{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T12:25:39Z","timestamp":1776860739377,"version":"3.51.2"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030954833","type":"print"},{"value":"9783030954840","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-030-95484-0_8","type":"book-chapter","created":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T10:05:46Z","timestamp":1644228346000},"page":"127-137","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Integrating Privacy-By-Design with Business Process Redesign"],"prefix":"10.1007","author":[{"given":"Vasiliki","family":"Diamantopoulou","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maria","family":"Karyda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,2,8]]},"reference":[{"key":"8_CR1","doi-asserted-by":"crossref","unstructured":"Ahmadian, A.S., Str\u00fcber, D., Riediger, V., J\u00fcrjens, J.: Supporting privacy impact assessment by model-based privacy analysis. In: Proceedings of the 33rd Annual ACM Symposium on Applied Computing, pp. 1467\u20131474 (2018)","DOI":"10.1145\/3167132.3167288"},{"key":"8_CR2","unstructured":"Alexander, C.: A Pattern Language: Towns, Buildings, Construction. Oxford University Press, Oxford (1977)"},{"key":"8_CR3","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/978-3-319-59466-8_2","volume-title":"Enterprise Business-Process and Information Systems Modeling","author":"N Argyropoulos","year":"2017","unstructured":"Argyropoulos, N., Mouratidis, H., Fish, A.: Supporting secure business process design via security process patterns. In: Enterprise Business-Process and Information Systems Modeling, pp. 19\u201333. Springer, Cham (2017)"},{"key":"8_CR4","unstructured":"Article 29 Data Protection Working Party: Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is \u201clikely to result in a high risk\u201d for the purposes of Regulation 2016\/679 (2017). https:\/\/ec.europa.eu\/newsroom\/document.cfm?doc_id=47711. Accessed 19 Apr 2021"},{"key":"8_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"168","DOI":"10.1007\/3-540-44895-0_12","volume-title":"Business Process Management","author":"M Backes","year":"2003","unstructured":"Backes, M., Pfitzmann, B., Waidner, M.: Security in business process engineering. In: van der Aalst, W.M.P., Weske, M. (eds.) BPM 2003. LNCS, vol. 2678, pp. 168\u2013183. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-44895-0_12"},{"key":"8_CR6","doi-asserted-by":"crossref","unstructured":"Beckers, K.: Comparing privacy requirements engineering approaches. In:\u00a02012 Seventh International Conference on Availability, Reliability and Security, pp. 574\u2013581. IEEE (2012)","DOI":"10.1109\/ARES.2012.29"},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Borchers, J.O.: A pattern approach to interaction design. In: Proceedings of the 3rd Conference on Designing Interactive Systems: Processes, Practices, Methods and Techniques, pp. 369\u2013378. ACM (2000)","DOI":"10.1145\/347642.347795"},{"key":"8_CR8","unstructured":"Cavoukian, A.: Privacy by Design: The 7 Foundational Principles. Information and Privacy Commissioner of Ontario, Canada 5 (2009)"},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Diamantopoulou, V., Argyropoulos, N., Kalloniatis, C., Gritzalis, S.: Supporting the design of privacy-aware business processes via privacy process patterns. In: 2017 11th International Conference on Research Challenges in Information Science (RCIS), pp. 187\u2013198. IEEE (2017a)","DOI":"10.1109\/RCIS.2017.7956536"},{"key":"8_CR10","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"491","DOI":"10.1007\/978-3-319-58469-0_33","volume-title":"ICT Systems Security and Privacy Protection","author":"V Diamantopoulou","year":"2017","unstructured":"Diamantopoulou, V., Kalloniatis, C., Gritzalis, S., Mouratidis, H.: Supporting privacy by design using privacy process patterns. In: De Capitani di Vimercati, S., Martinelli, F. (eds.) SEC 2017. IAICT, vol. 502, pp. 491\u2013505. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-58469-0_33"},{"key":"8_CR11","unstructured":"European Data Protection Board: Guidelines 4\/2019 on Article 25 Data Protection by Design and by Default (2019). https:\/\/edpb.europa.eu\/our-work-tools\/public-consultations-art-704\/2019\/guidelines-42019-article-25-data-protection-design_en. Accessed 19 Apr 2021"},{"key":"8_CR12","unstructured":"European Parliament: Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC (General Data Protection Regulation)"},{"key":"8_CR13","doi-asserted-by":"crossref","unstructured":"Hammer, M.: What is business process management? In:\u00a0Handbook on Business Process Management, vol. 1, pp. 3\u201316. Springer, Berlin (2015)","DOI":"10.1007\/978-3-642-45100-3_1"},{"issue":"5","key":"8_CR14","doi-asserted-by":"publisher","first-page":"93","DOI":"10.3390\/fi12050093","volume":"12","author":"J