Over the past decade, there has been a major increase in the volume of data stored or transfered between systems, users, or organisations. Additionally, the rate of sharing personal and corporate data across networks and public cloud platforms has increased greatly. This has also resulted in an increase in security and privacy issues, as network and online attackers are always searching for new methods of gaining unauthorised access to such data. Organisations encounter various challenges to deal with cyber attacks. Data Privacy Law is also a vast and multifaceted area of law that is ever evolving to keep up to date with technological advancements. The new General Data Protection Regulation (GDPR) comes in to force on the 28th of May and with it brings a lot of new changes that businesses will have to consider when collecting and holding personal data and the effects this will have on data privacy. Here we take a look at 10 dissertation topics to do with data privacy:
1) Evaluation of the Data Security & Privacy Issues Introduced by Bring Your Own Devices in Business Organisations
The introduction of smart devices such as mobile phones and laptops have resulted in the new phenomenon known as “bring your own device”, whereby an organisation’s employees can conduct their tasks or processes on their own personal devices. However, this approach also introduces major concerns about data security and privacy of corporate data, as employees take their devices everywhere with them, opening more opportunities for unauthorised access to corporate data. The aim of this dissertation is to critically evaluate the data security challenges introduced by BYOD and propose security policies that can aid organisations in implementing a secured BYOD structure.
Source: Rai, S., Chukwuma, P. and Cozart, R. (2017). Security and Auditing of Smart Devices: Managing Proliferation of Confidential Data on Corporate and BYOD Devices. NW: CRC Press.
2) Big Data in Healthcare: Addressing the Current Security Challenges of Electronic Health Systems in Healthcare Organisations
Like other industry sectors, healthcare organisations have also adopted the digitisation of their patients’ medical records. Consequently, health services are currently experiencing a growth in the total volume of data with regards to density, multiplicity and accuracy. However, issues such as patients’ confidentiality and privacy have also become major challenges, with various healthcare organisations experiencing data breaches in recent years. This dissertation aims to evaluate the major data privacy concerns of patiets, and identify the best security policies that can be implemented by healthcare organisations to prevent data breaches.
Source: Munns, C. and Basu, S. (2017). Privacy and Healthcare Data: ‘Choice of Control’ to ‘Choice’ and ‘Control’. New York: Routledge.
3) A Framework for Improving Data Privacy and Security of Public Cloud-based Enterprise Resource Planning Systems
The reliance on cloud based systems such as ERPS in businesses is growing daily, as these systems currently aid in carrying out several processes with improved operational effectiveness and dependability. However, cloud computing introduces securitY vulnerabilities to organisations. This aim of this dissertation is to evaluate the pertinent security vulnerabilities of cloud-based Enterprise Resource Planning systems, and subsequently propose a novel, conceptual, framework on how to improve the security structure of organisations using cloud-based ERPs.
Source: Kumar, V., Chaisiri, S. and Ko, R. (2017). Data Security in Cloud Computing. Idaho, U.S.: Institution of Engineering and Technology
4) Cyber attacks in organisations and the challenges for organisations
Organisations have to address various challenges to try to prevent cyber attacks from occurring. This dissertation aims to investigate the ways in which organisations try establish why the attacks have occurred, particularly in relation to their own staff. It aims to determine how organisations monitor their technology for possible cyber issues.
Source: Kumar, V. Chaisira, S. and Ko, R. (2017) Data security in cloud computing. Reading: Reading Institution of Computing and Technology.
5) How to train employees to be aware of possible cyber attacks
Employees are a significant factor in the prevention of cyber attacks. This dissertation aims to establish the ways in which organisations train employees to be aware of possible cyber attacks. It also aims to establish how staff are developed and empowered to work in a culture based on technological security.
Source: Leennes, R. Van Brakel, R. and Gutwirth, S. (2017) Data Protection and Privacy: (In)visibilities and infrastructure. New York: Springer.
6) Security today: What are the threats to personal and organisational data privacy?
Web security and the Internet face a constant threat for both private users and organisation. This dissertation aims to set out all the possible threats to data security, such as account hacking and insecure cloud services. The dissertation also aims to establish the costs of the security violations for individuals and organisations, for example, blackmail, theft of money, and identity fraud.
Source: Oppitz, M. and Tomsu, P. (2017) Inventing the Cloud Century: How Cloudiness Keeps Changing Our Life, Economy and Technology. New York: Springer.
7) What can organisations and individuals learn from the history of cyber attacks on security and data?
Cyber attacks have had a constant presence in the media in the last thirty years. What can be learnt from these attacks, and can recommendations be made based on an understanding of such attacks, to prevent them occurring? This dissertation aims to set out a history of the major cyber attacks that have occurred in the last twenty years, from 1998-2018. It also aims to make recommendations based on the knowledge of how these attacks occurred for preventing future attacks for both individuals and organisations.
Source: Middleton, B. (2017) A History of Cyber Security Attacks: 1980 to present. New York: CRP Press.
8) How will the GDPR Effect Data Privacy on Social Networks?
This topic would focus on the GDPR and the changes being brought in. Depending on the length of the dissertation you could include a few changes or focus on one that will have great effect on social networks, such as the changes to the legitimate use of data and consent (Article 4 of the GDPR). A recent event such as the Cambridge Analytica scandal would be good to include to analyse the effects that this change would have had on Facebook and whether or not it would have been preventable.
Source: Voight, P. (2017) The EU General Data Protection Regulation (GDPR): A Practical Guide. Basel: Springer.
9) Data Protection vs. Data Privacy: the new regulation is focused on protecting individuals’ privacy but will this regulation negatively affect businesses too much?
The focus of the General Data Protection Regulation (GDPR) is to enhance the safety of individuals online and their personal data. There are many protected rights such as the right to erasure of personal data and the right to object to processing. This dissertation would analyse the rights of individuals and focus on how businesses and institutions will fair with their added obligations. The dissertation will also look at the difficulty involved with this and also the risk of not ensuring these obligations are met, e.g. heavy fines.
Source: Salami, E. (2017). An Analysis of the General Data Protection Regulation (EU) 2016/679. SSRN Electronic Journal.
10) The Development and Harmonisation of Data Privacy Legislation. Data privacy has gone through numerous changes over the years, have these changes been advantageous? (Potential focus on research)
This dissertation will discuss the development of data privacy and the various pieces of legislation. It will also focus on the new regulation, the General Data Protection Regulation (GDPR) and whether this has struck the right balance between protection of privacy and innovation. It would also be good to focus on a particular area, such as research, where there has been a lot of development by the GDPR in terms of processing and consent, Article 6 (4) The GDPR also gives research a broad definition, Recital 159.
Source: Dobrick, Fischer, Hagen. (2018). Research Ethics in the Digital Age: Ethics for the Social Sciences and Humanities in Times of Mediatization and Digitization. Wiesbaden: Springer, pp.29-44