GDPR and SAP Business One
The European Union's General Data Protection Regulation (GDPR) came into effect on 25th May 2018. GDPR gives individuals control and protection of their personal data. Affecting both data controllers, who determine the purpose and means of processing personal data, and data processors, who process for controllers.
SAP have responded to these stringent policy changes by making a number of enhancements to the software.
In SAP Business One v9.3 areas such as general authorisations, data ownership and data archiving have been bolstered to ensure only those with the appropriate rights can access certain parts of the system. The system access log and change log provides traceability, accountability and audit trails for changes made to documents in the software. Manual erasure of personal data and personal data management have also been introduced, supporting an individual's right to be forgotten and ensuring only relevant personal data is being stored.