Aim/purpose – The paper contains descriptive exploratory research on the implementation of General Data Protection Requirements (GDPR) in a group of Polish public administration offices. The purpose of this research is to investigate the current state of personal data protection in the entities surveyed.
Design/methodology/approach – The diagnostic survey method using the Computer Assisted Web Interview was employed. The survey was conducted in local government administration offices a year and a half after the GDPR implementation.
Findings – All marshal offices and the majority of districts (about 80%) confirmed that they comply with all the GDPR requirements. The situation was slightly worse in municipal offices – about 23% of them declared that they do not comply with all the GDPR requirements. In officials’ opinion this situation may be improved by conducting training for employees, employee engagement, and appropriate support of the office management. Another aspect that draws attention is a very small budget dedicated to the GDPR implementation and maintenance in most of the offices surveyed.
Research implications/limitations – The limitation of the findings is the relatively low responsiveness of the questionnaire survey.
Originality/value/contribution – The research concerns a relatively new subject. The state of personal data protection in public administration in Poland after 18 months of the GDPR implementation was analyzed. So far, there is no comprehensive research that has been conducted into this field in local government administration.
y 