EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

MANAGING INDONESIAN DATA BREACH NOTIFICATION IN THE FINANCIAL SERVICES SECTOR: A CASE FOR ONE-STOP NOTIFICATION MODEL

Muhammad Deckri Algamar (), Abu Bakar Munir and Hendro ()
Additional contact information
Muhammad Deckri Algamar: Universitas Indonesia, Indonesia
Abu Bakar Munir: University of Malaya, Malaysia
Hendro: Deloitte, Indonesia

Journal of Central Banking Law and Institutions, 2024, vol. 3, issue 3, 547-584

Abstract: As a business of trust, the banking and financial services industry must protect its reputation to ensure consumer’s confidence. However, recent adoption of emerging internet communication technologies (ICT) have introduced new risks and challenges, such as safeguarding systems from cyberattacks and protecting consumer’s personal data. Cyberattacks, especially ransomware have shed new light on the importance of privacy and security throughout the banking and financial industry’s digitization efforts. Any organisation affected by cybersecurity attacks must face a twofold legal question. First, whether or not there has been a violation of the legal security requirements? Second, is to determine whether the attack triggers Data Breach Notification to the Data Protection Authority and/or Data Owners. This paper examines the complexity of maintaining security obligations under Indonesian Law (UU ITE, UU PDP, RPP PDP, and other relevant regulations) while also highlighting the common challenges in steering Data Breach Notification, with an enhanced perspective of the European General Data Protection Regulation (EU GDPR) practices. To address the challenges of patchwork data breach notification requirements in Indonesia, this paper proposes a proactive approach by Indonesia’s future Personal Data Protection Authority in creating a one-stop notification model to enable effective data breach incident management and notification

Keywords: data breach notification; cybersecurity; personal data protection authority; financial service (search for similar items in EconPapers)
Date: 2024
References: Add references at CitEc
Citations:

Downloads: (external link)
https://jcli-bi.org/index.php/jcli/article/view/165/70 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:idn:jclijn:v:3:y:2024:i:3g:p:547-584

DOI: 10.21098/jcli.v3i3.271

Access Statistics for this article

Journal of Central Banking Law and Institutions is currently edited by Dr. Arie Afriansyah

More articles in Journal of Central Banking Law and Institutions from Bank Indonesia Contact information at EDIRC.
Bibliographic data for series maintained by Sudiro Pambudi () and R. Dwi Tjahja Kusumo Wardhono ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:idn:jclijn:v:3:y:2024:i:3g:p:547-584