Recently, APOS Systems hosted a webinar on the General Data Protection Regulation (GDPR) and SAP BI compliance. Here are some of the takeaways from that webinar, and some resources to help your BI team in their preparation for the May 25 GDPR compliance deadline.
View the SAP BI & GDPR Compliance webinar on demand…
The focus of the GDPR is squarely on the data subject - the person whose personal data is to be protected. From whom or what is this personal data to be protected? From misuse or abuse by data controllers and data processors, who have a mutual responsibility to protect the data subject's personal data, and to respect the data subject's rights under the GDPR.
The BI team is not the only segment of your organization that acts as data controller and data processor, but your BI system is central to the GDPR compliance effort, because it contains and/or touches on almost every data source within the organization, and because its security model controls access to large amounts of information that may be classified as personal.
It is therefore incumbent upon the BI team to have a firm understanding of the rights of the data subject and the obligations of the data controller and data processor. For the BI team, these rights and obligations come down to three essential activities:
- Data Inspection
- Data Protection
- Data Retention
Data Inspection
Data inspection bears on both the rights of the data subject, and the obligations of the BI team.
Watch this short video from APOS Systems solution consultant Alan Golding to see what this means for BI practitioners:
Data Protection
The obligation to protect personal data falls on data controllers and data processors, including the BI team.
Watch this short video from APOS Systems solution consultant Alan Golding to see what this means for BI practitioners:
Data Retention
The rules for data retention also fall on data controllers and data processors, including the BI team.
Watch this short video from APOS Systems solution consultant Alan Golding to see what this means for BI practitioners:
The Rights of the Data Subject
The rights of data subjects are laid out in great detail within the 99 articles of the GDPR. They include the rights:
- To be informed
- To access
- To correct
- To erase
- To restrict processing
- To portability
- To object
- To understand and determine level of consent
For a more detailed look at these rights, please visit our GDPR, SAP BI & Data Subject Rights page.
APOS Solutions for GDPR Compliance
APOS well managed BI solutions solve many of the administrative challenges you will encounter in your drive toward GDPR compliance:
- APOS Insight enhances your system auditing capabilities so you can analyze security settings, system usage and the impact of changes. It gives you a complete picture of your security settings for analysis and comparison over time.
- APOS Administrator lets you bulk manage and exert granular control Business Objects system, including security, reports, and instances. It automates many processes, liberating your resources for higher-ROI activities, and reducing human error.
- APOS Publisher is an advanced Business Objects publishing solution that lets you publish reports according to complex business rules, automating encryption to secure sensitive information, and maintain distribution governance.
- APOS Storage Center lets you archive reports for long term storage and export them to a data source independent format (such as PDF) to protect data integrity and access. Selective restore makes reports readily available for audit and authorized access. Reports can be stored outside the BusinessObjects system for added security, and improved system performance.