Privacy and Confidentiality Requirements Engineering for Process Data

TL;DR

This paper introduces the Privacy and Confidentiality Requirements Engineering (PCRE) method to systematically address privacy and confidentiality concerns in process data, enabling secure sharing for process mining.

Contribution

It presents a novel, stakeholder-driven approach for identifying and managing privacy and confidentiality requirements in process data, applicable across domains.

Findings

PCRE effectively identifies privacy and confidentiality concerns.

Stakeholder involvement improves requirement accuracy.

Method balances data utility and privacy protection.

Abstract

The application and development of process mining techniques face significant challenges due to the lack of publicly available real-life event logs. One reason for companies to abstain from sharing their data are privacy and confidentiality concerns. Privacy concerns refer to personal data as specified in the GDPR and have been addressed in existing work by providing privacy-preserving techniques for event logs. However, the concept of confidentiality in event logs not pertaining to individuals remains unclear, although they might contain a multitude of sensitive business data. This work addresses confidentiality of process data based on the privacy and confidentiality engineering method (PCRE). PCRE interactively explores privacy and confidentiality requirements regarding process data with different stakeholders and defines privacy-preserving actions to address possible concerns. We co-construct and evaluate PCRE based on structured interviews with process analysts in two manufacturing companies. PCRE is generic, hence applicable in different application domains. The goal is to systematically scrutinize process data and balance the trade-off between privacy and utility loss.