Proactive removal of data - now and forever more

20 April 2018
Written by Paul Hammersley

As Senior Vice-President of the ALM Products at EPI-USE Labs, Paul Hammersley's portfolio includes test data management, landscape optimisation, and archiving. He has been a remarkable technical force in the SAP arena for over 20 years, and has extensive hands-on experience of implementing Data Sync Manager (DSM) and helping clients to manage data across the breadth of their SAP landscapes.

Hero-Images3

The here and now

Time flies when you’re having fun! Since we started out on our little GDPR journey, developing software and services to help customers with some of the requirements, the data privacy landscape has changed immeasurably. At the beginning everyone questioned whether it could really go ahead in that form; business leaders and politicians complained that it was too harsh and would damage the economy. But as we draw close to the end of the sunset period there are almost daily reminders in the news about why GDPR is very much needed.

7 steps for GDPR Compliancy

Removal of data NOW

A big focus for our customers is the removal of data that has been sitting unused in the SAP system for a long time. The older the SAP system, the more of it; and the number of divestitures the business has done over the years contributes significantly as well. At the moment, there is great interest in our applications called Data Disclose (for managing the right to access in a professional and scalable way) and Data Redact (for the reactive right to erasure). The third application, Data Retain, has gone to the back burner – because an ongoing capability to trim data when it exceeds the retention period doesn’t seem to be anyone’s top priority. So instead, we’re providing one-off services to remove the data that definitely shouldn’t be kept. In some cases it means ‘forgetting’ the person altogether. But in many cases, particularly around HR data, it means removing the parts of the record that it would be hard to find legal grounds for holding five years after the person has left, such as bank account numbers or family information.

View our SAP Data Privacy Suite

Removal of data THEN

We’re continuing with our work on Data Retain though, because I suspect that once the initial clean up is done, and organisations have a bit more time to sit down and look beyond 2018, they will definitely see the value. Because of course, this is not a one-off event. I don’t think it's panned out like that at all. This is the new normal, and we are all starting to acclimatise to what it means both personally and professionally. As we further develop our solutions, we will look to see how we can make them part of the ongoing processes of our customers, starting with a great suggestion from Turnkey consulting at a Access Control and Security Special Interest group last month: “Why not make Data Redact a part of the Leaver action for employees?”  What better way to show data privacy by design in the HCM space?

Don't know where to start with GDPR and SAP? We do!

 

 

 

Explore Popular Tags

GDPR Data Privacy Data Security Data Secure GDPR compliance Data Redaction data scrambling Data Redact General Data Protection Regulation POPI Act POPIA SAP Data Security SAP GDPR SAP data privacy and compliance Data Archiving Data Sync Manager Data privacy regulations Right to be forgotten Data privacy compliance GDPR readiness GDPR deadline Personal data SAP SAP security SAP systems GRC for SAP SAP data privacy and security Access Risk management Access risk controls Data Privacy suite Data minimisation Data security breaches Governance, Risk Management and Compliance (GRC) compliance COVID-19 Data privacy by design Risk monitoring SAP data copying and masking SAR Soterion Subject Access Request anonymised data Australian Privacy Act 1988 CCPA Cenoti Client Sync Data Protection Day Data masking EPI-USE Labs’ solutions European operations Federal Law GDPR fine Guest order ICO May 2018 Object Sync One-time customer Privacy by Design Reducing risk Right to Erasure Risk minimisation S/4HANA Migrations SAP S/4HANA SAP data SAP data privacy & security Secure scrambled production data for testing Test Data Management security breach Backlog privacy debt Black Friday Black Friday hangover Black Friday sales Breach Notification Brexit Budget Canada data privacy legislation Cenoti, connecting SAP with Splunk Cloud migrations Confidentiality Consent DSM DSM Readiness Assessment Data Diclose Data Portability Data Removal Data Replication Data Sync Manager (DSM) Data integrity Data privacy assessment Data processor versus controller Data retention rules Documentation Employee data Europe Friday 25 May 2018 GDPR-type legislation GRC GRC for SAP tools General Data Protection HCM HR ILM Information Commissioner’s Office Information transfer Infotype 41 JSOX New Zealand Privacy Act News Online shopping Penalties Personal Data Protection Law (PDPL) Phantom Proportional Data Protect personal employee data Removing data in SAP Right to Access Rise with SAP Risk management S4HANA SAP Cloud SAP Data Privacy Suite SAP RISE SAP SuccessFactors SAP access risk simulations SAP data encryption SIEM SOX Sarbanes-Oxley (SOX) legislation Saudi Arabia Security Security Information and Event Management Security for SAP. Live Sensitive HCM data South African data privacy legislation Splunk Splunk UBA Splunk’s Enterprise Security Success Factors Territorial Scope UK Government User Access Review Virtual conference What does the European GDPR mean for Australia? ebook masking rules quality of test data system copy uk sox
+ See More

Get Instant Updates


Leave a Comment: