Regulatory compliance

Structured, automated way of ensuring you meet regulatory requirements

The IDC predicts that by 2025 worldwide data will grow by 61% to 175 zettabytes. As one would expect, more emphasis is being placed on regulating the retention and use of this data and it will continue to be an important topic. Regulations such as GDPR and POPIA (download our POPIA compliance handbook here) are crucial considerations when ensuring a company is being compliant.

Many businesses have found a distinct lack of credible expertise; people with knowledge of both the law and SAP technologies. SAP landscapes can be large, disparate and complex and finding people who understand it all is challenging. We help SAP customers to become compliant, through effective SAP data & document management, using SAP best practices and functionality.

Considerations when working towards regulatory compliance

Based on our experience there are a number of things that you need to keep in mind when in comes to making sure your data is compliant

Risk of non-compliance

Not complying leads to significant fines and compliance risks. The EU for instance, created two tiers of maximum fines for companies violating the GDPR.  The higher fine threshold is 4% of worldwide annual turnover or €20M, whichever is higher. The lower threshold is 2% of worldwide annual turnover or €10M.

Understanding the data

Not all data has the same level of importance, meaning some data can be deleted prior to other data sets. You also need to understand what is meant by personal information. It is important to remember business data elements can be considered personal information as well.

Knowing what regulations apply

Knowing what regulations apply to your business and industry is critical to determine whether you are compliant or not. Having expert knowledge about how this applies to your SAP data is critical. For example customers might think that they are GDPR compliant, but might not have considered historic data and documents.

Business risk extension

Be aware of the approach of keeping data longer – “just in case”. This can potentially have a significant impact in relation to fines. Any legal dispute can be based on the full extend of the data you hold. In the case where you keep data longer than you have to, the business faces larger financial liabilities.

Why risk the huge potential fines, when you can rely on a structured, automated way of being compliant.

How Proceed can help you

Whether we are doing an explicit GDPR or equivalent project, or we are running another type of project, compliance is at the centre of what we do.

Data protection services

We are experts in ensuring regulatory compliance through extensive knowledge of how to structure your SAP data and document retention, deletion and access policies. We’ve helped and continue to help bring customers inline with what is required.

SAP ILM

SAP ILM is currently the only SAP approved way to manage the lifecycle of SAP data in a controlled manner, using records management & retention policies. As world-class experts in SAP ILM, let us help you get the most out of this tailormade tool.

Content management

Active management of both data and documents is important to maintain compliance. The correct platform is key to ensure this is done efficiently and cost effectively. We can provide these platforms including configuration and installation.

Decommissioning

In certain scenarios it might make sense to retain a segment of data in a legacy system. For example keeping only the HR data and deleting the rest. To enable this we work with customers to carve out the relevant information and decommission the old system.

Additional resources

Want to learn more about regulatory compliance