How Has Requirements Engineering Supported Data Protection?

With the constant development of new solutions that process personal data and the approval of privacy regulations such as GDPR and LGPD, the demand for development teams to be prepared, engaged, and responsible for implementing software that guarantees users’ data protection has increased. The privacy concern must be present from the conception of the solution. Therefore, the Requirements Engineering area must incorporate processes, methods, techniques, and tools that address data protection aspects, especially in line with current regulations. In this context, the present study investigates which approaches to Requirements Engineering currently proposed in the literature support personal data protection. This objective was achieved through a systematic mapping that identified 11 approaches, 4 tools, 3 methods, 2 processes, 1 technique, and 1 language. The results point to solutions addressing distinct sets of input artifacts but with a predominance of privacy requirements as a resultant artifact. In addition, the results show the need to apply the solutions in actual contexts of use.