Archiving in compliance with data protection is one of the main challenges for any company. One thing should be clear to decision makers no later than since the introduction of the European General Data Protection Regulation (EU-GDPR) at the end of May 2018: if the GDPR requirements are not met, there is a risk of severe sanctions. For especially serious violations, the fines are up to 20 million Euros or, in the case of a company, up to 4% of the total worldwide revenues in the previous business year, depending on which is greater. In other words, when it comes to the EU-GDPR, there is an urgent need for compliance.

SAP has reacted quickly to the situation with SAP ILM (Information Lifecycle Management); EASY SOFTWARE has done the same with WebDAV for ILM – a simple to manage interface between EASY Archive and SAP ILM. With that, nothing stands in the way of GDPR-compliant archiving with EASY Archive in combination with SAP systems and SAP ILM.

As easy as the EASY WebDAV for ILM interface can be administrated, the concrete use of EASY for SAP, SAP ILM as well as EASY WebDAV for ILM and EASY Archive in the context of the EU-DSGVO is so complex.

Share this article

EU-GDPR – what is considered worth protecting?

To put it briefly in advance, the data protection regulation controls and regulates the handling of personal data and their processing. But what do “personal data” and “their processing” mean in this context?

Personal data and their processing – a brief explanation

You want to know how EASY WebDAV for ILM works?

Learn more about EASY WebDAV for ILM

Working in compliance with the GDPR with SAP ILM – information lifecycle management

The lifecycle of personal data must be controllable. And this is exactly where SAP Information Lifecycle Management (SAP ILM) comes in to play. SAP ILM adds the ability to manage the lifecycle of productive and archived data and documents using ILM rules to the SAP standard delivery.

Thus, SAP ILM provides the means and methods for handling information in the company in accord with the GDPR. Data processing systems must be made able to do the following with information with personal characteristics

  • Provide an expiration date
  • Block
  • Delete

Good examples of this sort of ILM properties are deletion orders or a date of expiration. EASY Archive combined with EASY for WebDAV ILM meets these SAP-ILM requirements. Through the interaction of the latter two systems with EASY for SAP, we make possible an ILM-capable storage system which ensures that archive data are securely retained until the expiration date. Blocking and ultimate deletion of archived data is carried out automatically.

How can SAP ILM and EASY for WebDAV ILM help you to comply with the requirements of the GDPR?

WebDAV for ILM, Information Lifecycle Management and GDPR: Blocking data

Of course, the data protection perspective is just one of many which are relevant for companies. For example, business and tax law requirements regulate retention periods and demand the archiving of business documents. This sort of mass data may be stored in an archive system simply for reasons of performance. With EASY WebDAV for ILM, this kind of data can be transferred to EASY Archive – and also automatically deleted following the end of the retention period if desired, for example. The prerequisite is that the data records in question do not contain any personal characteristics as defined by the GDPR. But what if exactly the opposite is true?

Now, two requirements must be unified: data protection and retention obligations. In other words, a compromise must be found in the processing of personal data in the context of the purpose. The usual procedure with EASY WebDAV for ILM at this point is to block the personal data. Access to the data records of this kind is then protected – until the end of the retention period is reached. EASY WebDAV for ILM implements these ILM rules from the SAP Information Management System and passes them on to the EASY Archive.

SAP ILM and GDPR: Deleting data

Nothing lasts forever – and at some point legal or contractual retention obligations come to an end. According to the EU-GDPR, this represents the moment at which personal data must be deleted.

An explanation through an example: companies are encouraged to destroy accounting documents after a period of ten years. As soon as the expiration date is reached, the deletion orders are issued from SAP ILM, transmitted to EASY WebDAV for ILM and executed in the EASY Archive.

On the safe side with EASY WebDAV for ILM

As easily as the EASY WebDAV for ILM interface can be administered, so complex is the specific use of EASY for SAP, SAP ILM as well as EASY WebDAV for ILM and EASY Archive in the context of the EU-GDPR. An integral understanding of the subject is urgently necessary. The webcast “SAP ILM – finally archive GDPR-compliant with EASY WebDAV for ILM”, which will take place on November 27, 2018, offers an advanced overview.

Share this article

Are you interested in EASY WebDAV for ILM?

Find out more about “SAP ILM DSGVO compliant archiving – EASY WebDAV for ILM helps”

About Marc Brudzinski
With over 20 years of experience in consulting, business development and product management, Marc Brudzinski is responsible for the development and further development of ECM integrations at EASY Software AG. He is constantly on the lookout for innovations that enrich the ECM integration portfolio and offer customers value-adding optimization potential. As compensation for his professional activities, Marc Brudzinski plays the guitar in his spare time, enjoys hiking in the mountains and cooks for his wife.
Marc Brudzinski
This might also interest you:
The most important recruiting trends you need to know about
The Most Important Recruiting Trends You Need to Know About
7 Gründe, warum Ihr Unternehmen von Manager und Employee Self Service profitiert
7 Reasons Why Your Company Benefits from Manager and Employee Self-Service
Whitepaper: A self-service portal for a flawless interaction between purchasing and suppliers