Data Privacy Matters
Data privacy or data protection relates to the right of individuals that personal information is kept safe from abuse.
In this context, SAP Master Data Governance certainly plays an important role when it comes to providing non-duplicate, high-quality master data, either by consolidating business partner, customer, supplier data from heterogeneous landscapes, or by pro-actively ensuring that such data is correct and consistent and ready for use in business processes. As a logical step, MDG also provides features that make sure that data that has reached the end of purpose according to the related check in SAP Information Lifecycle Management (ILM) is not available for consumption in active business. In this context, SAP accommodates for data protection with the following features:
Business Partner Blocking and Deletion
SAP S/4HANA as well as SAP ERP 6.0 provide specific features and functions to block and delete personal data in a structured and integrated manner. (For details, see the user assistance documentation on Data Protection (here, for example for SAP S/4HANA 1610), and in particular:
- Simplified Blocking and Deletion
- Unblocking and Deletion of Business Partner, Customer and Supplier Master Data
Both SAP Master Data Governance (MDG) on SAP S/4HANA 1709 and SAP MDG 9.1 enable the following capabilities for blocking of business partners with End of Purpose (EoP) as well as the deletion and archiving of business partners:
Related to Change Request Processing
In the processing of Change Requests, the system:
- Deletes business partners with EoP from open change requests
- Masks business partners with EoP in object list and hierarchy object list
- Disables navigation to masked business partners
What is more:
- When creating Change Requests, business partners with EoP cannot be used for open change requests
- When displaying Change Requests as well as in the user interface for My Change Requests,
- Business partners with EoP are masked
- The system disables navigation to masked business partners
- During Hierarchy Assignment in Single Object Processing for business partners, business partners with EoP are masked
- During Hierarchy Processing / Collective Processing,
- Business partners with EoP are masked
- The system disables navigation to masked business partners
- In the Change Documents user interface, the system hides all changes related to business partners with EoP
Related to the Consolidation and Mass Processing of Master Data
In Master Data Consolidation and in Master Data Mass Processing, business partners with EoP cannot be processed.
Read Access Logging
SAP S/4HANA and SAP ERP 6.0 provide capabilities to monitor and log access to personal data. This allows to analyze, which business users accessed business partner personal data, and in which time frame. The system allows you to configure, what information will be logged. (For details, again see the user assistance documentation on Data Protection (here, for example for SAP S/4HANA 1610), and in particular: Read Access Logging (RAL).
The SAP MDG releases specified above enable capabilities for read access logging for the following functions and interface types:
- SOA
- Bank Details
- Payment Card
- WebDynpro ABAP
- Bank Details
- Payment Cards
- Change Documents
- Gateway Services
- Bank Details
Change Request Archiving
The SAP MDG releases specified above enable the archiving of MDG Change Requests.
Hope this information is useful for you.
Best,
Markus
SAP Master Data Governance Across the Enterprises/Cross industries etc.. Centrally govern to increase the consistency, quality and avoid the abuse of master data across the platform. Help businesses to run more disruptive, simple, strategic and align with future & digital journey.
Markus, Can you throw some light on How do we be compliant with GDPR guidelines in MDG 8.0? it seems ILM works with MDG 9.1 onwards. How do we stop showing sensitive details in completed CR change log details?
Hi Markus,
I have a question regarding the integration of SAP MDG and ILM. As far as I understand, the EoP Flag is an archiving object assigned to a BP. Let's assume there are 4 ERP systems on ECC and one MDG Hub on S/4. How does ILM inform MDG that a BP has the EoP flag state 1 (or 2), so that MDG can exclude them from search or mass change?
Many thanks for your or the communities help!
Kind regards
Hi Boban,
I’ m not the ILM expert, but I assume it’s via RFC. Please check the SAP Help Portal documentation for ILM.
Best,
Markus