The General Data Protection Regulation (GDPR) has changed the perception towards privacy and data protection worldwide. Passed in 2016 and in force since 2018, the regulation has been a steady part of the academic and practical discourse over the past years. However, companies still struggle with the task of becoming compliant, mainly because of the large interdisciplinary scope and the overall complexity of the regulation. Once established, maintaining GDPR compliance in an accelerating business environment remains a challenge.
With this report, we present ProPerData, a process model for the protection of personal data. It addresses software developers and enterprise architects of large organizations and aims to provide a structured overview of the GDPR and a clear definition of responsibilities.
ProPerData is organized along 11 tasks that are derived from the GDPR. 16 work units of ProPerData are assigned to the tasks and executed by ProPerData stakeholders. We account for 6 resources that support the work units and 13 work products that result from them. The work units take place at one or more of the 10 stages or events of ProPerData.
Huth, D., Matthes, F.: "ProPerData - A process model to support GDPR compliance". Technical Report. Technical University of Munich, Munich 2020.