GDPR (ACS)

This SIG will focus on how the GDPR will impact companies running SAP.

Hussen Raza from SAP will explain how SAP can help with your journey to become GDPR Compliant. Hussen will talk about the steps and approaches that SAP is also taking on the GDPR journey.

EPI-USE Labs and Turnkey are both sponsoring this event.

Paul Hammersley & Isa Beck from EPI-USE Labs will present GDPR: are retention periods a minimum or a maximum?

Different role players within an organisation have different viewpoints when it comes to retention periods. Most companies have a policy around keeping data for a set period. However, GDPR is now highlighting whether information should be actively removed after that retention period. IT teams may have seen it as a minimum period, and potentially kept data longer for diligence, while auditors and Data Protection Officers (DPOs) might understand that data should be removed after the end of this period.

Richard Hunt from Turnkey will present How the SAP GRC suite can accelerate your GDPR preparations.

By now your company’s programme to meet the varied requirements of the General Data Protection Regulation (GDPR) are likely to be well underway. However, understanding how SAP’s GRC suite can help you accelerate your readiness for the impending legislation could save you significant time and money.

SAP’s GRC suite is evolving at pace to help you adapt more quickly to the changes. In this session, we’ll be discussing how it can help you establish effective control of your data privacy processes, manage user access across your firm, govern policy and process documentation and demonstrate how employees follow new practices. We’ll also be looking in more detail at the new GDPR obligation: ‘Privacy by Design and Default’. Here we'll provide practical guidance to help you ensure data privacy is built into the design of all of your organisation’s projects.

Turnkey’s session will cover how SAP GRC can help you to:

• Delegate authority, accountability and responsibility for GDPR preparation
• Follow up effectively, ensuring staff fulfil their newly delegated responsibilities
• Manage user access, ensuring staff can only access information they need
• Control or block user access to sensitive data and business processes
• Meet the new requirement to demonstrate that data and privacy protection issues were considered at the design phase of projects involving personal data

What have you done so far to prepare for GDPR? The SIG will include a discussion forum which is an opportunity to discuss the topic with other customers and share what your company has done so far to prepare.