|
1 year ago ::
May 10, 2011 - 1:24PM
#1
|
|
|
Protect your HR data privacy:
Q&A on securing and monitoring data
especially for SAP ERP HCM environments Sponsored by  
Moderated by
Kristine Erickson
on May 27, 2011 - 11:36AM
|
|
|
|
13 months ago ::
May 26, 2011 - 11:01AM
#2
|
|
|
Welcome to today's forum
on securing and monitoring your HR data!
In this one-hour Forum, we invite you to ask your questions on protecting HR data privacy, ensuring the regulatory compliance of the HR data in your SAP systems, and mitigating data privacy risk.
Data compliance experts and GRC 2011 speakers Richard Hunt and Heinrich Wilking of Turnkey Consulting will be joining us to take your questions. To post your question, please be sure to first log in to Insider Learning Network. (If you are not yet a member, sign in here.) Then click the "Submit Post" button below to enter your questions.
Richard and Heinrich will respond to questions by posting their replies in the thread. Please don't forget to refresh your browser to see the most recent posts.
|
|
|
|
13 months ago ::
May 26, 2011 - 11:04AM
#3
|
|
|
Richard and Heinrich, thank you for joining us today! Before you respond to questions, I'd like to start with one that stems from your session at GRC 2011: Those who registered for this Forum can also access your guide to creating a data privacy popup . Could you talk about what it is, and when and why an HR team should use this popup?
|
|
|
|
13 months ago ::
May 26, 2011 - 11:12AM
#4
|
|
|
Richard and Heinrich, thank you for joining us today! Before you respond to questions, I'd like to start with one that stems from your session at GRC 2011:
Those who registered for this Forum can also access your guide to creating a data privacy popup . Could you talk about what it is, and when and why an HR team should use this popup?
Thanks Allison. The Forum is a new format for us so we are looking forwards to trying it out. The data privacy popup is a custom notification that you can define to ensure all users of your system are aware of the Data Privacy obligations of the organisation and their personal responsibilities in this regard. It also allows the organisation to pass on some of the responsibility to these individuals by forming a 'virtual contract for data use' with the users of the system. The popup and it's usefulness can be strengthened by forcing users to confirm acceptance of these responsibilities with a checkbox and embeding consequences for users who do not accept (e.g. removal of access to personal data.)
|
|
|
|
13 months ago ::
May 26, 2011 - 11:14AM
#5
|
|
|
Richard and Heinrich, thank you for joining us today! Before you respond to questions, I'd like to start with one that stems from your session at GRC 2011:
Those who registered for this Forum can also access your guide to creating a data privacy popup . Could you talk about what it is, and when and why an HR team should use this popup?
Thanks Allison. The Forum is a new format for us so we are looking forwards to trying it out.
The data privacy popup is a custom notification that you can define to ensure all users of your system are aware of the Data Privacy obligations of the organisation and their personal responsibilities in this regard. It also allows the organisation to pass on some of the responsibility to these individuals by forming a 'virtual contract for data use' with the users of the system.
The popup and it's usefulness can be strengthened by forcing users to confirm acceptance of these responsibilities with a checkbox and embeding consequences for users who do not accept (e.g. removal of access to personal data.)
The pop up provides trust to the user of the service how personal data provided by the user or the brower is used by the company
|
|
|
|
13 months ago ::
May 26, 2011 - 11:15AM
#6
|
|
|
Do you have any best practices for companies trying to reconcile EU and US data privacy laws when managing their HR data?
|
|
|
|
13 months ago ::
May 26, 2011 - 11:15AM
#7
|
|
|
How is this configured? Via the IMG?
|
|
|
|
13 months ago ::
May 26, 2011 - 11:19AM
#8
|
|
|
Do you have any best practices for companies trying to reconcile EU and US data privacy laws when managing their HR data?
Amy, there are specific requirements within the EU and German Data protection acts with specific guidelines on how data of european or german citizens have to be maintained when processed outside.
|
|
|
|
13 months ago ::
May 26, 2011 - 11:20AM
#9
|
|
|
How is this configured? Via the IMG?
There is not currently a standard configuration mechanism in SAP. The popup can be configured using an SAP-delivered customer exit in the logon routine: EXIT_SAPLSUSF_001. It is customisation using a modification exit via transaction CMOD. If you look at the details available for download as part of this forum there should be some information in there.
|
|
|
|
13 months ago ::
May 26, 2011 - 11:21AM
#10
|
|
|
Thank you both for taking our questions. Any thoughts on the pros and cons of letting employees update their own HR information in SAP? Any caveats or things companies should be aware of in moving to this model?
|
|
|
