Challenge
A leading company in the Mobility and Public Services sector, currently migrating to SAP S/4HANA, needed to ensure full compliance with EU Regulation 2016/679 (GDPR), particularly in relation to the right to be forgotten and the protection of the personal data of its customers and suppliers. The previous features used for data anonymization would no longer be supported in the new S/4HANA environment. The challenge was to implement a smart and simple solution that would allow the anonymization of personal data throughout the SAP supply chain (including development and testing), in accordance with the customer’s anonymization process, without negatively impacting the integrity and consistency of accounting and service data, and without requiring additional licensing costs and system activities.
Solution
The solution adopted consists of implementing the GDPR Cockpit, a custom tool developed in ABAP (both SAP Ecc and S/4HANA) by Qintesi, which can be extended in SAP Fiori\BTP and has already been successfully implemented for other large account customers. The tool is designed as an accelerator for the implementation of the anonymization process, with the aim of minimizing the impact on services and the integrity of accounting data and centralizing the basic functions for performing masking, scrambling, deleting, anonymization, etc.
The Cockpit consists of a “Core” component for basic functionality and a “Context” component for customer-specific contextualization, such as Data Lineage, Anonymization Drivers, masking rules, etc.
The basic process in a production environment can be divided into five main macro-phases:
- Identification of subjects to be anonymized: an extractor selects “candidates for oblivion” (personal data of customers/suppliers who are natural persons, business partners) based on retention requirements such as the absence of transactions in SAP in the last 9 years.
- Confirmation by the user (Owner): the user views the extracted list and can confirm or remove subjects, for example in the event of a dispute.
- Anonymization run execution: the tool applies the rules directly to the database, using an encryption algorithm of your choice (AES with a 256-bit key by default). After the run, the data is no longer readable and fields containing personal data are masked, for example with “XXX,” or encrypted.
- Final user verification with reports available for audit purposes.
- Rollback: in the event of errors, data can be restored, provided that the encryption keys have not been permanently deleted. The rollback window has been set at one year, after which the deletion of keys is irreversible, guaranteeing the right to be forgotten without deleting transactional data and compromising accounting consistency.
This methodology has therefore enabled compliance with the GDPR to be achieved while maintaining the integrity of transactional data for historical and accounting purposes.
In the lower environments, Development and Quality, the tool has been used to anonymize personal data across the entire database using the scrumbling technique, with no possibility of rollback.
Results
- Compliance with the GDPR Regulation is guaranteed in the SAP S/4HANA environment, in particular with regard to the right to be forgotten, even in response to specific requests from the data subject (run on demand).
- Implementation of a custom solution that did not require the purchase of additional licenses or system activities
- Ensuring the consistency of accounting and service data by anonymizing the personal data of customers, suppliers, and business partners, preventing changes to personal data after anonymization.
- A standardized, robust, and auditable anonymization process has been defined, with the possibility of rollback if necessary.
Quote
Le informazioni contenute in questo documento sono di proprietà.
Copyright © 2014 Qintesi S.p.A. Tutti i diritti riservati.
