Towards Identifying GDPR-Critical Tasks in Textual Business Process Descriptions
| dc.contributor.author | Nake, Leonard | |
| dc.contributor.author | Kuehnel, Stephan | |
| dc.contributor.author | Bauer, Laura | |
| dc.contributor.author | Sackmann, Stefan | |
| dc.contributor.editor | Klein, Maike | |
| dc.contributor.editor | Krupka, Daniel | |
| dc.contributor.editor | Winter, Cornelia | |
| dc.contributor.editor | Wohlgemuth, Volker | |
| dc.date.accessioned | 2023-11-29T14:50:24Z | |
| dc.date.available | 2023-11-29T14:50:24Z | |
| dc.date.issued | 2023 | |
| dc.description.abstract | Complying with data protection regulations is an essential duty for organizations since violating them would lead to monetary penalties from authorities. In Europe, the General Data Protection Regulation (GDPR) defines personal data and requirements for dealing with this type of data. Hence, organizations must identify business activities that deal with personal data to establish measures to fulfill these requirements. Especially for large organizations, a manual identification can be labor-intensive and error-prone. However, textual business process descriptions, such as work instructions, provide valuable insights into the data used in organizations. Therefore, we propose a first approach to automatically identify GDPR-critical tasks in textual business process descriptions. More specifically, we use a supervised machine learning algorithm to automatically identify whether a task deals with personal data or not. A first evaluation of our approach with a dataset of 37 process descriptions containing 509 activities demonstrates that our approach generates satisfactory results. | en |
| dc.identifier.doi | 10.18420/inf2023_191 | |
| dc.identifier.isbn | 978-3-88579-731-9 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/43120 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | INFORMATIK 2023 - Designing Futures: Zukünfte gestalten | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-337 | |
| dc.subject | Legal Compliance | |
| dc.subject | General Data Protection Regulation (GDPR) | |
| dc.subject | Business Process | |
| dc.subject | Task Identification | |
| dc.title | Towards Identifying GDPR-Critical Tasks in Textual Business Process Descriptions | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 1908 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 1895 | |
| gi.conference.date | 26.-29. September 2023 | |
| gi.conference.location | Berlin | |
| gi.conference.sessiontitle | Wirtschaft, Management Industrie - Workshop zum Stand, den Herausforderungen und Impulsen des Geschäftsprozessmanagements (ZuGPM 2023) |
Dateien
Originalbündel
1 - 1 von 1