Do you understand the implications of GDPR in relation to your current SAP landscape and future use of SAP?
The European Commission’s regulation for data protection rules have been updated in the General Data Protection Regulation with legislation coming into force May 2018 to all EU countries.
GDPR represents the biggest shake up of data protection law in over 20 years. It will have a massive effect on organisations and will introduce greater regulation, control and governance over personal data. The new data protection rules will create a harmonised framework and present a multitude of new compliance obligations around new consent rules, enhanced privacy rights of individuals, demands for privacy impact assessments to understand risk, and ‘privacy by design’ for all business operations and processes. New obligations for data transparency will also be introduced for confidentially breaches and new rights against the use of personal data with the right to be forgotten and data portability. As a result, we face far stricter rules for capturing, storing, processing and managing data.
Data breaches will be costly! Preparation to comply with GDPR needs to start now. Consequences of mishandling personal data will potentially lead to non-complying organisations facing fines of up to 4 percent of their global annual turnover or €20 million, whichever is higher. Even though this regulation becomes effective in May 2018, requirements and practices to protect sensitive data are already defined, and they bring big challenges – making it even more crucial for organisations to get their SAP landscape in order now.
However, 86% of SAP users don’t fully understand the implications of GDPR in relation to their current SAP landscape and future use of SAP! All systems such as SAP ERP, Business Intelligence, CRM, HCM and other SAP applications need to be included in your GDPR preparation project. In order to comply, you will need a focused approach to managing, owning and processing data.
There is a lot of complexity and confusion about GDPR. As a trusted SAP advisor and full-service provider of SAP applications and analytics solutions, itelligence can provide clarity of thought and straightforward actions on what you should consider when embarking on your data compliance journey.
GDPR is important with huge implications. In the context of a wider data management and information lifecycle management strategy, we can highlight the practical steps you can take now to minimise the risk in your SAP systems. No single solution can address all of GDPR’s requirements but there are specialised SAP solutions that can present a comprehensive platform to managing risk within SAP and non-SAP systems.
itelligence has a number of pre-packaged risk management solutions and accelerators, developed from our global knowledge pool and supported by strong partnerships with leading GRC providers. Complemented by our data lifecycle methodology (Map, Monitor and Manage) we can help you to mitigate risk as you embark on your GDPR journey.
You need to be able to provide evidence that you are able to manage personal data throughout its entire lifecycle. A key requirement of GDPR is the ‘right to be forgotten’ and data portability involving the identification, blocking, deletion and archival of sensitive data.
SAP Information Lifecycle Management (SAP ILM) is the only solution for managing this process and presents the only way possible to delete data in SAP applications.
SAP ILM will not only solve some of your GDPR challenges, but the solution is a perfect data archiving tool for SAP ERP. SAP customers can securely move data to longer term, less expensive storage but maintain access to archived data in a compliant manner.