Ricerc@Sapienza

In an increasingly digital world, where processing and exchange of personal data are key parts of everyday enterprise business processes (BPs), the right to data privacy is regulated and actively enforced in the Europe Union (EU) through the recently introduced General Data Protection Regulation (GDPR), whose aim is to protect EU citizens from privacy breaches. In this direction, GDPR is highly influencing the way organizations must approach data privacy, forcing them to rethink and upgrade their BPs in order to become GDPR compliant.

Consider an artifact-centric business process model, containing both a data model and a process model. When executing the process, it may happen that some of the data constraints from the data model are violated. Bearing this in mind, we propose an approach to automatically generate an extension to the original business process model that, when executed after a constraint violation, repairs the contents of the data leaving it in a new consistent state.