A Holistic framework: Business Process Re-engineering and functional toolkit for GDPR compliance

BPR4GDPR adopts a holistic approach for GDPR compliance, addressing the requirements during different operational phases. In this context, BPR4GDPR will facilitate the enforcement of appropriate organisational and technical measures required for data protection, by automating several aspects of “compliance engineering”.

Currently, available privacy technology does not collectively cover important GDPR aspects, while process orientation has not been extensively incorporated either. BPR4GDPR will, therefore, offer privacy-by-design throughout the entire process lifecycle, based on a broad spectrum of innovations:

• Process analysis and redesign, i.e., automatic verification of process models but also transformation of non-conformant ones.
• A compliance toolkit encompassing sophisticated functionalities, including cryptography, data handling and notification mechanisms, user-centred tools ensuring consent, but also the exercise of other data subjects’ rights.
• Use of process mining for process discovery, process monitoring and controlling, enabling a posteriori analysis and compliance check of running processes.

How can BPR4GDPR project make a difference to potential end-users?

End-users will be organisations in need of technical measures to facilitate their compliance with GDPR. BPR4GDPR will provide a user-friendly environment for defining inherently GDPR-compliant processes and automatically including necessary measures, relieving customers from the considerable burden of continuous compliance assessment, and preventing business and other risks associated with potential violations. The above is due to the following:

• Automation: Both assessment and enforcement take place automatically.
• Coverage: BPR4GDPR incorporates more aspects tailored to GDPR and process orientation than other available solutions
• Configurability, i.e., one can start from baseline installation and add tools as needed, either from BPR4GDPR or external ones.

BPR4GDPR results, as standalone products, will benefit European competitiveness in the global privacy market, where EU currently appears rather underrepresented.

Besides, by increasing the effectiveness of data protection mechanisms and their integration in the service provision chain of European companies, BPR4GDPR aims at impacting their market position in several application domains, especially considering the security- and privacy-wise challenging trend to develop complex solutions on top of service-oriented architectures, by means of workflow-based service compositions. This will further provide for the increase of income and widening of the actual markets through customer satisfaction, as well as new services leveraging the BPR4GDPR mechanisms.

If you want to learn more about GDPR, stay tuned for the upcoming Cyberwatching webinar as we will gather all the GDPR cluster projects (PDP4E, SMOOTH, PAPAYA, DEFEND, POSEIDON, BPR4GDPR) together with our legal partner, ICT Legal.

More information about the BPR4GDPR Project is available on their website: http://www.bpr4gdpr.eu/

• @BPR4GDPR
• in/BPR4GDPR

See more updates on our social media channels.

• Twitter: @cyberwatchingeu
• LinkedIn: in/Cyber Watching