Deletion of personal data in SAP

Deletion of personal data in sap


Deletion of personal data is one of the more challenging requirements that have come out of GDPR.

SAP’s best practice for deleting data is using Information Lifecycle Management (ILM). This works for Netweaver based systems. In SAP cloud products, relevant technical GDPR measures such as deletion are built in.

For most customers, the personal data in SAP are stored in the HR and CRM systems as well as FI, SD and MM modules, depending on how SAP is used. Some industry solutions like IS-U, could also contain personal data.

At 2BM, we have worked with companies of different sizes and industries as well as with different requirements to become GDPR compliant. Small and medium-sized businesses usually have less personal data and therefore smaller budgets for deletion than large enterprises have. Our overall approach is to assist in choosing the right combination of solutions when considering risks vs. costs – tailored to your business needs and ambitions.

Based on the experience from various projects, we often see customers using different methods to delete or anonymize personal data, depending on criticality, amount, and possibility for automation. Most companies utilize a mix of ILM, standard SAP deletion programs/clean up, as well as anonymization to delete personal data.

There are pros and cons for using the different methods which all involve risks and costs.

The deletion methods can overall be divided into the following groups:


Deletion of employee data in SAP HR/HCM

2BM has therefore enhanced the SAP standard deletion program for employees (RPUDELPP) in a tool named 2BM Employee Deletion.

2BM Employee Deletion is utilizing the SAP standard deletion program for employees (RPUDELPP) enhanced with a selection program which identify the specific employee data which could be deleted based on the deletion and retention rules set up.

What will it cost to delete the personal data in SAP?
This is the most common question when discussing deletion of personal data in SAP. Previously, there have been several costly ILM projects. 2BM’s experience combined with a full understanding of where different types of personal data are stored, enables us to provide you with a better understanding of the risks involved. A plan for deleting personal data is based on facts and risks, which make defining the appropriate scope with consideration of the costs is more tangible.

We offer all prospective clients a workshop to help you scope your deletion activity in SAP.

Related Events & News


Webinar – GDPR compliance in SAP

In a new series of 1-hr webinars, we will educate you in the different approaches to achieving GDPR compliance in SAP – including implementation approach.

GDPR Compliance i SAP – Nordic SAP GDPR Conference – 23 May 2018

Nordic SAP GDPR Conference in Copenhagen will focus on how to be GDPR compliant in SAP. The Keynote will be held by Volker Lehnert, who is responsible for the development of GDPR functionality in SAP S/4HANA including Information Lifecycle Management (ILM) and other tools.

Webinar – Subject Access Reporting in SAP

Join us for a 30 minutes webinar, going through how 2BM Subject Access Report for HR can help organizations speed up the process of delivering a Subject Access Report.

Webinar – SAP GDPR Compliance

Comply with the GDPR for data retention with SAP Information Lifecycle Management, which is now license free. Join our 1-hour webinar to learn the different approaches on how to streamline your IT infrastructure and minimize risk by controlling your data in SAP.

Sådan håndterer du persondata sikkert i dine ERP-systemer

Læs artiklen af 2BM’s konsulent Troels Lindgård i Berlingske. Se hvad der er med Berlingske i en e-paper...

Nordic SAP License Management Survey 2018/2019

The purpose of this annual survey is to provide SAP customers with information reflecting their maturity level in terms of SAP License Management and to shed light on how other organizations are tackling potential challenges related thereto.

Ny bestyrelsesformand til 2BM

En af de 100 vigtigste kvinder i Danmark blev den 23. april 2019 valgt som bestyrelsesformand hos SAP Konsulenthuset 2BM A/S: Caroline Søeborg Ahlefeldt, seriel iværksætter, CEO og bestyrelsesformand for Donkey Republic A/S og bestyrelsesmedlem hos Hartmanns A/S, Aarhus Universitet og Copenhagen Contemporary m.fl.

Persondata i SAP og forbundne systemer

Deltag i seminar om EU persondataforordningen, hvor vi går i dybden med konkret planlægning og aktiviteter tilknyttet til SAP og forbundne systemer.

Webinar – GDPR House Cleaning in SAP HR

Join this webinar to learn the tricks on how to get started on house cleaning – get immediate value of your GDPR activities. It is a GDPR Requirement that personal data that is no longer needed for the primary processing purpose must be deleted – unless there are other retention periods defined by law or contract, in which case, the data has to be blocked.

Webinar – SAP HR Data Deletion

Deletion of personal data is one of the more challenging requirements to come out of GDPR and many companies are still not prepared to handle data deletion. In this 30-min webinar, we will demonstrate how 2BM Employee Deletion Tool can help you speed up the process of deleting HR data.

Share This
Call Now Button35 55 55 75