Professional Documents
Culture Documents
4 1 GDPR What It Means The Practicalities of Implementation in A SAP Landscape Expertum
4 1 GDPR What It Means The Practicalities of Implementation in A SAP Landscape Expertum
4 1 GDPR What It Means The Practicalities of Implementation in A SAP Landscape Expertum
+100 senior SAP Experts (BE, NL, SI, …) Passionate about SAP, business
International orientation processes and innovations
Nurturing personal development
Excellent capabilities in all classic SAP Lean organisation
modules and business Processes.
Market Leader: HANA, GRC, ALM AQM Certified
Market Maker for innovative solutions: PCoE Certified
▪ SAP (S/4)HANA EM
▪ Big Data, IoT & Analytics Outstanding client satisfaction
▪ SAP Hybris C4C Committed to excellence consulting
▪ User Experience Trusted advisor for a long term journey
▪ S/4HANA on Azure Private Cloud
Inspire Proud to be Expertum
by
Experience
Data Protection
SAPience.be TECHday 2017 3
Data Breaches
All companies that collect personal data: all information that allows to identify a person
How
What? Why? Where? Who?
long?
Access Risk
Where used? User approval Change & remove
Management Management
DPO:
• Data privacy Officer for companies that conduct a large amount of data
processing on a daily basis – sensitive personal data or not. It doesn’t get more
specific than that.
SAP solution
• SAP ABAP: list all the tables containing fields with personal information in the program
Where-Used List for Domain in Tables
• Custom development to identify, link & report on data elements
• 3rd party solutions
• Data subjects have the right to see which data is stored on them
• Request corrections
SAP solution
• Custom report
• 3rd party solutions
• New SAP tools using social media integration, Hybris, HR Tools and ILM have
consent documentation included
SAP solution
• Process Control- Policies
• Process Control – Documentation
• Your CRM/SRM?
• Any database
SAP solution
• SAP archiving
SAP solution
• SAP Access Control
SAP Solution:
• SAP TDMS: Test Data Migration Server
SAP Solution:
• SAP ILM (Information Lifecycle Manager)
• Define data specific policies (blocking & retention)
• Trace data lifecycle
• Inactivate data
• Archive & delete
• Delete from archived data (based on timestamp)
SAP Solution:
• Read Access Logging, UI Logging or SAP Process Control to identify possible data breach
• Identify access to data elements
• Define all possible approaches
• SAP Process Control/Risk Management for response follow-up
Controls
• Controls on user access (role based)
• Controls on data reading
Consent management
• Automated for internal use
• Documentation for external
• Response policies Data breach