Enabling GDPR Compliance: Business Process Re-engineering methodologies and functional data privacy toolkits to support organisational GDPR Compliance

– Call for Papers

The digital revolution has resulted in a lag between existing regulations and the current reality, that of the social media, the Cloud Computing, the Internet of Things, the Big Data, to mention a few trends that didn’t exist merely two decades ago and have resulted in increasingly interconnected systems, amazing processing power (and results thereof), and data proliferation. As dependency to technology increases, so do the information trails left behind following daily activities of people. To this end, the General Data Protection Regulation (GDPR) comprises a milestone in data protection, creating an environment able to cope with the technological and business reality, and providing for the protection of privacy.

However, organisations declare difficulties in GDPR provisions’ implementation, despite the resources and money spent, whereas particular problems are faced as regards the new requirements GDPR introduces. The challenges, either technical or organisational, include, among others: interpretation of GDPR requirements; operational adaptation towards privacy-aware and compliant business practices; holistic data views and processing actions inventory; enforcement of security means; management of the relations with third parties and the data subjects, and enforcement of rights thereof; last but not least, significant resources are required and, whereas big companies may have money and resources to invest, both human and monetary, this does not necessarily apply for Small Business Enterprises (SMEs).

In light of these challenges, this workshop aims at bringing organisations, practitioners, lawyers and researchers from the various related areas to present and discuss recent techniques, platforms, use cases and interpretations of related regulations to enable an affordable GDPR compliance for micro businesses or SMEs. Topics of interest include, but are not limited to:

. GDPR Compliance System requirements

. Compliance as a service for SMEs

. GDPR practical compliance interpretations from legal perspectives

. Use cases for challenges with GDPR Compliance

. Empirical analysis of GDPR compliance in service repositories

. Techniques for GDPR compliant modeling

. Implementing privacy by design

. Privacy-preserving data mining and process mining

. Real-time compliance checking and online business process model adaptation

. Privacy and trust in organizational data collection

. Data engineering methods for identifying sensible personal data

. Privacy engineering for (event) logs

. Privacy and trust in personalized services

. System design for privacy awareness

. Privacy and compliance in (big) data analytics

. Coordination techniques for controller-processor compliant-friendly communication

. Privacy-aware data access and control methods/platforms

. Data De-Identification anonymization

. New measures for evaluating GDPR compliance

The workshop is co-organized by the H2020 BPR4GDPR project.

Workshop organizers:

Dr. Marwan Hassani, Eindhoven University of Technology, Netherlands, email: m.hassani@tue.nl

Dr. Georgios V. Lioudakis, ICT abovo, Athens, Greece, email: gelioud@ieee.org

Dr. Lorenzo Bracciale, University of Rome Tor Vergata, Italy, email: lorenzo.bracciale@uniroma2.it

Important Dates

Full paper submission deadline: 22 September 2019

Notification of decision: 29 September 2019

Instructions for Authors

Papers should be at most 15 pages long, including the bibliography and well-marked appendices, and should possibly follow the LNCS style (https://www.springer.com/gp/computer-science/lncs/conference-proceedings-guidelines).

Submissions are to be sent in pdf format only to: bpr4gdpr@gmail.com by September 22 at the latest.