The General Data Protection Regulation (GDPR) will come to effect on May 25th 2018, challenging the current privacy landscape. The regulation causes organizations to change how their implemented systems store privacy data, demanding a possibility to delete or anonymize personal and sensitive data. Pearl Consulting can help your organization to navigate within this new area of privacy regulations while staying within the rules of the industry.
The new regulation can be divided into 10 key challenges for your organization. Pearl Consulting can help your with four of these challenges, making your current SAP solution able to embrace the new European privacy landscape in a price-efficient way.
The new GDPR regulation causes the organizations to take responsibility for the customer data rather than the individual itself. The responsibility has shifted to the organization, and gives the partner clearer rights in regard to how their personal data is stored. The regulations demand the possibility to anonymize the partner, hence making the data foundation of the partner non-traceable. This creates challenges regarding how much data to be anonymized in order to make the partner non-traceable, while still sufficient for analyses and reports.
In an organization, partner information is often sent to third-party interfaces. In GDPR, the organizations now have the responsibility to inform the third-party interfaces of the partner’s request to be anonymized.
Pearl Consulting’s system solution for GDPR is a tool to implement the regulation into an existing SAP system, called a GDPR Cockpit. The GDPR Cockpit aims to provide your organization with a comprehensive way of searching for partners and deciding on a way to further process their privacy information.
Open Check for Partner
From the GDPR Cockpit, the user can easily search for one single partner or an interval of partners, choose to anonymize, delete, evaluate or identify third-party interface. The result from the selected partners can then be simulated in order to further review which process will be implemented for the various customers.
Anonymity and Deletion
From the simulation, an intuitive traffic-light solution is implemented showing if the partner is ready to be deleted or anonymized. Whether the partner is ready for anonymization, deletion or neither of the following, is affected by open orders, deliveries or travel accounts for the partners. If the simulation is approved, the run will be processed and the partners will be anonymized.
The anonymization run in the GDPR Cockpit makes sure to remove all the identifying information throughout the system. This includes the master data, partner orders, deliveries and invoice addresses, making sure to completely anonymize the privacy information across the organization. When the partner is anonymized, the system replaces the sensitive information with non-traceable information, leaving only the ZIP-code of the partner.
Pearl Consulting’s GDPR Cockpit provides your organization with a solution for third-party notification in line with the regulations where all the external interfaces are informed of the partners request to be anonymized. This can easily be turned on by checking of the “3rd party” switch in the GDPR Cockpit start screen.
Access Control and Archiving
In order to utilize the GDPR Cockpit functions optimally, maintenance of systems regarding access control and archiving is recommended. The new regulations sheds light on the importance of assuring only users with the correct authorization has access to sensitive privacy information. Therefore, it is important to review the access control in order to assign correct roles and control the user’s authorization. Additionally, standard SAP archiving must be implemented in order to assure that the GDPR Cockpit anonymization run is optimal.
The GDPR Cockpit is a new functionality in the SAP system, and the importance of learning how this new tool works in practice for your organization is essential. Consequently, Pearl Consulting will assist your organization in workshops, making sure you are ready to use the GDPR Cockpit correctly and efficiently after implementation.
Through the GDPR Cockpit, Pearl Consulting hope to help you design and evolve your current SAP system to fit the new GDPR regulations; embracing partner privacy in a comprehensive and cost-efficient way.