Skip to Content

Many organizations are concerned about how the European data privacy regulation known as GDPR or EU-DSGVO might impact their day-to-day business especially if they are using cloud business software.

See the video below to get in two minutes an idea on what GDPR is and what you need to consider for your business latest until May 25th 2018 (more links can be found below):

The powerful capabilities which SAP Business ByDesign provides already since a couple of releases will help you to execute the GDPR related data privacy policies your organization might setup. With ByDesign your data privacy officers will be enabled to:

  1. Ensure that user authorization allows access to data only to users which need the data for business processes
  2. Configure minimal retention periods for key business documents in order to block deletion if they are still needed e.g. for accounting.
  3. Access and analyze change logs for data especially for accounts, contacts and employees.
  4. Most important: Centrally work on data privacy requests with a dedicated data privacy work center which provides an overview on the data stored about natural persons (e.g. employee, private account) and the deletion of personal data across business scenarios and documents.

 

The demo video below gives you an impression on how this works in our 1708 release:


As you have seen in the demo the data privacy expert can use the data privacy work center to easily find employees, service agents (i.e. external employees) or private accounts (1) and to trigger the deletion (3). Additionally he can generate a synopsis for master and transactional data which is stored for a natural person in the system (2) as you can see in the screenshots below.


Furthermore you can define in the business configuration the data retention periods for multiple business areas and countries which control that data cannot be deleted within the minimal retention period.


Administrators, sales and marketing employees can according to their authorization access change logs:

  1. See changes per date and user
  2. See changed attribute with old / new value and modification type
  3. Export changes


Finally ByDesign does not only control what happens inside the system but also how data is being consumed in external applications with the standard web-services and interfaces.

  1. Communication scenarios and arrangements allow to control external access (via the Application and User Management work center).
  2. Valid certificates are required to allow access ByDesign Web services.
  3. Communication Monitoring for e.g. failed web service calls. Customers still need to assess which integration scenarios are exposed to whom.

Here you get general overview material on GDPR, the SAP GDPR policies and especially the SAP data center data privacy measures and it’s certifications which are continuously being audited:

 

To report this post you need to login first.

2 Comments

You must be Logged on to comment or reply to a post.

    1. Jan Matthes Post author

      Hi Krish, my pleasure ;o)

      Byd and C4C use the sam platform and we have jointly developed some of the capabilities. I do not know what of this is available in detail but the general features are the same.

       

      Cheers

      Jan

       

      (1) 

Leave a Reply