Henriksen-Bulmer","year":"2020","unstructured":"Henriksen-Bulmer, J., Faily, S., Jeary, S.: DPIA in context: applying dpia to assess privacy risks of cyber physical systems. Fut. Internet 12(5), 93 (2020)","journal-title":"Fut. Internet"},{"key":"8_CR15","unstructured":"-FTI 2020: Annual governance report. Technical report (2021) https:\/\/iapp.org\/media\/pdf\/resource_center\/IAPP_FTIConsulting_2020PrivacyGovernanceReport.pdf. Accessed 19 Apr 2021"},{"key":"8_CR16","unstructured":"ISO 27001:2013 Information Technology \u2013 Security Techniques \u2013 Information Security Management Systems \u2013 Requirements (2013)"},{"issue":"3","key":"8_CR17","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1007\/s00766-008-0067-3","volume":"13","author":"C Kalloniatis","year":"2008","unstructured":"Kalloniatis, C., Kavakli, E., Gritzalis, S.: Addressing privacy requirements in system design: the PriS method. Requirem. Eng. 13(3), 241\u2013255 (2008)","journal-title":"Requirem. Eng."},{"key":"8_CR18","doi-asserted-by":"crossref","unstructured":"Kalloniatis, C., Kavakli, E., Gritzalis, S.: Methods for designing privacy aware information systems: a review. In: 2009 13th Panhellenic Conference on Informatics, pp. 185\u2013194. IEEE (2009)","DOI":"10.1109\/PCI.2009.45"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Kokolakis, S.A., Demopoulos, A.J., Kiountouzis, E.A.: The use of business process modelling in information systems security analysis and design. Inf. Manag. Comput. Secur. 8(3), 107\u2013116 (2000)","DOI":"10.1108\/09685220010339192"},{"key":"8_CR20","doi-asserted-by":"publisher","unstructured":"Langheinrich, M.: Privacy by design \u2014 principles of privacy-aware ubiquitous systems. In: Abowd, G.D., Brumitt, B., Shafer, S. (eds.) Ubicomp 2001: Ubiquitous Computing. UbiComp 2001. LNCS, vol. 2201, pp. 273-291. Springer, Berlin (2001). https:\/\/doi.org\/10.1007\/3-540-45427-6_23","DOI":"10.1007\/3-540-45427-6_23"},{"key":"8_CR21","unstructured":"McKinsey &Company: GDPR compliance since May 2018: A continuing challenge (2019). https:\/\/www.mckinsey.com\/business-functions\/risk\/our-insights\/gdpr-compliance-after-may-2018-a-continuing-challenge. Accessed 19 Apr 2021"},{"issue":"4","key":"8_CR22","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1016\/j.csi.2010.01.006","volume":"32","author":"D Mellado","year":"2010","unstructured":"Mellado, D., Blanco, C., S\u00e1nchez, L.E., Fern\u00e1ndez-Medina, E.: A systematic review of security requirements engineering. Comput. Stand. Interf. 32(4), 153\u2013165 (2010)","journal-title":"Comput. Stand. Interf."},{"key":"8_CR23","doi-asserted-by":"crossref","unstructured":"Pullonen, P., Matulevi\u010dius, R., Bogdanov, D.: PE-BPMN: privacy-enhanced business process model and notation. In: International Conference on Business Process Management, pp. 40\u201356 (2017)","DOI":"10.1007\/978-3-319-65000-5_3"},{"issue":"2","key":"8_CR24","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/s12525-015-0191-0","volume":"25","author":"S Spiekermann","year":"2015","unstructured":"Spiekermann, S., Acquisti, A., B\u00f6hme, R., Hui, K.-L.: The challenges of personal data markets and privacy. Electron. Mark. 25(2), 161\u2013167 (2015). https:\/\/doi.org\/10.1007\/s12525-015-0191-0","journal-title":"Electron. Mark."},{"key":"8_CR25","unstructured":"Reuters, T.: Study finds organizations are not ready for GDPR compliance issues (2019). https:\/\/legal.thomsonreuters.com\/en\/insights\/articles\/study-finds-organizations-not-ready-gdpr-compliance-issues. Accessed 19 Apr 2021"},{"key":"8_CR26","unstructured":"Tom, J.: Assessing and improving compliance to privacy regulations in business processes. In: Proceedings of the Doctoral Consortium papers presented at 30th International Conference on Advanced Information Systems Engineering (CAiSE) (2018)"}],"container-title":["Lecture Notes in Computer Science","Computer Security. ESORICS 2021 International Workshops"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-95484-0_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T10:08:14Z","timestamp":1644228494000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-95484-0_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030954833","9783030954840"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-95484-0_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"8 February 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Darmstadt","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 October 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2021.athene-center.de\/index.php","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"351","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"71","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.07","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6.06","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}