Preface

17

Objective of the Book

17

Composition of the Book

18

Acknowledgments

23

1 Introduction to General Data Protection Regulation

25

1.1 What Does the GDPR Mean for you?

25

1.1.1 Conceptual and Factual Principles

26

1.1.2 An Essential Legal Consideration

30

1.1.3 Principles of Processing

31

1.1.4 Special Categories of Personal Data

33

1.1.5 Justifiable Facts for Processing

35

1.1.6 Requirement of Transparency

37

1.1.7 Accuracy of Data

42

1.1.8 Right to Be Forgotten

42

1.1.9 Data Portability

45

1.1.10 Objection, Automated Individual Decision-Making, and Profiling

46

1.1.11 Appropriateness of Measures, Documentation, and Proof

46

1.1.12 Security of Processing

47

1.1.13 Privacy Impact Assessment

51

1.1.14 Records of processing activities

52

1.2 Which Requirements Require Technical Support?

53

1.2.1 Purpose Limitation of Processing

54

1.2.2 Data Accuracy: Rectification

55

1.2.3 Data Deletion and Data Blocking

56

1.2.4 Technical and Organizational Measures

60

1.2.5 Accountability and Auditability

66

1.2.6 Right of Access

69

1.3 Which Requirements Can Be Technically Supported?

72

1.3.1 Consent

72

1.3.2 Data Minimization

72

1.3.3 Data Accuracy: Data Management

74

1.3.4 Advance Information

74

1.3.5 Records of Processing Activities

75

1.3.6 Accountability: Compliance Management

76

1.4 Summary

79

2 Personal Data in SAP Business Suite and SAP S/4HANA

81

2.1 SAP Business Suite and SAP S/4HANA Data

81

2.2 Personal Data in SAP ERP

84

2.2.1 Business Partner

84

2.2.2 Direct Personal Data Records in SAP ERP Financials

85

2.2.3 Further Personal Data Records in SAP ERP Financials

91

2.2.4 Employee Data in SAP ERP Financials

92

2.2.5 User Data

92

2.2.6 Direct Personal Data Records in SAP ERP Controlling

93

2.2.7 Indirect Personal Data Records in SAP ERP Controlling

94

2.2.8 Reporting Tools in SAP ERP Controlling and Customer-Specific Reporting

97

2.2.9 Direct Personal Data in SAP ERP Sales and Distribution

97

2.3 Personal Data in SAP ERP HCM

99

2.3.1 Types of Personal Data

99

2.3.2 Info Subtypes

102

2.4 Personal Data in SAP CRM

103

2.4.1 Business Partners as Master Data

104

2.4.2 Transactional Data of Business Partners

106

2.4.3 Data Exchange with Other SAP Systems

107

2.4.4 Report Options for Business Partners in Marketing

107

2.5 SAP Business Suite Technical Integration Example

108

2.6 Summary

109

3 Implementation Approach

111

3.1 Project Implementation Steps

111

3.1.1 What Is the Inductive Approach?

114

3.1.2 Blocking and Deleting Personal Data as Your Starting Point

115

3.1.3 Separation Based on Purpose

118

3.1.4 Separating the Purpose and Authorizations

120

3.1.5 Informing the Data Subject

121

3.1.6 Logging

122

3.1.7 Data Transmission Security

123

3.1.8 Technical Security

124

3.1.9 Data Portability

125

3.1.10 Audit, Verification, and Documentation

125

3.2 Record of Processing Activities Approaches

130

3.2.1 Inductive versus Deductive Approach

130

3.2.2 Where the Two Approaches Meet

132

3.3 Summary

132

4 Blocking and Deletion with SAP Information Lifecycle Management

133

4.1 Introduction to SAP ILM

133

4.1.1 Fundamentals of SAP Information Lifecycle Management

134

4.1.2 Lifecycle Management

136

4.1.3 Overview of Solutions

140

4.2 Preparatory Steps

143

4.2.1 Blocking Master Data in Transaction SPRO

143

4.2.2 Blocking Transactional Data in Transaction SPRO

149

4.2.3 Blocking Master Data in SAP Information Lifecycle Management

149

4.2.4 Archiving Master and Transactional Data

156

4.2.5 Destruction of Master and Transactional Data

157

4.2.6 Blocking and Deleting Master Data: Application Rule Variants

160

4.3 Blocking from a Business Perspective

168

4.3.1 Blocking Master Data in the Business Process

168

4.3.2 Display of Blocked Master Data in the Business Process

172

4.3.3 Unblocking Master Data in the Business Process

178

4.3.4 Blocking Transactional Data in the Business Process

181

4.3.5 Display of Blocked Transactional Data in the Business Process

182

4.4 Deletion from a Business Perspective

185

4.4.1 Data Destruction from the Database

185

4.4.2 Destruction of Archived Data

188

4.5 Legal Case Management

191

4.6 Time-Based Blocking of Personal Data in Personnel Management

193

4.7 Summary

195

5 Purpose-Based Processing

197

