SAP data redaction for GDPR: it’s scary!

August 07, 2019
Written by James Watson

James is a senior consultant in the EPI-USE Labs European team, with 15 years of experience working specifically with SAP Utility implementations. He is currently involved in data migration and system landscape optimisation projects while having a personal interest in data security and GDPR. James is blogging about GDPR and functional ISU information while sharing his long history of customer and project management.

Artboard 1 copy-9

Controlling the risk

As we all know now, GDPR (the General Data Privacy Regulation) has brought in the requirement that every company has to be able to remove data both proactively, against retention criteria, and reactively, in response to an individual’s request, where no legal reason to hold the data remains. Similar requirements are apparent in other global data privacy legislation. For the last two years, I have been running implementations throughout Europe of the EPI-USE Labs’ solution to this challenge.

One of the options I introduce to my clients is the ability to surgically remove data from their SAP systems through the EPI-USE Labs’ software called Data Redact. This allows you to delete sensitive information directly from the system while retaining the key and referential integrity of data in the environment.

I have found it very interesting to note that although the idea of technically completing this task is appealing to businesses, we have then seen a nervousness to actually press the button.

So…what’s the worry with pressing the big red button?

I’ve observed that there are so many internal stakeholders involved in defining a company’s retention policy that these often become very complicated. As such, it’s very challenging to create a business process with sufficient controls to ensure that only those items which should be removed, are removed.

Simply put, by design, Redaction is final and irreversible. The process required to ensure a person should be redacted is complicated, and therefore a high-risk process.

At EPI-USE Labs, we have taken this as a challenge: to overcome the barrier and anxiousness that is data deletion, and present a solution which not only adds value to the business process but also provides an extra layer of protection and peace of mind.

What did our clients ask for?

As with many EPI-USE Labs developments, it all started out with a client’s idea:
“We need to be able to block any person from being Redacted if another process is ongoing, and also check that an Employee, Customer or Vendor is no longer active. If the person doesn’t meet these criteria, then you shouldn’t be able to submit them to the Redaction process.”

So, translating that into a requirement, we built the functionality into our submission routine to be able to define certain checks. These must be valid, or the submission is rejected. Among these was a new table which could be populated to confirm a list of “Do not Redact” fields, which could be used for a wide variety of reasons, ranging from ongoing legal proceedings to post-redundancy activities.

With all the pieces of the puzzle in place, development started, and a couple of weeks later the proof of concept was completed. This has now been thoroughly tested with different case scenarios of Legal Person types and check criteria. On completion of testing, this solution has moved to production.

"We now have a solution that helps companies control
the finality of the data deletion process."

A client-centric approach

We never stop developing our solutions to meet our client’s requirements. The Data Privacy suite is at the cutting edge of this process, with improvements and enhancements continuing to come through. Combined with our experienced Services team, we can greatly improve the simplicity of an SAP GDPR or data privacy project, and provide expert advice and planning throughout the journey to compliance with GDPR (or other relevant data privacy legislation).

The example above describes a company which wants to completely remove the person’s identity from the system. It’s also worth noting that other organisations are using the same approach to extricate only the parts of the data they no longer have legal grounds to hold, such as private email addresses or family information, while retaining the identity of the record.




Explore Popular Tags

GDPR Data Privacy data security data secure data scrambling GDPR compliance POPI Act POPIA Data Sync Manager Data Redaction Right to be forgotten GDPR readiness General Data Protection Regulation SAP GDPR Data Archiving Data Redact GDPR deadline personal data sap Data privacy compliance SAP data privacy and compliance SAP systems SAR Subject Access Request CCPA European operations Federal Law May 2018 Right to Erasure anonymised data compliance test data management Access risk controls Australian Privacy Act 1988 Breach Notification Brexit Budget COVID-19 Canada data privacy legislation Client Sync Cloud migrations Consent DSM Data Portability Data privacy by design Data privacy regulations Documentation Europe Friday 25 May 2018 GDPR-type legislation GRC for SAP HCM HR ICO Information Commissioner’s Office Information transfer Infotype 41 Object Sync Penalties Privacy by Design Proportional Data Right to Access Risk management Risk monitoring S/4HANA Migrations SAP Data Security SAP S/4HANA SAP data SAP security Secure scrambled production data for testing Security Security for SAP. Live South African data privacy legislation Success Factors Territorial Scope UK Government Virtual conference What does the European GDPR mean for Australia? masking rules quality of test data system copy
+ See More

Get Instant Updates

Leave a Comment: