Many if not most data in numerous places in SAP have a personal reference or can occasionally be related to people. Master data such as the central business partner, the customer, supplier and employees generally contain identifying characteristics, such as name, address and phone number. Therefore, these data and documents in SAP are subject to the requirements of the Data Protection Regulation (GDPR).
As a result, the customer must implement technical measures which meet the requirements for the deletion or blocking of such personal data. These technical and organizational measures (TOM) specifically include the implementation of SAP Information Lifecycle Management – abbreviated SAP ILM.
With the creation of a comprehensive blocking and deletion concept, the definition of a valid lifecycle management of data and documents and the use of SAP ILM, the company receives the ability to meet the requirements for the mandatory implementation of the GDPR. That way, fines for specific violations of data protection are permanently avoided and financial risks are minimized.
Furthermore, the company obtains an effective lifecycle management of its data and can thus meet the requirements of digitization much more strongly