In April 2016, the European Union (EU) adopted a newly harmonized data protection law called the General Data Protection Regulation (EU GDPR). As of May 25, 2018, the GDPR will be a directly applicable law in all EU and European Economic Area (EEA) Member States. While the GDPR does not introduce many substantially new concepts, it increases the compliance requirements on the controllers and processors of personal data in areas such as:
- Providing reports or display functions to inform individuals about personal data stored about them
- Supporting erasure of personal data (so called “Right to be Forgotten”)
- Logging changes to personal data
- Logging read access to sensitive personal data
GDPR applies to all companies processing personal data of data subjects in the European Union, regardless of the company’s location.
SAP Business One and GDPR
SAP is aware of the importance of this change and has delivered following functionality to help SAP Business One customers comply with GDPR Data Privacy regulations:
- The functions of Change Log, System Access Log, General Authorizations, and selective erasure of personal data – available by design in SAP Business One.
- Data Ownership Enhancements – already released with SAP Business One 9.3 PL00 (for SAP HANA and MS SQL).
- HANA Enterprise Search function to report all occurrences of data stored about queried individuals (SAP Business One, version for SAP HANA only).
- Data Privacy Tools – released with SAP Business One 9.3 PL04 (for both SAP HANA and MS SQL)
- Personal Data Setup
- Personal Data Management Wizard
- Natural Person Determination
- Personal Data Report
- Personal Data Cleanup
- Sensitive Personal Data Encryption / Decryption (Germany only)
- Sensitive Personal Data Access Log (Germany only)
- Personal Data Change Log Extension
It is important to stress that SAP is not herein engaged in rendering legal advice. It is the customer’s responsibility to adopt measures that the customer deems appropriate to achieve GDPR compliance.
SAP encourages each customer in conjunction with their partner to take the required time to understand the legislation and how existing procedures and processes need to change.
Customer roadmap towards adherence
- Upgrade to SAP Business One 9.3 PL04 to benefit from the GDPR functionality delivered therein.
- Install Remote Support Platform (RSP) and upload the System Status Report (SSR) now, so that SAP is aware that you have upgraded.
- GDPR in SAP Business One – Executive Summary (also available in German) – Highlights how SAP Business One is addressing the EU General Data Protection Regulation requirements to best support its customers.
- Introduction to EU GDPR Compliance with SAP Business One* – Provides in-depth information about GDPR relevant functionality delivered with SAP Business One.
- How to Manage the Protection of Personal Data in SAP Business One* – This comprehensive how-to guide describes the GDPR relevant features and helps you manage the protection of personal data in SAP Business One.
- SAP Business One 9.3 Highlights* – Summarizes all new features delivered in Release 9.3.
- SAP Business One 9.3 Top Resolutions* – Lists the most important features delivered in each patch.
*To access information your customer S-user is required.