Institute of Mathematics and Informatics Bulgarian Academy of Sciences
Citation:
Serdica Journal of Computing, Vol. 13, No 3-4, (2019), 155p-170p
Abstract:
From the point of view of information systems, EU General Data Protection Regulation
(GDPR) is traditionally associated with the imposition of strict procedures and restrictions on the storage,
processing and transmission of personal data. The aim of this paper is to propose a comprehensive approach
to implementing GDPR requirements in information systems and applications operating in the consumer
financing area. The research is based on an analysis of the business process and the typical information
infrastructure of a credit institution on one hand, and on specifics of GDPR compliance in this sector, on
another. As a result of this development, basic guidelines are proposed for how, while implementing GDPR's
requirements, business can be expanded by creating the fundamentals for introducing cutting-edge
information technologies, upgrading existing applications, developing new integration solutions, and
developing B2B platforms. The main conclusion made from this research is that when carefully planned
and implemented with the right technological solutions, GDPR compliance in the consumer financing
companies can open up new business and technological opportunities, thereby ensuring further optimization
of company operation and eventually enhancing customer satisfaction.