MIS Quarterly Executive


Complying with the EU General Data Protection Regulation (GDPR) poses significant challenges for blockchain projects, including establishing clear responsibilities for compliance, securing lawful bases for processing personal data, and observing rights to rectification and erasure. We describe how Germany’s Federal Office for Migration and Refugees addressed these challenges and created a GDPR-compliant blockchain solution for cross-organizational workflow coordination. Based on the lessons learned, we provide three recommendations for ensuring blockchain solutions are GDPR-compliant.