Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
Stefanie_Buehler
Associate
Associate
2,353

Business challenges with Data Protection Regulations


Data protection regulations conquer the world: In more and more countries data protection regulations are put in place. Often the EU GDPR (DSGVO) regulations act as role model for a country’s legislation.


EU GDPR has regulated various aspects, which require data controller and data processor to reframe the IT solution.

GDPR Art. 15 (Right of access by data subject) & Art. 17 (Right to erasure) lead to even more direct impact on customers day to day business.

SAP Information Lifecycle Management (ILM) is the standard solution provided by SAP to cope with rule-based data retention in SAP S/4HANA OP, SAP S/4 HANA Cloud and SAP Business suite systems. ILM objects are the technical units, which cover data retention functionalities for various data objects within SAP systems. For example, ILM object “FI_DOCUMNT” provides all the necessary functionalities for data object financial posting.

There are more than 1000 ILM objects. Hence, the key challenges before the implementation project can start are:

-       Identification where possible personal data is persisted in the SAP systems

-       Identification of key stakeholders, who need to define retention policies

-       Setup of a manageable project plan

A good starting point for your ILM DPP journey is the technical analysis for SAP ILM to learn about the SAP ILM functionality, possible personal data in your systems and the relevant ILM objects enabling an implementation project with a reasonable scope.

 

Data Privacy Analysis for SAP ILM in SAP Store


With the data privacy analysis for SAP ILM, we help customers to facilitate the adoption of SAP Information Lifecycle Management (ILM) for data privacy and protection.

As of now, the service Data privacy analysis service for SAP ILM is available as a zero-touch and easily consumable service in SAP Store in more than 20 countries all over the world.

In case of questions on the service or on the delivery, please contact DMLT consulting sap_dmlt_gce@sap.com

Overview


This service is dedicated to support customers to gain a better understanding of data protection features and building blocks provided by SAP Information Lifecycle Management (SAP ILM). Furthermore, a technical analysis is going to be conducted to identify the relevant ILM objects in customer’s systems. Eventually, advice on how to scope and plan the ILM implementation project will be provided.

Delivery


-       One 1-hour kick-off call

-       Remote execution of technical analysis on customer system

-       Preparation of the analysis results summary

-       Two 3-hour remote workshops to explain:

-       Information Lifecycle Management - Retention Management

-       Information Lifecycle Management - Personal Master Data Blocking and Deletion

-       Analysis Result

-       Advise on ILM implementation scope and planning

 

Details on the Data Privacy Analysis for SAP ILM


1.     Explain the key purposes of the analysis service and support the Customer in the following points:


-       How to install the analysis tool

-       Required system access and user authorizations

-       Set up of project time plan together with Customer

 

2.     Conduct system scan for the below aspects:


-       Checking database tables, which contain data in personal data domains. SAP team will use only SAP standard domains for table scanning. The scan covers a comprehensive range of personal data domains from SAP standard, but the list can also not be exclusive.

-       Checking header tables of SAP ILM objects, which contain data

-       Checking existing archiving sessions

-       Checking business objects, which have attachments (unstructured data)

 

3.     Generate below analysis result and recommendations:


-       List of SAP standard tables, which contain data in personal data domain and potentially contain personal information

-       List of custom tables, which contain data in personal data domain and potentially contain personal information

-       List of SAP ILM objects, which are recommended for implementation

-       List of archiving sessions, which are recommended for conversion

-       List of business objects, which have attachments. Provide advice on attachment handling for data privacy compliance

-       List of "Personal master data objects", which are recommended for implementation

-       List of "End of purpose check applications", which are recommended for implementation

-       System release information and recommendation for system upgrade

 

4.     Conduct two 3 hours workshops (remote) with the following content:


-       Introduction of the concept of SAP ILM retention management of transactional data

-       Introduction of the concept of SAP ILM simplified blocking and deletion of master data (customer, vendor, business partner)

-       Introduction of the possibilities of custom development to extend SAP ILM (such as adding custom tables in standard SAP ILM object)

-       Presentation of the analysis result

 

Conclusion


In order to kick start your journey to adhere to your data protection regulation, the Data privacy analysis service for SAP ILM on SAP Store is the right service to choose.

In case of questions on the service or on the delivery, please contact DMLT consulting sap_dmlt_gce@sap.com

Disclaimer: SAP does not provide legal advice. The following above mentioned service is only about technical features which might help a customer to become compliant with data protection regulations.