The EU GDPR is now taking effect. However, according to a DSAG study from February 2018, only a single-digit percentage of SAP user companies are really prepared.
Many obvious topics such as double opt-in or the right to information have been addressed many times in various publications, and there are different approaches as to how one should or could react to them.
However, less frequently focused areas - because they are often more difficult to answer at first glance - should not be disregarded either. These include the right to be forgotten (Art. 17) and the security of processing (Art. 32), which in turn breaks down into ensuring protection goals such as confidentiality, integrity and availability.
Every person therefore has the right to know, within a reasonable time frame, what data is stored in company databases and for what purpose. With a proper data model and suitable queries or tools, this can also be answered wonderfully. So far so good.
But what if the system is not available at the most inconvenient time? What if, due to a forced restore of a single system, data is suddenly inconsistent with other systems?
With Libelle BusinessShadow, Libelle AG offers a solution that maps availability and disaster scenarios at the logical level. The advantage: Not only RPO and RTO, but specifically also RCO (Recovery Consistency Objective) ensure that companies are comprehensively able to provide information again with consistent data stocks after the shortest possible time.
What if, in addition, individuals wish to exercise their right to be forgotten?
If there is no longer an ongoing business relationship, the company must regularly ensure that personal data is no longer stored in the system. On the other hand, there are also legal storage obligations for which even completed business relationships must be kept traceable.
With its Master Data Services Suite(MDSS), Libelle AG provides a toolset that works with a data vault. Master data whose life cycle has ended from the perspective of the GDPR is stored in this vault - both automatically determined on a regular basis and explicitly triggered. Only a deletion/blocking notice will be visible in the production data, while the real data in the data vault will only be available to persons with an additional legitimate interest.
In addition to the right to be forgotten, the issue of purpose limitation of personal data is also a big issue. Only data that is needed for the specific business purpose and only by a group of persons with a legitimate interest may be processed. For production environments, this is a procedural/organisational issue and of course also a topic of authorisation management.
But what about non-production environments? In practice, Q/project/training systems are still updated with classic system copies. Ergo: production data in non-production environments. Usually, a large number of non-authorised persons (developers, consultants, admins) have access to real data. Maybe not daily updated, but still clearly personalised. The possibilities to limit unauthorised access to confidential data: either a comprehensive authorisation concept analogous to production environments, which, however, often contradict the purpose of non-production environments. Or ensure that personal real data becomes precisely what these systems actually need: Test data. The approach here is to anonymise the real data so that it no longer has a concrete personal reference.
However, attention must still be paid to meaningfulness and logical consistency, within the system as well as across system boundaries within the landscape.
Libelle AG also offers a tool for this with Libelle DataMasking (LDM) (LDM), which anonymises data on non-production systems and system landscapes in a meaningful and logically consistent way. This means that business processes can continue to be tested end-to-end to their heart's content.