Home » R&I Project Hub » BPR4GDPR

Error message

Warning: Use of undefined constant REQUEST_URI - assumed 'REQUEST_URI' (this will throw an Error in a future version of PHP) in eval() (line 2 of /var/www/html/web/modules/php/php.module(80) : eval()'d code).


Business Process Re-engineering and functional toolkit for GDPR compliance

Renata Carvalho

01 May 2018

30 April 2021

EC funded project


The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

The BPR4GDPR project has received funding from the European Union’s Horizon 2020 innovation programme under grant agreement No.787149 (Innovation Action) and coordinated by CAS SOFTWARE AG.

The goal of BPR4GDPR (Business Process Re-engineering and functional toolkit for GDPR compliance) is to provide a holistic framework able to support end-to-end GDPR-compliant intra- and interorganisational ICT-enabled processes at various scales, while also being generic enough, fulfilling operational requirements covering diverse application domains.

The proposed solutions in BPR4GDPR will have a strong semantic foundation and cover the full process lifecycle addressing major challenges and priorities posed by the regulation, including requirements interpretation, broad territorial scope, accountability, security means enforcement, data subject’s rights and consent, unified data view and processing actions inventory, privacy by design, etc.

Who is the project designed for?

Public Sector Organizations, IT SMEs, Researchers, Security Software Industry, End User Organizations, Cyber insurance companies, Policy & Regulators, Academia, ICT Sectors.

How will your project benefit the end-user?

BPR4GDPR adopts a holistic approach for GDPR compliance, addressing the requirements during different operational phases. In this context, BPR4GDPR will facilitate the enforcement of appropriate organisational and technical measures required for data protection, by automating several aspects of “compliance engineering”. To this end, it will be based on a number of enabling pillars:

  • Comprehensive security and data protection policies,
  • Incorporation of policies into process models,
  • Automatic process models re-engineering in terms of compliance-aware verification and transformation,
  • Tools for facilitating run-time compliance enforcement,
  • Process mining for the identification of compliance discrepancies and discovery of organisational procedures.

BPR4GDPR Project of the Week 17-21 June 2019.

Vertical Category: