Vol. 3 No. 2 (2023): Journal of Millimeterwave Communication, Optimization and Modelling

Privacy and Data Security Assessment for IT Vendor Services - strategic approach for Vendor IT Services analysis under GDPR

Ss. Cyril and Methodius University

Published 31.12.2023


  • data,
  • privacy,
  • security,
  • GDPR,
  • IT services,
  • vendor
  • ...More


The large loads in current systems in terms of software and hardware make many different institutions and organizations buy IT services - such as: software hosting, hardware and software infrastructure or even different equipment for data storage. All these requests for additional resources make institutions and organizations exposed to numerous risks that threaten privacy and data security. In order to provide secure services and to prevent potential attacks, various institutions and organizations use high standards to prevent data attacks and privacy violations. One of them is GDPR - 2016/679 - General Data Protection Regulation) comes in two versions OJ L 119, 04.05.2016; cor. OJ L 127, 23.5.2018. This research identifies the largest services that are purchased, including the names of the sellers and the services according to the level of security they provide are classified into five categories which are controlled in terms of the harmonization between privacy and data security on the part of the service seller. . The purpose of this paper is to emphasize the importance of GPDR in the choice of services that are purchased by the user and the service provider.


  1. (SAMHSA), T. S. (2022, January). Substance Abuse and Mental Health Services Administration. Retrieved from https://www.samhsa.gov/data/: https://store.samhsa.gov/sites/default/files/pep22-06-04-004.pdf
  2. Bussche, P. V. (n.d.). The EU General Data Protection Regulation (GDPR): A Practical Guide.
  3. Commissioner, J. O. (2019). Data Protection (Jersey) Law 2018. Retrieved from Jerseyoic Organization : https://jerseyoic.org/resource-room/principles/
  4. Hert, D. W. (n.d.). Privacy Impact Assessment.
  5. Julia Lane, V. S. (n.d.). Privacy, Big Data, and the Public Good: Frameworks for Engagement.
  6. Lambert, P. (n.d.). Data Protection Officer: Responsibilities, Tools and Practices.
  7. Michelle Finneran Dennedy, J. F. (n.d.). The Privacy Engineer's Manifesto: Getting from Policy to Code to QA to Value.
  8. Miller, J. L. (n.d.). Privacy in the New Media Age.
  9. Mollakuqe Elissa, D. V. (2022). Data Security Analysis Based On Data Classification According To Data Sensitivity Case Study Data On Public And Private Universities In The Republic Of Kosovo. ICENTE 23 . Konya, Turkey.
  10. Mollakuqe Elissa, D. V.-M. (2022). Data Classification Based On Sensitivity In Public And Private Enterprises In The Republic Of Kosovo. https://proceedings.ictinnovations.org/2022/paper/573/data-classification-based-on-sensitivity-in-public-and-private-enterprises-in-the-republic-of-kosovo, (pp. 192-200). Skopje, North Macedonia.
  11. Office, T. I. (2018). The Information Commissioner's Office. Retrieved from https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/documentation/: https://ico.org.uk
  12. Search, J. (2022). Privacy Policy. Retrieved from https://jobskeysearch.com/index.php/privacy-policy-2/
  13. Shuang, P. R. (n.d.). Data Protection and Privacy: Jurisdictional Comparisons.
  14. Singh, M. T. (2020). Data Protection and Privacy: The Internet of Bodies.
  15. Ustaran, E. (n.d.). Global Privacy and Security Law.
  16. Wong, C. (n.d.). Security Metrics: A Beginner's Guide.