SAP data redaction for GDPR: it’s scary!

By James Watson
James Watson

James is a senior consultant in the EPI-USE Labs European team, with 15 years of experience working specifically with SAP Utility implementations. He is currently involved in data migration and system landscape optimisation projects while having a personal interest in data security and GDPR. James is blogging about GDPR and functional ISU information while sharing his long history of customer and project management.

Written on Aug 7, 2019 1:57:10 PM

2 minute read

Artboard 1 copy-9

Controlling the risk

As we all know now, GDPR (the General Data Privacy Regulation) has brought in the requirement that every company has to be able to remove data both proactively, against retention criteria, and reactively, in response to an individual’s request, where no legal reason to hold the data remains. Similar requirements are apparent in other global data privacy legislation. For the last two years, I have been running implementations throughout Europe of the EPI-USE Labs’ solution to this challenge.

One of the options I introduce to my clients is the ability to surgically remove data from their SAP systems through the EPI-USE Labs’ software called Data Redact. This allows you to delete sensitive information directly from the system while retaining the key and referential integrity of data in the environment.

I have found it very interesting to note that although the idea of technically completing this task is appealing to businesses, we have then seen a nervousness to actually press the button.

So…what’s the worry with pressing the big red button?

I’ve observed that there are so many internal stakeholders involved in defining a company’s retention policy that these often become very complicated. As such, it’s very challenging to create a business process with sufficient controls to ensure that only those items which should be removed, are removed.

Simply put, by design, Redaction is final and irreversible. The process required to ensure a person should be redacted is complicated, and therefore a high-risk process.

At EPI-USE Labs, we have taken this as a challenge: to overcome the barrier and anxiousness that is data deletion, and present a solution which not only adds value to the business process but also provides an extra layer of protection and peace of mind.

What did our clients ask for?

As with many EPI-USE Labs developments, it all started out with a client’s idea:
“We need to be able to block any person from being Redacted if another process is ongoing, and also check that an Employee, Customer or Vendor is no longer active. If the person doesn’t meet these criteria, then you shouldn’t be able to submit them to the Redaction process.”

So, translating that into a requirement, we built the functionality into our submission routine to be able to define certain checks. These must be valid, or the submission is rejected. Among these was a new table which could be populated to confirm a list of “Do not Redact” fields, which could be used for a wide variety of reasons, ranging from ongoing legal proceedings to post-redundancy activities.

With all the pieces of the puzzle in place, development started, and a couple of weeks later the proof of concept was completed. This has now been thoroughly tested with different case scenarios of Legal Person types and check criteria. On completion of testing, this solution has moved to production.

"We now have a solution that helps companies control
the finality of the data deletion process."

A client-centric approach

We never stop developing our solutions to meet our client’s requirements. The Data Privacy suite is at the cutting edge of this process, with improvements and enhancements continuing to come through. Combined with our experienced Services team, we can greatly improve the simplicity of an SAP GDPR or data privacy project, and provide expert advice and planning throughout the journey to compliance with GDPR (or other relevant data privacy legislation).

The example above describes a company which wants to completely remove the person’s identity from the system. It’s also worth noting that other organisations are using the same approach to extricate only the parts of the data they no longer have legal grounds to hold, such as private email addresses or family information, while retaining the identity of the record.


Topics: GDPR DSM data security Data Privacy GDPR compliance Data Redaction GDPR-type legislation personal data SAP GDPR Data privacy compliance Canada data privacy legislation

Add a comment