Let's Talk Data Security

Shared by our experts
2 minute read

The CCPA is here, and your SAP system is not compliant. Now what?

Jan 22, 2020 4:01:17 AM

Since its hasty inception, the California Consumer Privacy Act (CCPA) has stirred up debate across the United States. As more states develop data privacy laws, many businesses struggle to comply with laws that often contradict each other. Read on to learn how the CCPA impacts you.

  1. The CCPA landed on 1 January 2020
  2. Am I supposed to comply?
  3. What can I do to comply with the CCPA?
    1. I have no data privacy program
    2. I am busy implementing a program in line with GDPR or other legislation
    3. I have a fully developed data privacy program
  4. Need some help?
  5. Disclaimer

2 minute read

Is S/4 your first major project since GDPR came into effect?

Nov 6, 2019 6:47:09 AM

All IT projects must have ‘privacy by design’, and S/4 is on everyone’s horizon

I was recently at SAP Teched 2019 in Barcelona, and of course the message was very heavily ‘Cloud’ and S/4. It was interesting to see some detailed information about very large SAP environments that have now gone to S/4, and also noticeable how many people were present to hear about those. The tipping point seems to have been reached now, and an S/4 project is clearly planned by most SAP customers, if it isn’t already underway.


3 minute read

The future of the CCPA: What about a Federal law?

Sep 27, 2019 6:16:55 AM

This blog discusses the potential issues around implementing CCPA compliance if a superseding federal law is enacted. It covers:


2 minute read

SAP data redaction for GDPR: it’s scary!

Aug 7, 2019 1:57:10 PM



Controlling the risk

As we all know now, GDPR (the General Data Privacy Regulation) has brought in the requirement that every company has to be able to remove data both proactively, against retention criteria, and reactively, in response to an individual’s request, where no legal reason to hold the data remains. Similar requirements are apparent in other global data privacy legislation. For the last two years, I have been running implementations throughout Europe of the EPI-USE Labs’ solution to this challenge.


2 minute read

A stark reminder of the rules: BA faces eye-watering GDPR fine

Jul 8, 2019 8:43:17 AM


 

British Airways given £183 million fine for data breach – the first public GDPR fine in the UK

In the sunrise period for GDPR (the General Data Protection Regulation), it was a hot topic not just in the industry, but temporarily in the mainstream media as well. People with no interest in IT, never mind data security, were aware of the law and interested to see what was going to happen. A bit like how we all become Tennis aficionados for two weeks during Wimbledon. Since then, with (relatively speaking) small fines being issued which occurred under the old laws, the subject had left the mainstream again until today, with the news that the Information Commissioners Office (ICO) has handed down a fine of £183 million to British Airways (BA).


3 minute read

SAP was built for customising...so were Data Disclose and Data Redact

Oct 31, 2018 5:55:37 AM


SAP: ERP off the shelf

Why has SAP been so successful for so long? Because they designed a massively powerful – and scalable – ERP system, which could be installed from the same CDs/DVDs/Files (delete as appropriate depending on your age) at almost any organisation in the world. From there it could be quickly/slowly/glacially (delete as appropriate depending on your industry/project scope etc) tailored to fit a very wide variety of business processes, just by making settings in the IMG. No need for custom code or tables in the database unless you really wanted to bring your own processes to the system, and even that wasn’t too hard to do. 

Read on to find out about:


2 minute read

Approaching SAP HCM data in the shadow of GDPR

Jul 11, 2018 1:09:40 PM

After my last piece about data removal, I’ve had a lot of conversations about HCM data removal, and so I decided to delve a little deeper into SAP HCM data and what the GDPR may mean there.

Current, previous and potential future employee data is a really interesting area for data privacy.


1 minute read

Welcoming in the GDPR

May 25, 2018 12:30:00 AM

The end of the world as we know it...or not

So, I woke up this morning and still had two arms and legs, and a desperate need for a coffee. The world didn’t end (or if it did, you wouldn’t be reading this anyway so a small factual inaccuracy won’t matter). Things have changed – but I think it’s been a gradual shift of mindset and prioritisation of data privacy and all that surrounds it. With any gradual change, you have to take a step back to actually see how much things have changed.