The global and independent platform for the SAP community.

The spectre: One year of the EU General Data Protection Regulation (GDPR)

The EU GDPR has been in force for almost a year. But according to a recent survey by the German-speaking SAP User Group (DSAG), not all companies still comply with the regulation.
E-3 Magazine
July 31, 2019
The spectre: One year of the EU General Data Protection Regulation (GDPR)
avatar
This text has been automatically translated from German to English.

Only twelve percent (October 2017: four percent) of the companies surveyed are said to have fully complied with the requirements of the regulation to date. For Ralf Peters, DSAG Board Member Application Portfolio, the result is no surprise one year after the EU GDPR came into force:

"We know that many of our members set out to become data protection compliant some time ago. Some have undertaken one- or two-year projects to implement the EU GDPR."

The "DSGVO Index" study conducted by the research and analyst firm Techconsult and IT-Verlag also shows serious deficits in the implementation of the so-called technical and organizational measures (TOM), which are supposed to ensure data security at the technical and organizational level within the framework of the DSGVO.

The purpose of the GDPR is to protect personal data from unauthorized or unintentional processing, damage or deletion with the help of TOM. To this end, companies must ensure that only authorized persons have access to sensitive areas of the company.

07 Sap support 1 Cmyk
EU GDPR Survey 2019 by DSAG e.V.: How satisfied are you with SAP's support regarding the implementation of the EU General Data Protection Regulation in the SAP system? n=105

This applies to both physical access to rooms and access to systems. Of the companies surveyed in the study, 31 percent do not implement advanced access control.

However, the DSAG user association recognizes success stories primarily among large companies that have the corresponding resources. Therefore, Ralf Peters estimates that these companies make up the bulk of the above-mentioned twelve percent that are now DSGVO-compliant.

Overall, however, the DSAG Board of Management considers the number of companies that fully comply with the regulation to be significantly too low.

The result is less positive with regard to SAP support. Here, members continue to see a need to catch up. While only around 17 percent (October 2017: eleven percent) of respondents are very satisfied or satisfied with SAP's support, around 69 percent (October 2017: 72 percent) expect more.

They are only moderately satisfied or not at all satisfied with what SAP offers in terms of implementing the General Data Protection Regulation in the SAP system. DSAG and SAP are continuing their proven partnership on this topic. In various DSAG committees, members' requirements for SAP solutions are discussed and debated in a constructive, critical dialog.

The Techconsult study results clearly show that companies are still a long way from full GDPR compliance. In particular, there is a lack of technical data security in almost all areas. In the GDPR implementation process, companies must also be proactive in dealing with potential threats.

DSAG has found that almost 67 percent of the companies surveyed have defined the channels for providing information and notifying the individuals concerned, and that these channels are already standard practice.

avatar
E-3 Magazine

Information and educational outreach by and for the SAP community.


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 20, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.