Scribd Logo
Upload

Welcome to Scribd!

  • GDPR Ilm

    Uploaded by

    joga srikanth
    17 views22 pages

    Original Title

    GDPR_ILM

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    17 views22 pages

    GDPR Ilm

    Uploaded by

    joga srikanth

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 22

    Data privacy in the SAP Business Suite

    February 2017
    DM&LT
    Agenda

    1. Background and requirements on the protection of personal data

    2. Solution: SAP Information Lifecycle Management

    3. Project implementation

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 2


    Goals of the new EU General Data Protection Regulation

    • Modernization because of recent technical


    advancements

    • Simplification and standardization within


    Europe

    • Unification and strengthening the rights of the


    persons affected

    • Reduce administrative burdens

    • Free data transfer within Europe

    • Confidence-building

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 3


    Conclusions
    Rights of the persons affected

    Limit the
    processing of
    data

    Information Transferability Automated


    obligation of data decision

    Notification Deletion

    Right to Correction of
    information data

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 4


    Data deletion
    Personal data is divided into three categories:
    Category 1: Personal data of business data, employees, customers and vendors
    • Address
    • Birthday
    • Roles in the system
    • Status (Employee, retired, …)

    Category 2: Data with direct reference to personal data


    • Pay slip
    • Invoice
    • Order
    • Contract

    Category 3: Data with indirect reference to personal data


    • Delivery
    • Payment documents
    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 5
    Employee contract Karla Customer
    Insert page title Working student
    (04.2011 – 03.2014)
    Regenbogenweg 1
    39761 Wolkenkuckucksheim

    First level Payment details


    Perfect Bank
    Second level IBAN: DE12500903170648489890

     Third level

    Communication
    +49 610 9607207
    Portal Account: KarCust

    Contract for services:


    Targeted marketing with
    Beacons and Geofencing
    (12.2015)

    Purchased goods: 6

    • eieiPhone + Maintenance agreement (3.2015)


    • Books

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 6


    Purpose of processing

    • Different business relations exist between the


    company and Karla Customer. Those business
    relations require different retention periods.

    • It may be reasonable to view the different


    business relations as different purposes.

    • The processing purpose of master data is – in


    most cases – dependent on the type and
    purpose of the business relation.

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 7


    Conclusion

    What does this mean for your data


    in your SAP system(s)

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 8


    Schema lifecycle of personal data

    End of Purpose
    End of data retention

    X years XX years

    Blocking phase
    Processing based on
    Only authorized individuals have access to Deletion
    business purpose
    data

    Requirement
    Personal data, for which the original processing purpose has ended, is to be deleted - if other retention
    requirements apply, the personal data is to be blocked until its final deletion.

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 9


    SAP ILM
    SAP ILM supports information lifecycle end-to-end

    Time

    Residence time
    Business complete
    Non changeable
    Creation Reference / Lawsuits / Information
    business audits destruction
    Access
    frequency

    File
    Database ILM-aware storage
    system

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Internal 11


    SAP ILM retention management enables your productive systems to
    apply all company rules
    Retention Policy
    Management
    Manage and enforce retention policies
     Set policies for automatic data retention and subsequent destruction
    Data
     Retain data according to set policy archives

     Responsibly destroy data when expiration date has been reached

    Maintain archives according to retention policy


     Create archive files according to rule matching data values and
    expiration date

    Data Data Data


    archives
    Perform e-Discovery archives archives

     Search for information in response to legal requests

    Apply legal hold on data


    Expiration Expiration Expiration
     Automatically prevent data deletion or destruction date date date

     Apply holds to archives and database

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Internal 12


    SAP ILM – technical details

    SAP ERP 6.0 – RETENTION MANAGEMENT

    SAP ERP 6.0

    SAP ERP ABAP


    AS ABAP
    Business Function: ILM,
    DA_ARCHOBJ_STANDARD_1,
    FIN_ACC_ILM
    Service: SRS*
    SRS* Service

