Gdpr and SAP: Data Privacy with SAP Business Suite and SAP S/4hana (Hardcover)

... Foreword ... 15 ... Preface ... 17 ... Objective of the Book ... 17 ... Composition of the Book ... 18 ... Acknowledgments ... 23 1 ... Introduction to General Data Protection Regulation ... 25 1.1 ... What Does the GDPR Mean for you? ... 25 1.2 ... Which Requirements Require Technical Support? ... 53 1.3 ... Which Requirements Can Be Technically Supported? ... 72 1.4 ... Summary ... 79 2 ... Personal Data in SAP Business Suite and SAP S/4HANA ... 81 2.1 ... SAP Business Suite and SAP S/4HANA Data ... 81 2.2 ... Personal Data in SAP ERP ... 84 2.3 ... Personal Data in SAP ERP HCM ... 99 2.4 ... Personal Data in SAP CRM ... 103 2.5 ... SAP Business Suite Technical Integration Example ... 108 2.6 ... Summary ... 109 3 ... Implementation Approach ... 111 3.1 ... Project Implementation Steps ... 111 3.2 ... Record of Processing Activities Approaches ... 130 3.3 ... Summary ... 132 4 ... Blocking and Deletion with SAP Information Lifecycle Management ... 133 4.1 ... Introduction to SAP ILM ... 133 4.2 ... Preparatory Steps ... 143 4.3 ... Blocking from a Business Perspective ... 168 4.4 ... Deletion from a Business Perspective ... 185 4.5 ... Legal Case Management ... 191 4.6 ... Time-Based Blocking of Personal Data in Personnel Management ... 193 4.7 ... Summary ... 195 5 ... Purpose-Based Processing ... 197 5.1 ... Controller and Purpose ... 197 5.2 ... Organizational Structures (Line Organization) ... 200 5.3 ... Process Organizational Structures ... 206 5.4 ... How Organizational Structures Define Purpose ... 214 5.5 ... Summary ... 215 6 ... Data Controller Rule Framework ... 217 6.1 ... Data Controller Rule Framework ... 221 6.2 ... Summary ... 237 7 ... Authorization Concept ... 239 7.1 ... Users and Authorizations: An Introduction ... 239 7.2 ... Rethinking Organizational Levels ... 244 7.3 ... Defining Process Attributes ... 247 7.4 ... Authorization Risks ... 250 7.5 ... Summary ... 254 8 ... Information Retrieval Framework ... 255 8.1 ... Transparency: Access to Data and Information ... 256 8.2 ... Setup of the Information Retrieval Framework ... 257 8.3 ... SAP ILM Objects in the Information Retrieval Framework ... 260 8.4 ... Creating an Information Retrieval Framework Data Model ... 264 8.5 ... Handling a Data Subject Request ... 279 8.6 ... Central Instance ... 282 8.7 ... Further Technical Information ... 283 8.8 ... Summary ... 284 9 ... Read Access Logging ... 285 9.1 ... Scope of Read Access Logging ... 285 9.2 ... Setup and Maintenance ... 287 9.3 ... Logging Purpose and Domains ... 290 9.4 ... Recordings for User Interface Channels ... 292 9.5 ... Configuration ... 297 9.6 ... Evaluation of Logs ... 301 9.7 ... Configurations for Remote API Channels ... 305 9.8 ... Conditions ... 307 9.9 ... Transport, Import, and Export ... 312 9.10 ... Summary ... 312 10 ... SAP Master Data Governance ... 315 10.1 ... Master Data Maintenance Scenarios ... 316 10.2 ... Maintaining Sensitive Data ... 322 10.3 ... Organizational Separation ... 324 10.4 ... Data Quality Assurance Using Services ... 326 10.5 ... Summary ... 329 11 ... SAP Test Data Migration Server ... 331 11.1 ... Use Cases ... 332 11.2 ... Structure and Functionality ... 335 11.3 ... Integration of the System Landscape in SAP TDMS ... 346 11.4 ... Data Protection with SAP TDMS ... 347 11.5 ... Summary ... 351 12 ... Accountability: Protection, Audits, Controls, and Documentation ... 353 12.1 ... Control Frame and Principles of Processing ... 354 12.2 ... Lawfulness, Fairness, and Transparency ... 355 12.3 ... Purpose Limitation ... 357 12.4 ... Data Minimization ... 360 12.5 ... Accuracy ... 364 12.6 ... Storage Limitation ... 366 12.7 ... Integrity and Confidentiality ... 369 12.8 ... Accountability ... 377