EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Human Resources and GDPR Compliance: Lessons from Romanian Data Protection Case Law on Workplace Privacy

Volosevici Dana ()
Additional contact information
Volosevici Dana: Petroleum-Gas University of Ploiesti, Ploiesti, Romania

Proceedings of the International Conference on Business Excellence, 2025, vol. 19, issue 1, 4329-4344

Abstract: The General Data Protection Regulation (GDPR) has been in force since May 2018, yet its implementation in employment relationships continues to present compliance challenges. This study examines the intersection of data protection and labor law by analyzing how the Romanian Data Protection Authority (DPA) interprets and enforces GDPR principles in workplace settings. The research is based on an empirical analysis of decisions issued by the Romanian DPA, offering insights into common compliance failures and risk mitigation strategies. The study identifies two primary categories of GDPR breaches in employment contexts. The first includes direct violations committed by employers, such as unauthorized data collection, failure to ensure transparency, and excessive monitoring through video surveillance or electronic tracking. The second category consists of violations formally attributed to employers but triggered by employee actions, highlighting the importance of internal safeguards and employee training. The research further demonstrates that non-compliance extends beyond employer-led processing to include unauthorized disclosures, misuse of biometric data, and failures in data retention policies. Findings reveal that many breaches result from the inability of employers to justify legitimate interests, failure to consult employees before implementing monitoring systems, and inadequate security measures. The study underscores the necessity of a structured compliance framework in human resource management, advocating for transparent monitoring policies, strict access controls, and periodic security assessments. By integrating legal analysis with human resource management principles, this research contributes to the broader discourse on GDPR compliance in employment relations. It highlights the importance of interdisciplinary approaches in shaping data protection strategies and reinforces the need for organizations to adopt risk-based methodologies to mitigate regulatory exposure.

Keywords: GDPR; employment relationships; workplace surveillance; data protection; human resource management; regulatory compliance (search for similar items in EconPapers)
Date: 2025
References: Add references at CitEc
Citations:

Downloads: (external link)
https://doi.org/10.2478/picbe-2025-0332 (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:vrs:poicbe:v:19:y:2025:i:1:p:4329-4344:n:1037

DOI: 10.2478/picbe-2025-0332

Access Statistics for this article

Proceedings of the International Conference on Business Excellence is currently edited by Alina Mihaela Dima

More articles in Proceedings of the International Conference on Business Excellence from Sciendo
Bibliographic data for series maintained by Peter Golla ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-07-29
Handle: RePEc:vrs:poicbe:v:19:y:2025:i:1:p:4329-4344:n:1037