Data Privacy Matters

Data privacy or data protection relates to the right of individuals that personal information is kept safe from abuse.
In this context, SAP Master Data Governance certainly plays an important role when it comes to providing non-duplicate, high-quality master data, either by consolidating business partner, customer, supplier data from heterogeneous landscapes, or by pro-actively ensuring that such data is correct and consistent and ready for use in business processes. As a logical step, MDG also provides features that make sure that data that has reached the end of purpose according to the related check in SAP Information Lifecycle Management (ILM) is not available for consumption in active business. In this context, SAP accommodates for data protection with the following features:

Business Partner Blocking and Deletion

SAP S/4HANA as well as SAP ERP 6.0 provide specific features and functions to block and delete personal data in a structured and integrated manner. (For details, see the user assistance documentation on Data Protection (here, for example for SAP S/4HANA 1610), and in particular:

• Simplified Blocking and Deletion
• Unblocking and Deletion of Business Partner, Customer and Supplier Master Data

Both SAP Master Data Governance (MDG) on SAP S/4HANA 1709 and SAP MDG 9.1 enable the following capabilities for blocking of business partners with End of Purpose (EoP) as well as the deletion and archiving of business partners:

Related to Change Request Processing

In the processing of Change Requests, the system:

• Deletes business partners with EoP from open change requests
• Masks business partners with EoP in object list and hierarchy object list
• Disables navigation to masked business partners

What is more:

• When creating Change Requests, business partners with EoP cannot be used for open change requests
• When displaying Change Requests as well as in the user interface for My Change Requests,
  • Business partners with EoP are masked
  • The system disables navigation to masked business partners
• During Hierarchy Assignment in Single Object Processing for business partners, business partners with EoP are masked
• During Hierarchy Processing / Collective Processing,
  • Business partners with EoP are masked
  • The system disables navigation to masked business partners
• In the Change Documents user interface, the system hides all changes related to business partners with EoP

Related to the Consolidation and Mass Processing of Master Data

In Master Data Consolidation and in Master Data Mass Processing, business partners with EoP cannot be processed.

Read Access Logging

SAP S/4HANA and SAP ERP 6.0 provide capabilities to monitor and log access to personal data. This allows to analyze, which business users accessed business partner personal data, and in which time frame. The system allows you to configure, what information will be logged. (For details, again see the user assistance documentation on Data Protection (here, for example for SAP S/4HANA 1610), and in particular: Read Access Logging (RAL).

The SAP MDG releases specified above enable capabilities for read access logging for the following functions and interface types:

• SOA
  • Bank Details
  • Payment Card
• WebDynpro ABAP
  • Bank Details
  • Payment Cards
  • Change Documents
• Gateway Services
  • Bank Details

Change Request Archiving

The SAP MDG releases specified above enable the archiving of MDG Change Requests.

Hope this information is useful for you.

Best,

Markus