CORDIS
EU research results

CORDIS

English EN
Business Process Re-engineering and functional toolkit for GDPR compliance

Business Process Re-engineering and functional toolkit for GDPR compliance

Objective

The goal of BPR4GDPR is to provide a holistic framework able to support end-to-end GDPR-compliant intra- and inter-organisational ICT-enabled processes at various scales, while also being generic enough, fulfilling operational requirements covering diverse application domains. To this end, proposed solutions will have a strong semantic foundation and cover the full process lifecycle addressing major challenges and priorities posed by the regulation, including requirements interpretation, broad territorial scope, accountability, security means enforcement, data subject’s rights and consent, unified data view and processing actions inventory, privacy by design, etc.
The starting point will be process models, either automatically discovered through organisation logs or manually specified, formally expressed through a Compliance Metamodel, a comprehensive process modelling technology able to capture advanced privacy provisions. Thereupon, a highly expressive policy framework will guide the automatic verification of these models regarding GDPR requirements, and their subsequent transformation, so that they are rendered inherently privacy-aware before being deployed for execution. Subsequently, the consistent execution of GDPR-compliant processes will be ensured by a comprehensive set of tools able to support all diverging requirements that may arise from GDPR, related to data handling, data subjects’ involvement, various PETs, etc., so that even organisations with currently no such infrastructure in place can readily have such mechanisms. Finally, process mining will be extensively used for the ex post analysis of processes, in order to ensure that specified policies are indeed enforced. However, apart from verifying compliance, such techniques will offer the added value of automatically improving process models over time towards optimised fulfillment of both legal and business requirements.
Deployed on the Cloud, BPR4GDPR will provide for Compliance-as-a-Service (CaaS)

Coordinator

CAS SOFTWARE AG

Address

Cas Weg 1-5
76131 Karlsruhe

Germany

Activity type

Other

EU Contribution

€ 489 825

Participants (10)

Sort alphabetically

Sort by EU Contribution

Expand all

SINGULARLOGIC ANONYMI ETAIREIA PLIROFORIAKON SYSTIMATON KAI EFARMOGON PLIROFORIKIS

Greece

EU Contribution

€ 354 987,50

TECHNISCHE UNIVERSITEIT EINDHOVEN

Netherlands

EU Contribution

€ 496 400

UNIVERSITA DEGLI STUDI DI ROMA TOR VERGATA

Italy

EU Contribution

€ 356 500

ICT ABOVO TECHNOLOGIES PLIROFORIKISKAI EPIKINONION IDIOTIKI KEFALEOUCHIKI ETERIA

Greece

EU Contribution

€ 329 874,90

INTEMPRA SRL

Italy

STEINBEIS BERATUNGSZENTREN GMBH

Germany

EU Contribution

€ 236 250

STUDIO PROFESSIONALE ASSOCIATO A BAKER & MCKENZIE

Italy

EU Contribution

€ 188 125

ILEKTRONIKI DIAKYVERNISI KOINONIKISASFALISIS AE

Greece

EU Contribution

€ 148 250

ARCHI PROSTASIAS DEDOMENON PROSOPIKOU CHARAKTIRA

Greece

EU Contribution

€ 63 875

INNOVAZIONI TECNOLOGICHE SOCIETA A RESPONSABILITA LIMITATA

Italy

EU Contribution

€ 309 925

Project information

Grant agreement ID: 787149

Status

Ongoing project

  • Start date

    1 May 2018

  • End date

    30 April 2021

Funded under:

H2020-EU.3.7.6.

  • Overall budget:

    € 3 792 149,86

  • EU contribution

    € 2 974 012,40

Coordinated by:

CAS SOFTWARE AG

Germany