ll personal data should be adequate for the purpose it is stored/acquired for. It should also be limited and relevant for the exact purpose it is meant to fulfil. Organisations must ensure that there are deliberate security measures built to ensure data safety and make sure that there is lawfulness, transparency and fairness in data processing. Data also needs to be time bound i.e., if required only for a specific period, organisations must ensure that the time is defined and ensure data is purged after this.
Organisations must ensure that data stays accurate at any given point in time, and take specific measures to keep data up-to date, safe and secure.
GDPR aims to increase accountability of those processing data. Although very similar to the existing data protection legislation, GDPR aims to increase the transparency of data processing and take a tougher stance in enforcement. If organisations are found to be non-compliant they could hefty fines of up to 20 million euros or 4% of the annual revenue – whichever is higher!
With SAP’s commitment for data protection, SuccessFactors has extended the
existing products to stay compliant with the new legislation.
For ease of understanding, personal data has been classified into 3 phases during the employee life cycle:
One of the best functionalities of SuccessFactors, Role Based Permissions or RBP’s helps give access to data on ‘Need to Know’ basis. RBP’s basically assign permissions based on a person’s role within the company – example: HR of UK can only view data of UK employees. This is highly customisable and helps your organisation not only give the right access to employees, managers and admins, but also makes sure that no one has access to data that they should not have.
For this to work there are three elements:
In addition, SuccessFactors are updating RBP’s to have the ability to define time periods for which historical records should be visible, including defining different intervals for different countries – which helps in Data Blocking required during the ‘Retention Phase’.