SAP Business One 9.3 PL04 comes with a number of improvements to help companies comply with GDPR requirements:
Authorizations allow users to view, add, and update documents according to the ownership.a data definitions
Control and determine which individual (user) has access to a particular form, object, or single field in the interface.
You can restrict users’ access to documents and / or personal data.
Data Ownership allows the company to control the information and documents found in the system, so that each user can only view / add / update on the clients and documents they own.
Manage data ownership by:
Documents: Permissions are defined per document.
Business Partners: document permissions are defined based on user access to partner’s file.
In version 9.3, this authorization level can also be handled at the workspace level.
Change Log Cleanup
A new option that allows users to clean up logs with changes to partners, documents, etc. to reduce the size of the company’s database (utility is available to users according to authorizations). This procedure allows companies that have long used SAP Business One to delete old data updates.
System Message Log
The Access Log window displays the access details for SAP Business One users who logged in and disconnected from one of the following: SAP Business One client and DI API.
This is an important option when fraudulent operations need to be analyzed, because the system logs the date, time, and the user logging in / logging.
Data Protection Tools
Configuring Confidential Data Management
Personal Data – Enhanced Change Log SettingsWays to define and classify personal data.
Personal Data – Enhanced Change Log Settings
New Objects in the Change Log: Activities, CECs, Service Contacts, Record Date, Time, and User Who Made the Change.
Personal Data Management
New functionality within the Personal Data Management Wizard that allows users, employees, partners and contacts to be identified as individuals, essential for data security under the GDPR.
Report personal data (at the request of a specific person)
Individuals have the right to contact any organization to request details about the personal data the organization stores and processes. The organization must submit a report, a report that collects the master data and transactions information in the system.
Delete personal data (irreversible)
New and very important option in the Personal Data Management Wizard to delete all personal data (by configuring Personal Data Management) of selected individuals, master data and transactions.
Deleting data from all affected transactions and master data will be replaced by ***
The status of the person whose personal data has been deleted will change to Erased.
This action is irreversible and must be taken after proper review and after verifying that all retention periods have expired and there is no legal obligation to hold the data of the individual.