A Review of General Data Protection Regulation for Supply Chain Ecosystem

The data-intensive digital supply chain management (SCM) ecosystems seem to be impacted by the recent changes in the regulations and advancement in technologies such as Artificial Intelligence, Big Data, Analytics, Networking, IoT including proliferation of less expensive hardware devices. There is limited guidance available on how to govern the logistics sector, particularly from a regulatory compliance perspective. Through this paper, we investigate the impact of General Data Protection Regulation (GDPR) on digitized SCM. The key questions are: What are the GPDR specific legal obligations? What is the best approach to manage data access, quality, privacy, security and ownership effectively in SCM? This research paper aims to assist researchers and practitioners to understand the impact of GDPR on SCM, provide the 4I (Identify, Insulate, Inspect, Improve) Framework and its applicability to streamline the GDPR compliance activities.