The rapid development of digital technology together with new business models has
reached new levels in recent years, which has resulted in the processing of personal data
both increasing and changing. The problem with this development involves the violation
of personal integrity to a greater extent. In order to harmonize the processing of personal
data and to strengthen the protection of personal privacy, the EU has introduced a new
data protection regulation. The regulation will enter into force on May 25, 2018 and will
apply in national legislation, which will replace the Swedish Personal Data Act.
The purpose of the study was to identify what measures a number of organizations have
taken to comply with the rules of data protection regulations and the challenges that may
arise in the conversion. The study is limited to consent texts and processing of personal
data. The study is qualitative and we have, through interviews, taken note of a number of
organizations' views on challenges and measures regarding formulas of consent texts and
their personal data processing.
The conclusion in this study shows that all organizations have problems formulating
consent texts in an informative way, which is required for adequate data protection.
Organizations also see challenges in the processing of personal data. These challenges
consist of complex IT systems containing amounts of personal data that today cannot be
managed in accordance with the Data Protection Regulation, as relevant system support is
lacking.