I am now extending my user evaluation (January-February schedule) to March as January was a quiet month. It has been difficult to get practitioners in industry to commit their time to participate in my user evaluations study. Personal data incidents are still regarded ‘scary’ stuff to disclose or to talk about openly or even privately with a researcher.
Even after I reassure folks that my research does not require disclosing any personal or commercially sensitive information, folks (esp. senior managers) still won’t allow their employees (those that have the relevant knowledge/experience) to share and participate in my research.This is a pity as they will certainly learn something in sharing and participating in my user evaluation. According to this news, the #FCA is to require UK banks to make details of cyber security #incidents public from August 2018. Under the GDPR, organisations processing personal data of EU residents/citizens will need to report certain breaches to the ICO and also to affected individuals. My prototype dashboard will help organisations to conduct an initial personal data harm assessment.
So far, practitioners who took my user evaluation study involving a questionnaire and the prototype dashboard have expressed positive remarks and provided suggestions for further improvement or commercialisation of the prototype concepts.