third, organization are required to keep their customers informed about the
personal information right. This means that GDPR gives individuals a more control of their
information which organizations or any institution need to let their customers know their choices
and rights. Forth, organizations are required to use what Oman government call self-service so as
Literature Review
General Data Protection Regulation (GDPR) is a structure which sets developed by the
European Commission so as to make countries in Europe to fit in the current digital age. In 2018
EU agreed on what was to be enforced and how it was to be done. According to the EU, the
digital future can solitary be built on trust. This is to mean that people can only be sure in the
digital world if they're in control of their personal data (Kraus, 2015).
In banking data breaches inevitably happens and most are the times when information
gets lost or even stolen as a result information is released into hands of people who have
malicious intent. Under the terms of the regulation, not every organization is required to ensure
that personal data is gathered under very strict conditions and legally. In banking institutions, this
is not the case as institutions are supposed to deal with information about the financial status of
an individual. This means that those people collect it are obliged to protect the information from
exploitation and misuse as the well as the right of their customer or they will face penalties.
Since most banking institutions do business with EU countries then the GDPR compliance is a
requirement (Kuner, 2014). In Oman, any organization ensures GDPR compliance by first
identifying the reason as to why they need personal data. As an institution in Oman, one must
have a lawful basis of processing and gathering personal information. Example, an organization
might want to gather personal information about individuals to facilitate payment or tax
purposes. Second, an organization is required to process personal information on the basis of
consent. An individual must be informed may be through a written statement with clearly stated
reasons (Paul, 2014). Third, organization are required to keep their customers informed about the
personal information right. This means that GDPR gives individuals a more control of their
information which organizations or any institution need to let their customers know their choices
and rights. Forth, organizations are required to use what Oman government call self-service so as
GDPR 6
to manage data access efficiently and quickly. Lastly, organizations must ensure that they
provide data in an accessible format and if required to delete they need to do so. In addition,
organizations are supposed to control who accesses what personal information (Mantelero,
2013).
Discussion and analysis
To start with banking institutions in Oman need to note that GDPR applies to them. This
is because most of the banking institutions have customers who are based in EU. In addition, to
this according to EU, if an organization transacts business with an organization in EU, then the
organization have no option of complying with GDPR standard (Victor, 2014).
Even though banking institutions in Oman have ensured GDPR compliance one issue is
left for all banking institutions to consider every time GDOR is mentioned; to the organizations
have those systems and technologies in play to be able to detect, respond, and spot any form of
data breach. Any banking institution need to have a notification system in play where maybe
authorities are notified in case any form of a data breach is detected (Pfleeger, 2017). Example
EU organizations have adopted a 72 hours notification system which has played a major role in
ensuring GDPR compliance. In addition to this, all banking institutions in Oman need to conduct
an audit of their organizations which in turn will help in determining how to apply GDPR
(Saunders, 2017). Lastly, banking institutions in Oman need to hire DPOs who is required to
oversee GDPR compliance. They are also supposed to train their staff who deal with personal
information. In addition, DPO will also be mandated in preparing right to data portability
(Koops, 2014).
to manage data access efficiently and quickly. Lastly, organizations must ensure that they
provide data in an accessible format and if required to delete they need to do so. In addition,
organizations are supposed to control who accesses what personal information (Mantelero,
2013).
Discussion and analysis
To start with banking institutions in Oman need to note that GDPR applies to them. This
is because most of the banking institutions have customers who are based in EU. In addition, to
this according to EU, if an organization transacts business with an organization in EU, then the
organization have no option of complying with GDPR standard (Victor, 2014).
Even though banking institutions in Oman have ensured GDPR compliance one issue is
left for all banking institutions to consider every time GDOR is mentioned; to the organizations
have those systems and technologies in play to be able to detect, respond, and spot any form of
data breach. Any banking institution need to have a notification system in play where maybe
authorities are notified in case any form of a data breach is detected (Pfleeger, 2017). Example
EU organizations have adopted a 72 hours notification system which has played a major role in
ensuring GDPR compliance. In addition to this, all banking institutions in Oman need to conduct
an audit of their organizations which in turn will help in determining how to apply GDPR
(Saunders, 2017). Lastly, banking institutions in Oman need to hire DPOs who is required to
oversee GDPR compliance. They are also supposed to train their staff who deal with personal
information. In addition, DPO will also be mandated in preparing right to data portability
(Koops, 2014).
GDPR 7
Conclusion
GDPR is a compliance requirement which most organizations need to always consider all
over the world. As highlighted in this study, banking institutions are required to adhere to GDPR.
They need to ensure that the current systems enable the organization to comply with individual’s
right under GDPR. Also, banking in Oman needs to ensure that data security controls are
installed into their systems and updated on regular basis.
Conclusion
GDPR is a compliance requirement which most organizations need to always consider all
over the world. As highlighted in this study, banking institutions are required to adhere to GDPR.
They need to ensure that the current systems enable the organization to comply with individual’s
right under GDPR. Also, banking in Oman needs to ensure that data security controls are
installed into their systems and updated on regular basis.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
GDPR 8
References
Koops, B. a. L., 2014. Privacy regulation cannot be hardcoded. A critical comment on the
‘privacy by design provision in data-protection law. International Review of Law, Computers &
Technology, II(3), pp. 159-171.
Kraus, 2015. On the Regulation of Personal Data Flows in Europe and the United States.
Computer Security, II(1), pp. 59-63.
Kuner, 2014. The European Commission's proposed data protection regulation. A copernican
revolution in European data protection law., I(1), pp. 56-78.
Mantelero, 2013. The EU Proposal for a General Data Protection Regulation and the roots of the
‘right to be forgotten’.. Computer Law & Security Review, III(29), pp. 229-235.
Paul, 2014. General data protection regulation. Official Journal of the European Union, IX(1),
pp. 1-88.
Pfleeger, 2017. Security in computing. Computer security, II(2), pp. 54-78.
Saunders, A. a. T., 2017. Financial institutions management. Computer Security, IV(1), pp. 44-
76.
Victor, 2014. The EU general data protection regulation: Toward a property regime for
protecting data privacy. Computer Security, II(1), pp. 31-56.
References
Koops, B. a. L., 2014. Privacy regulation cannot be hardcoded. A critical comment on the
‘privacy by design provision in data-protection law. International Review of Law, Computers &
Technology, II(3), pp. 159-171.
Kraus, 2015. On the Regulation of Personal Data Flows in Europe and the United States.
Computer Security, II(1), pp. 59-63.
Kuner, 2014. The European Commission's proposed data protection regulation. A copernican
revolution in European data protection law., I(1), pp. 56-78.
Mantelero, 2013. The EU Proposal for a General Data Protection Regulation and the roots of the
‘right to be forgotten’.. Computer Law & Security Review, III(29), pp. 229-235.
Paul, 2014. General data protection regulation. Official Journal of the European Union, IX(1),
pp. 1-88.
Pfleeger, 2017. Security in computing. Computer security, II(2), pp. 54-78.
Saunders, A. a. T., 2017. Financial institutions management. Computer Security, IV(1), pp. 44-
76.
Victor, 2014. The EU general data protection regulation: Toward a property regime for
protecting data privacy. Computer Security, II(1), pp. 31-56.
1 out of 8
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.