Enterprise Resource Planning Blogs by SAP
Get insights and updates about cloud ERP and RISE with SAP, SAP S/4HANA and SAP S/4HANA Cloud, and more enterprise management capabilities with SAP blog posts.
Showing results for 
Search instead for 
Did you mean: 
Product and Topic Expert
Product and Topic Expert
In April 2016, the European Union (EU) adopted a newly harmonized data protection law called the General Data Protection Regulation (EU GDPR). As of May 25, 2018, the GDPR will be a directly applicable law in all EU and European Economic Area (EEA) Member States. While the GDPR does not introduce many substantially new concepts, it increases the compliance requirements on the controllers and processors of personal data in areas such as:

  1. Providing reports or display functions to inform individuals about personal data stored about them

  2. Supporting erasure of personal data (so called "Right to be Forgotten")

  3. Logging changes to personal data

  4. Logging read access to sensitive personal data


GDPR applies to all companies processing personal data of data subjects in the European Union, regardless of the company’s location.

SAP Business One and GDPR

SAP is aware of the importance of this change and has delivered following functionality to help SAP Business One customers comply with GDPR Data Privacy regulations:

  • The functions of Change Log, System Access Log, General Authorizations, and selective erasure of personal data - available by design in SAP Business One.

  • Data Ownership Enhancements – already released with SAP Business One 9.3 PL00 (for SAP HANA and MS SQL).

  • HANA Enterprise Search function to report all occurrences of data stored about queried individuals (SAP Business One, version for SAP HANA only).

  • Data Privacy Tools – released with SAP Business One 9.3 PL04 (for both SAP HANA and MS SQL)

    • Personal Data Setup

    • Personal Data Management Wizard

      • Natural Person Determination

      • Personal Data Report

      • Personal Data Cleanup

      • Sensitive Personal Data Encryption / Decryption (Germany only)

    • Sensitive Personal Data Access Log (Germany only)

    • Personal Data Change Log Extension


It is important to stress that SAP is not herein engaged in rendering legal advice. It is the customer’s responsibility to adopt measures that the customer deems appropriate to achieve GDPR compliance.

SAP encourages each customer in conjunction with their partner to take the required time to understand the legislation and how existing procedures and processes need to change.


Customer roadmap towards adherence

  1. Upgrade to SAP Business One 9.3 PL04 to benefit from the GDPR functionality delivered therein.

  2. Install Remote Support Platform (RSP) and upload the System Status Report (SSR) now, so that SAP is aware that you have upgraded.


Supporting Materials:


*To access information your customer S-user is required.