News about data leaks of private and confidential data are being reported with increasing frequency. To mitigate these issues, governments have taken actions to ensure that companies raise their investments and the actions related to user's data security and privacy. Laws were created, like the European General Data Protection Regulation (GDPR) and the Brazilian law called LGPD (Lei Geral de Proteção de Dados, in portuguese, or General Law of Data Protection), which define the privacy rights on user data and establishes penalties to the companies which do not comply with the law. Data privacy and security, which are fundamental non-functional requirements for many socio-technical systems, became a priority among the problems faced by many companies. These systems support business processes that are of fundamental importance in a compliance program with these laws and to balance transparency on the services provided. This tutorial will discuss the importance of developing privacy-aware systems and business processes and present a method to obtain LGPD compliance in business processes. In particular, LGPD4BP (LGPD for Business Process) - a method composed by an evaluation questionnaire and a modelling method supported by a modelling patterns catalog - will be presented to the audience.
@inproceedings{wer202100_2,
author = {Peixoto, M. and Santos, D. and Vilela, J. and Silva, C.},
title = {Tutorial - Analysis of business processes compliance with LGPD},
booktitle = {Proceedings of the WER2021-24th Workshop on Requirements Engineering, Brasília, Brazil},
year = {2021},
issn = {2675-0066},
isbn = {978-65-00-73407-2},
doi = {}
}