Ahead of the introduction of General Data Protection Regulations (GDPR) in May, business application security provider ERPScan has published guidelines on how organisations can make their SAP systems GDPR compliant.
GDPR introduces new obligations for companies to protect the personal data and privacy of European Union (EU) citizens. Companies do not have to be based in the EU to be bound by the regulations.
Companies must review how they process, store and protect customers’ personal data in order to prevent data breaches that could result in criminal investigation, reputational damages, indemnification, penalties and fines for affected companies.
“GDPR should be viewed not as a thorn in the side but as an enabler for structuring the procedure of protecting data and business applications that process this data. After all, GDPR aims at facilitating digital economy and building a strong foundation of trust in the internet,” said Michael Rakutko, head of professional services, ERPScan.
ERPScan’s white paper describes how GDPR affects SAP systems and how to use GDPR hype to achieve positive business results including data governance improvement, competitive advantage and higher customer satisfaction.
The guide details three broad groups of GDPR technical security requirements:
1. Assessing existing data processes and systems;
2. Restricting personal data activities; and
3. Monitoring data breaches.