In a move towards comprehensive data protection, the Kingdom of Saudi Arabia (KSA) has int...
Nine essential steps for data privacy compliance in SAP
SAP is one of the most robust systems in the world, but also one of the most complex, and ...
Guardians of the wild: SAP data privacy lessons from nature
In this blog, I explore parallels between the survival of the fittest in both nature and t...
Future-proof your governance and risk in SAP
If you are moving your SAP system to the cloud, managing Access Risk should be top priorit...
Why SAP data consistency and anonymisation is not a clear-cu...
Data privacy is a topic that gets a lot of focus and organisations need to consider how to...
SAP User Access Reviews: Six best practices
The majority of components making up a Governance, Risk and Compliance (GRC) solution are ...
The GDPR journey of a data process
In the last blog in this series, I discussed the merits of redacting sensitive or identify...
How do I prepare my SAP environment for UK SOX?
Just as the 2001 Enron scandal led to the enactment of the Sarbanes-Oxley (SOX) legislatio...
With Australian Privacy Awareness Week taking place in May 2021, now feels like a good tim...
Why delete when you can redact?
In the previous blog in this series, I talked about how consumers expect a company to hand...
Data Protection Day: Secure your SAP without compromises
Today is Data Protection Day! A day dedicated to raising awareness and the importance of d...
Splunk: The “data-to-everything” platform, including SAP
In the latest Gartner Magic Quadrant report, Splunk has been indicated as a leader in the ...
Do you have a Black Friday data hangover?
The rise in online shopping reaches a crescendo If anything can be said to have thrived in...
The impact of GDPR and data privacy regulations on employee ...
H&M’s GDPR fine recently made news headlines with an eye-watering fine of €35.2 millio...
Why business-centric GRC is what every organisation needs
The world is changing more rapidly than ever before. Organisations are facing an extremely...
What does the GDPR Security Principle mean for you?
The General Data Protection Regulation (GDPR) is certainly not news any more. Most individ...
The New Zealand Privacy Act 2020: Steps to get your SAP syst...
The New Zealand Privacy Act received a well-deserved overhaul to bring data privacy for in...
A very different event: Data Security for SAP.live I’m going to try very hard not to use t...
The COVID-19 pandemic has had a major impact on how businesses operate. New ways of workin...
GDPR for SAP: What’s the impact two years on?
Early movers It’s hard to believe it's only been two years since the General Data Protecti...
The CCPA is here, and your SAP system is not compliant. Now ...
Since its hasty inception, the California Consumer Privacy Act (CCPA) has stirred up debat...
Is S/4 your first major project since GDPR came into effect?
All IT projects must have ‘privacy by design’, and S/4 is on everyone’s horizon I was rece...
Date Scrambling on Infotype 41 Date Specifications
Every implementation of our software can throw up unique test data masking requirements. I...
The future of the CCPA: What about a Federal law?
This blog discusses the potential issues around implementing CCPA compliance if a supersed...
What's popping with POPIA?
In this blog post, we provide a quick overview of the POPI Act, how it differs from GDPR, ...
SAP data redaction for GDPR: it’s scary!
Controlling the risk As we all know now, GDPR (the General Data Privacy Regulation) has br...
British Airways given £183 million fine for data breach – the first public GDPR fine in th...
It’s a tricky balance: what CAN and MAY you test?
You MAY not do testing with personal data...and many people say they CAN not do testing wi...
Data Processing Agreements for SAP are changing. Don’t be ca...
Are you compliant with the terms of your SAP support contract? One of my colleagues shared...
The SAP GDPR Journey: Next stop… Brexit
The news in Europe is abuzz with Brexit and the many complexities around it. One of the ma...
GDPR and POPIA: Data breach
Missed the previous articles? Read them here: Article 1 | Article 2 | Article 3 | Article ...
GDPR and POPIA: Data destruction
Missed the previous articles? Read them here: Article 1 | Article 2 | Article 3 | Article ...
GDPR and POPIA: Data archiving
Missed the previous articles? Read them here: Article 1 | Article 2 | Article 3 | Article ...
SAP was built for customising...so were Data Disclose and Da...
SAP: ERP off the shelf Why has SAP been so successful for so long? Because they designed a...
GDPR and POPIA: Data transfer
Missed the previous articles? Read them here: Article 1 | Article 2 | Article 3 | Article ...
GDPR versus the Australian Privacy Act
The overview below is a comparison between the key changes in GDPR (the General Data Prote...
GDPR and POPIA: Data use
Missed the previous articles? Read them here: Article 1 | Article 2 | Article 3 | Article ...
GDPR and POPIA: Data analysis
Missed the previous articles? Read them here: Article 1 | Article 2 | Article 3 It is offi...
GDPR and POPIA: Data maintenance
Missed the previous articles? Read them here: Article 1 | Article 2 In the third installme...
GDPR and POPIA: Acquisition and data entry
Missed any articles? Read it here! In this second article of the series on GDPR and POPIA,...
Does GDPR Compliance equal POPIA Compliance?
Do you know the difference between GDPR, POPIA, and dating? We have created a series of ni...
Approaching SAP HCM data in the shadow of GDPR
After my last piece about data removal, I’ve had a lot of conversations about HCM data rem...
Welcoming in the GDPR
The end of the world as we know it...or not So, I woke up this morning and still had two a...
Proactive removal of data - now and forever more
The here and now Time flies when you’re having fun! Since we started out on our little GDP...
What does GDPR mean for global companies?
Gartner predicts that by the end of 2018, more than 50 percent of companies affected by GD...
Protecting consumers: why is GDPR so important?
Over the festive period, I’ve spent far more time in shops and watching telly than I norma...
Three ways to protect your SAP data from cyber criminals
Reduce your attack surface Security budgets have tripled in the past few years. Yet this i...
GDPR: the Data Adequacy and Data Minimisation principle
The Data Protection Act (current law) requires companies to ensure that they only collect ...
Retention period: A minimum or a maximum?
GDPR: are retention periods being considered a minimum or a maximum? I’ve recently been in...
Ready for GDPR: Non-Production Data Security
My previous post explains how with the use of Data Sync Manager (DSM) and EPI-USE Labs you...
Ready for GDPR: Proportional data usage
As per my previous post, the deadline for GDPR compliance is looming - and it will affect ...
GDPR in SAP: Redact rather than Archive?
How widely will companies provide the Right to be Forgotten? Will this be commonplace in S...
The Road to Data Protection and GDPR
I have worked in the UK utilities industry for the last 15 years, and I've spent the last ...
I’m watching a wonderful programme at the moment where the opening credits state ‘This is ...
In my last blog, I wrote about the GDPR compliance projects sprouting up at most companies...
It’s time to start thinking about GDPR
You have probably heard the distant drumbeat of GDPR and the shock headlines of “over 92% ...
The world wakes up to GDPR: where did it come from?
Since the start of the year, the volume has definitely been turned up on GDPR. I was speak...
Data protection by design in the SAP world
Explicit in the General Data Protection Regulation (GDPR) legislation is the instruction t...
The Enterprise spread of personal data
Data across your landscape The accumulation of data today defies most minds. The amount is...
The Right to be Forgotten and the SAP challenge
It all started when one of our sales team called me to ask, “Can a customer use our produc...
Leave a Comment: