Contributo in atti di convegno, 2019, ENG, 10.1145/3309772.3309779

GDPR and business processes: an effective solution

Bartolini C.; Calabró A.; Marchetti E.

University of Luxembourg, Luxembourg; CNR-ISTI, Pisa, Italy; CNR-Pisa, Italy

In the European Union, the recent update to data protection laws by virtue of the General Data Protection Regulation (GDPR) significantly changed the landscape of the processing of personal data. Consequently, adequate solutions to ensure that the controller and processor properly understand and meet the data protection requirements are needed. In enterprise reality it is quite common to use Business Process (BP) models to manage the different business activities. Hence the idea of integrating privacy concepts into BP models so as to leverage them to the role of GDPR recommenders. To this end, suggestions and recommendations about data management pursuant to GDPR provisions have been added to specific tasks of the BP, to improve both the process management and personnel learning and training. Feasibility of the proposed idea, implemented into an Eclipse plugin, has been provided through a realistic example.

APPIS 2019 - 2nd International Conference on Applications of Intelligent Systems, Las Palmas de Gran Canaria, Spain, 7-12 January 2019

Keywords

BPMN, Business Processes, General Data Protection Regulation (GDPR), Learning, Privacy by Design

CNR authors

Marchetti Eda, Calabro Antonello

CNR institutes

ISTI – Istituto di scienza e tecnologie dell'informazione "Alessandro Faedo"