Towards a Management System Framework for the Integration of Personal Data Protection and Data Governance: A Case Study of Thai Laws and Practices

Abstract

Thailand's Personal Data Protection Act, B.E. 2562 (2019), is now in effect. Moreover, the General Data Protection Regulation (GDPR) has been deemed fully operational. These two regulations have been mentioned in order to improve all Thai and international economic sectors as well as Thai public sectors. This study's objective is to establish a new management system framework for firms that wish to comply with standards while incorporating a data governance framework. This framework will be known as the Framework for Personal Data Protection Integrated Data Governance Management System (PDP-DGMS). Subject matter experts validate PDP-DGMS with the Index of Item Objective Congruence (IOC). The results demonstrate that the framework's components are acceptable. The PDP-DGMS implementation will serve as a consulting direction for low-cost adoption and process enhancement, both of which will largely benefit SMEs.