Abstract: Data protection is given as an interlinked process of monitoring sensitive data within the frameworks, regulations and jurisdiction of a country, region
or specific organization. Where each country based on the GDPR appoints a data
protection authority which is responsible for investigating cybercrimes, correcting data and giving advice on data protection. The cyber threats developed in the
Western Balkans threatened privacy and data protection in almost every country
of this region, where many sensitive data fell into the hands of hackers or many
systems were blocked for a certain period of time. To prevent these two types of
problems, it is necessary to assign controls or filters to reduce the risk of unauthorized access to sensitive data. In our research, the collected data is classified
into three main categories (private, public, private), which are then analyzed
based on the amount and type of data circulating in the implemented systems, the
type of encryption used, encryption configurations and data backup, a solution is
provided in data protection by defining access controls to sensitive data. The purpose of our research is to provide insight into the current state of data protection
in governmental, public institutions, and various service companies in order to
provide a new solution that offers data protection which is based on the specifics
of the amount and type of data, encryption and coding of data before and during
transmission and data backup.