When GDPR meets SuccessFactors – a digital love story?
Last week I was navigating the Internet, when suddenly, I stumbled upon the following information, from Statista, the Statistics Portal (www.statista.com).
“In 2017, consumers downloaded 178.1 billion mobile apps to their connected devices. In 2022, this figure is projected to grow to 258.2 billion app downloads. The most-downloaded non-gaming app publishers in the Google Play Store in January 2018 were Facebook, WhatsApp and Google. Facebook ranked first with over 130 million monthly app downloads worldwide. “
I don’t know about you, but this number kind of blows me away.
Not just for the number, but also for the consequences in terms of Data Privacy.
Most of the times that you download an app, you are requested to introduce your name, email, address and other personal data. Data was lost in the cyberspace, your pictures, your info, and until the 25th of May of 2018, we did not have control over it. It did not seem like an issue at that time, but the era of data privacy has arrived, and we start to understand the impact and consequences.
Moving from your apps to your personal HR data, have you ever wondered what happens with your data while you are with a company? As an employee, temp, freelance … or any other form? What about your data when you leave a company? Your personal information, salary information, benefits data, health data points, absences, your performance scores… everything you ever shared with your employer for legal purposes was put in a Blackbox called HRMS.
Now GDPR came along…
GDPR is a revolution, a breath of fresh air that came to make our lives more secure, a set of new rights for the employee, and a huge step forward in this new era of Digitalisation.
“Digitalisation is the process of converting information into digital format, and also means the integration of digital technologies into everyday life” – IGI Global . In a new digital world where everything is changing, new laws need to come in, and data privacy becomes more important than ever. That’s the point of view of the employee: easy and quick, from May 25th you can now request where is your HR data, what are they doing with it and how are they handling it, and you are supported by the European law.
But what about the rights and duties of the employers?
That’s a whole different story. A million questions that can be summarized into one: how do I become GDPR compliant with my HR system? In the last years, I have been working with and on SAP SuccessFactors, both as a consultant and as an end-user/employee.
To be compliant with GDPR, SuccessFactors has developed several tools that allows the employer to implement the necessary changes to be GDPR compliant. These new functionalities are:- Data purge: this is for Retention and Deletion of historical data once the retention time has passed.
– Data blocking: this is to control exactly how long individual roles will be able to access historical data.
– Read audit: to track access to sensitive personal data
– Change audit: to track any changes made to personal data
– Information report: compile a report containing all the personal data that is stored on an employee
– Consent agreements: to inform users that their data is stored and explain why it must be stored.
At Adessa Group, I had the chance to work on the implementation of the SuccessFactors GDPR toolset at a company with 16.000 employees. The company is using SAP-HR On premise integrated with SuccessFactors Employee Central. We developed a specific solution to support Data Blocking and Data Purge that is integrated with SAP On premise.
This solution allows the company to:
– Have total control over their data: where it is, who access to it and how, and become GDPR compliant
– Have SAP on premise and SuccessFactors totally aligned
– Simplify the GDPR process in SuccessFactors thanks to the Integration with SAP On Premise
The last point was crucial to the customer in order to leverage both systems to make GDPR processes as simple and smooth as possible. This solution enables them with the tools to become and remain GDPR compliant on a very complex (hybrid) platform.
That’s it. There is no coming back. HR transformation and the era of Digitalisation have arrived, and we cannot hide anymore. We need to embrace it and adapt the new challenges. We are now 3 months further and the operational aspects of GDPR are covered. I will report later on the findings, and would love to hear about your experience with GDPR for Employee Data (HR GDPR).
Stay tuned for more or contact us at : firstname.lastname@example.org