Information Lifecycle Management in Human Resources (HR)

 

Simple blocking and deletion of employee related data with SAP ILM

 

 

Employee related data is one of the most sensitive areas of data protection as data considered to be personal data are collected during the course of a working life in order to fulfil an employment contract, such as salaries, illnesses, religious affiliation, etc..

Our projects already carried out show that the risk of dissatisfied or involuntarily retired employees making claims for handling personal data in a way that does not comply with data protection regulations is generally rated considerably higher by most companies than the claims that are brought to the companies by customers.

The same data protection principles apply to employee-related data as to other personal data: After the expiration of the purpose of use, which was previously given within the scope of a contractual fulfilment in the employment relationship or the existence of a declaration of consent, e.g. within the scope of an application process, a deletion of the personal data to be processed must be implemented immediately in accordance with the EU basic data protection regulation. Statutory exceptions, such as compliance with relevant retention periods, must be observed and the data concerned must be protected against unauthorized access by unauthorized persons.

 

 

 

 

To meet these requirements in SAP HR systems (for example, SAP HCM), SAP Information Lifecycle Management (ILM) for SAP, HCM provides the technical basis for managing retention and deletion rules for employee-related data with retention management functions throughout the data life cycle.

 

The concrete performance features of SAP ILM for HCM

 

  • Definition of retention rules and residence times to map legal requirements for productive data at infotype level
  • Sophisticated authorization control to block data to protect against unalterability or unauthorized access
  • Blocking data against unwanted destruction that is relevant to legal cases (legal hold)
  • Final destruction of data under consideration of managed rules and regulations

 

ILM implementation project in the HR environment

ILM implementation projects in the human resources area represent complex projects that require precise planning and a deep technical understanding of the functionalities, from a precise analysis of the technical data (infotypes) in the SAP system, through the setup of the retention rules in the ILM objects on a sandbox, to GoLive with initial, real deletion processes.

 

A typical project for the conception and implementation of SAP ILM goes through the following phases

 

Our services at a glance

 

 

The Natuvion ILM Competence Center was opened in Berlin in mid-2017. With around 30 specially trained IT consultants and DSGVO project managers, especially for the HR sector, it currently offers a pool of experts on the topics of locking and deleting personal data in SAP system landscapes with the help of ILM. The concrete achievements of the team include:

 

Functional and technical analysis of the existing data storage of employee-related data and the infotypes used

Creation of a special HR lock/deletion matrix with corresponding technical documentation

Legal advice in cooperation with selected and specialized IT law firms (SKW Schwarz)

Determination of the concrete implementation requirements for the defined lock/deletion rules in SAP ILM in the respective modules including connected systems (technical concept)

Execution of complex implementation projects for SAP ILM with corresponding customizing, complete setup in sandboxes and quality systems up to GoLive and further support during the stabilization phase.

Execution of quality assurances or audits on the basis of your existing installation / current project

Execution of training courses for employees to support their own ability to act for the administration of SAP ILM

Questions, Suggestions or Feedback? We are looking forward to it!