    WORM-like storage Storage WORM-like storage


    Interface: BC-ILM 3.0

    Storage
    Interface: ArchiveLink

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Customer 13


    Definition of retention rules

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Internal 14


    Dependencies

     There are dependencies between transactional data and master data

     Master data can only be archived/deleted when all references to transaction data are deleted

     SAP network graphic needs to be considered (additional business-related dependencies may


    apply)

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Internal 15


    Data deletion with SAP ILM

    Transaction ILM_DESTRUCTION – DATA DESTRUCTION

    Minimum

    Maximum

    Legal Hold

    © 2015 SAP SE or an SAP affiliate company. All rights reserved. Customer 16


    End of purpose checks for business partner
    Blocking report
    Residence Retention rules
    Application logic
    rules - ILM rules
    EoP check is executed
    - ILM rules - specific for each
    per application
    - specific for application
    each
    application

    Check
    usage
    no
    Block BP
    Retention
    period
    valid?
    no
    Delete BP
    X Deleted

    yes yes
    existing
    Retention
    period
    Business partner reached?
    Access by authorized people

    no

    Simplified blocking and deletion of business partner data

    © 2015 SAP SE or an SAP affiliate company. All rights reserved. Customer 17


    Project methodology
    Project lifecycle

    Scoping/ Sandbox setup Complete sandbox Transport to QA Go Life


    Analysis (copy prod) environment environment
    Scoping Development Complete Scenario Test Prepare for Prod Start operations
     Define scope  Customize systems  Complete and synchronized  Test completeness of  Start initialization reports
     Review current archiving system setup. transports in QA
     Develop and test  Start EOP checks
    strategy modifications  Connect compliant ILM  Prepare transport for the
     Data cleansing
     Knowledge transfer via  Develop enhancements to storage (if archiving is a productive environment
    requirement)  Start archiving and
    workshops etc. authorization concept  Assign final residence and
    destruction runs
     Provide access to the systems  Test EOP checks  Customizing SAP ILM in all retention time to all
    modules archiving objects  Close project
     System preparation (e.g. SAP  Test and run destruction
    Notes runs  Implement and test extended  Handover project
    authorization concept.
    Analysis  Validate results in this
    sandbox  Test archiving/deletion in
     Analysis of data in all modules
    the complete environment
     Identify Z-tables of modules  Start defining residence
    and retention times for all  Start describing operational
     Identify Interfaces to external concept
    archiving objects.
    systems
     Start data cleansing (if  Test data cleansing
     Create a first draft project plan
    needed)  Handover into QA
     Release Project Charter
     Create and release
    Blueprint

    © 2015 SAP SE or an SAP affiliate company. All rights reserved. Internal 19


    Preparations

    • Identify all filled tables which contain business partner, customer, vendor column

    • Derive all archiving objects which delete data from those tables

    • Identify all customer-specific tables (in customer namespace) and decide on further
    processing:
    – Add customer-specific tables to existing archiving objects
    – Create deletion report for those tables
    – Develop customer-own archiving objects

    • Definition and configuration of retention periods for all relevant archiving objects

    © 2016 SAP SE or an SAP affiliate company. All rights reserved. Internal 20


    Simplified blocking and deletion of business partners
    Technical prerequisites

     SAP Information Lifecycle Management (ILM) - EhP 7, SP05 for SAP ECC 6.0

     End of purpose checks available in more than 120 modules/applications

     Full ILM-enablement of archiving objects in respective modules/applications

    © 2015 SAP SE or an SAP affiliate company. All rights reserved. Customer 21


    Kontakt

    Carolin Treu
    Consultant
    DM&LT

    SAP Deutschland SE & Co. KG


    Hasso-Plattner-Ring 7
    69190 Walldorf
    Germany

    T +49 6227 7-43823


    M +49 151 57118824
    mailto: carolin.treu@sap.com

    You might also like