نوع مقاله : مقاله پژوهشی
نویسندگان
1 گروه مدیریت فن آوری اطلاعات ، واحد بین المللی کیش، دانشگاه آزاد اسلامی، کیش، ایران
2 گروه مدیریت فناوری اطلاعات، دانشکده مدیریت و اقتصاد، واحد علوم و تحقیقات، دانشگاه آزاد اسلامی، تهران، ایران
3 گروه مدیریت صنعتی، دانشکده مدیریت، دانشگاه آزاد اسلامی، واحد کرج، دانشگاه آزاد اسلامی، واحد کرج، ایران
4 گروه مدیریت فناوری اطلاعات، واحد تهران مرکزی، دانشگاه آزاد اسلامی، تهران، ایران
چکیده
کلیدواژهها
موضوعات
عنوان مقاله [English]
نویسندگان [English]
Objective: In the contemporary digital landscape, data governance stands as a critical challenge in both IT policy and technology law. Given the increasing volume of personal data processing and exchange, the necessity for a localized data governance framework, tailored to a country’s specific legal and technological infrastructure, is more pressing than ever. This study proposes a data governance model with a strong emphasis on privacy, addressing current challenges and providing practical solutions for improving personal data management. The primary objective is to develop a localized data governance framework for Iran, aligned with international standards such as the GDPR and the CCPA. By analyzing legal gaps, implementation challenges, and potential solutions, this study aims to establish a practical framework that not only enhances security and privacy protection but also fosters public trust in digital services.
Methodology: This applied-developmental study utilizes a mixed-methods approach. In the qualitative phase, legal documents, regulatory policies, and existing data governance models from Iran and other countries were analyzed. Furthermore, the Delphi method was employed to collect and examine the insights of 58 experts in technology, digital law, and information security. In the quantitative phase, Confirmatory Factor Analysis (CFA) was applied to validate the proposed model. Data were gathered through semi-structured expert interviews, a review of domestic laws and policies, and comparative studies with international frameworks. Key model indicators were extracted using qualitative content analysis, and statistical tests were employed to assess the model’s validity and reliability.
Findings: Results indicate that the primary challenges to data governance in Iran include the lack of an integrated legal framework, the absence of an independent regulatory body, and deficiencies in the enforcement of data protection policies. A comparative analysis with the European GDPR and the U.S. CCPA revealed that Iran lacks clear requirements for data processing transparency and independent oversight—two pillars of international standards. Furthermore, findings indicate high levels of privacy concern among Iranian users; 78% expressed anxiety regarding how their data is managed on domestic platforms. The proposed model comprises three dimensions (legal-policy, technical-technological, and organizational-regulatory), six components, and 24 operational indicators. Data analysis demonstrated that implementing this model could reduce privacy violations by 30.8%, increase user trust in digital services by 44.6%, and improve regulatory efficiency by 38.2%.
Conclusion: Data governance in Iran requires a transparent and binding framework that enhances security and user data protection while improving database interoperability and the efficiency of regulatory institutions. This study underscores that drafting comprehensive data governance legislation and establishing an independent regulatory body are critical steps. Additionally, implementing robust security policies, advanced encryption, and revising laws related to data collection and processing can mitigate cybercrimes and bolster public trust. A comparative analysis shows that the proposed model possesses a high degree of adaptability to global standards, suggesting that its proper implementation could enhance data protection standards by up to 79.4%. Ultimately, this research highlights the urgent need to reform data governance policies, enact new regulations, and increase transparency in personal data management. Future studies should focus on evaluating the practical implementation of this model within both public and private sectors.
کلیدواژهها [English]
ارسال نظر در مورد این مقاله