Your system is not up to date?
It holds old information and is not fully GDPR compliant yet?
You and your data governance team are unsure what data there is in the system, if it has expired and/or needs to be gotten rid of?
You are not alone.
Achieving full GDPR compliance
What data do you need to protect, retain, delete and manage?
What is the best way to organise your efforts to achieve full compliance?
In the lead up to GDPR on May 25th, much thought had been given to what data needs to be protected, retained, deleted and managed in SAP Production environments.
Many articles and blogs, quite rightly, consider the pervasion of sensitive personal data throughout a Production SAP environment:
- Employee data that is not just in the HR or Payroll modules but also in Finance Accounts Payables for expense payment purposes;
- Employee data that is in approval workflow constructs;
- Employee and payroll data that is perhaps in external pension interface files.
There is much to consider in terms of system, process, data, and people implications to ensure that your SAP Production system and data management protocols are GDPR compliant.
Personal data in a host of non-production SAP instances?
Less heralded, and perhaps attracting less attention, has been the fact that this same sensitive personal data is often available in a host of non-Production SAP instances.
Therefore we have put together all the information and guidance you will need in the ‘Guide on GDPR Compliance for Non-Production SAP Environments’.
Our ‘Guide on GDPR Compliance for Non-Production SAP Environments’ takes into account your business and team’s specific situation and proposes solutions based on it.
- Who will benefit from this guide?
If you have SAP installed you will find that one, several, or all of the instances in this guide relate to your situation.
- What is included in the guide?
Follow the flowchart to quickly determine what is your specific situation. Then we briefly explain what the impact could be for non-compliance within your non-production environments. Following is the good bit where we detail recommendations and technical solutions which you can apply yourself or with the team.
Are you looking for a complete GDPR Compliance review for all potential breaches within your SAP system? Contact Absoft for more information and help on your specific case.
Book your SAP GDPR Heatmap Assessment
Getting your SAP GDPR compliant may seem daunting, however taking a few steps to ensure that your data is compliant will pay off in the long run and will ensure you avoid any fines from the ICO.
Absoft recommends undertaking an exercise to identify all the PII data in your SAP system that is to be anonymised.
- Unsure where to start with this? Or want to make sure you have all your tables, landscape and interfaces covered? Learn more about our GDPR System Heatmap
At Absoft, we have worked with a variety of different customers and understand that each business is unique in their SAP use – that’s why we offer SAP consulting tailored to your needs.