5.1 Controller and Purpose

197

5.2 Organizational Structures (Line Organization)

200

5.2.1 Key Organizational Structures

201

5.2.2 Alternate Structure Arrangements

205

5.3 Process Organizational Structures

206

5.3.1 Account Groups

207

5.3.2 Business Objects in SAP ERP Sales and Distribution

210

5.3.3 Purpose Attributes in Sales Order Processing

213

5.4 How Organizational Structures Define Purpose

214

5.5 Summary

215

6 Data Controller Rule Framework

217

6.1 Data Controller Rule Framework

221

6.1.1 Configuration of the Data Controller Rule Framework

223

6.1.2 Rule Maintenance in the Data Controller Rule Framework

230

6.2 Summary

237

7 Authorization Concept

239

7.1 Users and Authorizations: An Introduction

239

7.1.1 Users

239

7.1.2 Authorizations

241

7.2 Rethinking Organizational Levels

244

7.3 Defining Process Attributes

247

7.4 Authorization Risks

250

7.5 Summary

254

8 Information Retrieval Framework

255

8.1 Transparency: Access to Data and Information

256

8.2 Setup of the Information Retrieval Framework

257

8.2.1 Activating the Business Function

257

8.2.2 Determining the System Status

258

8.2.3 Assignment of Authorizations

259

8.3 SAP ILM Objects in the Information Retrieval Framework

260

8.4 Creating an Information Retrieval Framework Data Model

264

8.4.1 Display Information Retrieval Framework Data Model

264

8.4.2 Selecting a Data Record for the Provision of Information

266

8.4.3 Assigning an SAP ILM Object to a Purpose

268

8.4.4 Search for a Flight Customer

269

8.4.5 Making Corrections to the Information Retrieval Framework Data Model

272

8.4.6 Checking the Changes Made to the Information Retrieval Framework Data Model

276

8.4.7 Final Search Results

278

8.5 Handling a Data Subject Request

279

8.6 Central Instance

282

8.7 Further Technical Information

283

8.8 Summary

284

9 Read Access Logging

285

9.1 Scope of Read Access Logging

285

9.2 Setup and Maintenance

287

9.2.1 Operation

288

9.2.2 Authorizations

288

9.2.3 Activation

289

9.3 Logging Purpose and Domains

290

9.3.1 Logging Purpose

290

9.3.2 Log Domains

291

9.4 Recordings for User Interface Channels

292

9.5 Configuration

297

9.6 Evaluation of Logs

301

9.6.1 Manual Evaluation

302

9.6.2 Automated Search in Read Access Logging Logs

304

9.7 Configurations for Remote API Channels

305

9.8 Conditions

307

9.9 Transport, Import, and Export

312

9.10 Summary

312

10 SAP Master Data Governance

315

10.1 Master Data Maintenance Scenarios

316

10.1.1 SAP Master Data Governance Central Governance

317

10.1.2 SAP Master Data Governance Consolidation

319

10.1.3 Combining Scenarios

322

10.2 Maintaining Sensitive Data

322

10.3 Organizational Separation

324

10.4 Data Quality Assurance Using Services

326

10.4.1 Key Services

326

10.4.2 Proxy Provider

328

10.5 Summary

329

11 SAP Test Data Migration Server

331

11.1 Use Cases

332

11.1.1 Setting Up Test Clients

332

11.1.2 Setting Up Clients for Training

333

11.1.3 Setting Up Clients for Development

333

11.1.4 Alternating Test Clients

333

11.1.5 Transfer of Selected Test Cases

334

11.1.6 Conversion and System Scrambling

334

11.1.7 Standard Range of Functionalities

335

11.2 Structure and Functionality

335

11.2.1 User Interface

336

11.2.2 Process Control

337

11.2.3 Migration Workbench for Data Records

338

11.2.4 Migration Workbench for Objects

341

11.2.5 Conversion Workbench

343

11.2.6 Scrambling Control

344

11.3 Integration of the System Landscape in SAP TDMS

346

11.4 Data Protection with SAP TDMS

347

11.4.1 SAP TDMS Usage Variants

348

11.4.2 Setting Up Scrambling

348

11.4.3 Scrambling Across Systems

350

11.5 Summary

351

12 Accountability: Protection, Audits, Controls, and Documentation

353

12.1 Control Frame and Principles of Processing

354

12.2 Lawfulness, Fairness, and Transparency

355

12.3 Purpose Limitation

357

12.4 Data Minimization

360

12.5 Accuracy

364

12.6 Storage Limitation

366

12.7 Integrity and Confidentiality

369

12.8 Accountability

377

12.9 Abstract Technical Controls

378

12.10 Technical Control Actions: Examples

381

12.11 Summary

413

Appendicess

415

A Relevant Transactions, Reports, and SAP Notes

415

A.1 Transactions

415

A.2 Reports

418

A.3 SAP Notes

418

B The Authors

419

Contributors

420

Translator

421