Abstract
Data is vital for almost all sorts of business processes and workflows. However, the possession of personal data of other beings bear consequences. Data is prone to abuses through the exposure to adversaries in case of data breaches or insider’s illegitimate access and processing, hence adding to customer distrust. The data minimisation principle of the General Data Protection Regulation (GDPR), as a proactive approach, requires the collection of personal data to be limited to what is necessary for the legitimate processing purpose(s). Data degradation advocates for periodic inter-process data minimisation in a multi-process environment. In this context, we are proposing intra-process data degradation as a continuous data minimisation function during the process life. In our solution, the granularity or the information level of the process data is reduced at suitable instances in the process life to the minimum sufficient level for a successful completion of the remaining process. We devise three effective data degradation policies to realise and guide intra-process data degradation in business processes. We show through a proof-of-concept implementation the applicability of the introduced concept and the effectiveness of one of the policies. Our proposed approach intrinsically reduces privacy infringement damages which contribute to end-users trust in the processes.
Original language | English |
---|---|
Title of host publication | Business Process Management Workshops - BPM 2020 International Workshops, 2020, Revised Selected Papers |
Editors | Adela Del Río Ortega, Henrik Leopold, Flávia Maria Santoro |
Publisher | Springer |
Pages | 17-29 |
Number of pages | 13 |
ISBN (Print) | 9783030664978 |
DOIs | |
Publication status | Published - 2020 |
Event | 18th International Conference on Business Process Management (BPM 2020) : Workshop BPM in the era of Digital Innovation and Transformation - fully virtual conference, Sevilla, Spain Duration: 13 Sept 2020 → 18 Sept 2020 Conference number: 18 https://congreso.us.es/bpm2020/calls/demos/ https://sites.google.com/view/bpmindit |
Publication series
Name | Lecture Notes in Business Information Processing |
---|---|
Volume | 397 |
ISSN (Print) | 1865-1348 |
ISSN (Electronic) | 1865-1356 |
Conference
Conference | 18th International Conference on Business Process Management (BPM 2020) |
---|---|
Abbreviated title | BPM 2020 |
Country/Territory | Spain |
City | Sevilla |
Period | 13/09/20 → 18/09/20 |
Internet address |
Keywords
- Business intelligence
- Data minimisation
- Data degradation
- General Data Protection Regulation
- Intra-process data degradation