Points to consider before Enabling DPCS for existing customers

Introduction-

SAP SuccessFactors values data protection as essential and is fully committed to help customers complying with applicable regulations – including the requirements imposed by the General Data Protection Regulation (GDPR).

By delivering features and functionalities that are designed to strengthen data protection and security customers get valuable support in their compliance efforts. However, it remains customer’s responsibility to evaluate legal requirements and implement, configure and use the features provided by SAP SuccessFactors in compliance with all applicable regulations.

The Data Privacy Consent Statement allows customers to present a candidate with a notification detailing how the customer handles the candidate’s personal data. Candidates must accept this statement before entering their data.

The feature once activated cannot be disabled. Only if customers require, this feature should be enabled.

There are two versions of the Data Privacy Consent Statement configuration:

• DPCS 1.0 allows customer to provide a data privacy prompt for internal and external candidates in the candidate’s preferred language. (Old Version not supported anymore)
• DPCS 2.0 allows customer to provide a country-specific data privacy prompt for internal and external candidates, in the candidate’s preferred language.

Configuration Steps –

1. In Provisioning, select check-box – Data Privacy Consent Statement 2.0

Enable DPCS 2.0

2. Select DPCS 2.0 in Edit Candidate Privacy Options in Provisioning under Recruiting section. This can be enabled for external/ internal candidates.

Data Privacy Settings

Attention: Once the above check boxes are enabled, you will not be able to disable.

3. Set up DPCS statement

• Go to Admin Centre > Data Privacy statement
• Set up at least one statement.
• Click “Create New Statement”:

Define countries and statement text in different languages if required or a default statement can be set up, which will be displayed to the candidates if language text is not available.

Type should be recruiting external , which will appear in dropdown after enabling DPCS2.0

Recruiting External: This statement displays before an external candidate can create a candidate profile. The candidate must accept the statement to proceed.

DPCS configuration

Redirect URL for Decline: Enter a site address for users who decline the Data Privacy Consent Statement – This is mandatory if we set up DPCS for Onboarding candidates. For Recruiting external, it is optional.

Assigned Countries: When a user’s country or region matches the country or region configured for the statement, the statement displays. We can only configure one statement per country or region, for each type of statement (Login, Recruiting Internal, Recruiting External, Onboarding Internal, and Onboarding External). There is also a “Set this as system default statement” checkbox so that you can set a default statement to use for employees not associated with a country or region or for employees who are in a country or region that has not been associated with a statement.

4. Save and Publish

 Key Considerations-

• Report can be pulled to fetch the candidates who accepted / declined DPCS 2.0 statement.
• DPCS 2.0 requires version 2.0 of DRM
  • The following statuses are predefined in talent pipeline when you enable Data Privacy Consent Statement 2.0.
    • Declined DPCS
    • Deleted On Demand By Admin
    • Deleted On Demand By Candidate

• Enabling DPCS 2.0 for internal or external candidates will require ALL already existing candidates to accept the statement. There are below scenarios for candidates-

1. New candidates who have accepted DPCS – Can login into system successfully after accepting DPCS on profile creation page
2. New candidates who have declined DPCS – will not be permitted to log in or enter any of their data into the SAP SuccessFactors system.
3. Old candidates who are yet to accept DPCS – Whenever an old candidate login into the system, they will be presented with DPCS statement to accept / decline.
4. Old candidates who have accepted DPCS – No further action required by candidate.
5. Old candidates who have declined DPCS – They will be rejected and moved to talent pipeline status- Declined DPCS.

Note – DPCS Status-

The DPCS status can be either Not Presented, Accepted or Declined.

In situations where users do not perform the login function for themselves, these users are not presented with the DPCS and are not able to accept or decline the DPCS for themselves. In this case, an Administrator can perform this task on behalf of a user by accepting or declining the DPCS on the Set DPCS Statement Status screen.

There is an additional feature to provide an option to hide candidates from the searches if they have not accepted Data Privacy statement.

Data Privacy Settings

After enabling this feature, all the candidates who have never accepted at least ONE Data Privacy will not appear for the candidate name search, candidate basic search or any talent pool this candidate has been added.

References-

https://help.sap.com/viewer/2becac773fcf4f84a993f0556160d3de/2005/enUS/8d017d4512b14691971a1c05d674e44a.html

I would like to Thank Rajasekar Thangaraj for reviewing and providing his valuable comments on the blog.