SAP Business One Patch Level 08: An Overview

SAP Business One Patch Level 08

 

Keeping your customer’s personal data safe is serious business. In this post, we review the importance of the latest patch for SAP Business One (PL08) for any Australian business that markets to customers in the EU or operates in the region.

As a vendor that’s committed to progress, SAP has a clear vision for the future of its products and releases new versions periodically to achieve this. But there are also regular patches released to quickly correct flaws or gaps in the software that create vulnerabilities or problems for users.

It makes sense that such comprehensive ERP software requires the occasional temporary fix, especially given the almost constant changes in technology, regulation and security threats. SAP’s most recent patches have all dealt with one particular, and significant, legal compliance issue—the GDPR (General Data Protection Regulation).

 

Patch Level 08 (PL08) for SAP Business One and SAP Business One HANA 9.3 and higher was made available in December 2018. The key correction that applies to Australian businesses in this patch relates to SAP Business One’s Personal Data Protection Management functionality which helps users to manage compliance with the EU’s GDPR laws.

 

Data security is a big deal

Last year, research by IDC predicted a future shaped by an unprecedented deluge of data, and a shift that will see 60% of the world’s data controlled by businesses by 2025. It’s understandable in this context that individuals and regulators are more concerned about how data is governed.

Many countries already have privacy laws in place including Australia, but it’s likely that authorities around the globe will seek to increase legal obligations to protect personal data—with significant penalties for non-compliance. A prime example is the GDPR (General Data Protection Regulation) introduced by the European Union in 2018.

The GDPR applies to any company with customers in the EU, regardless of whether you have a physical presence in the region, which means it’s relevant to Australian businesses of all sizes that market to an EU audience.

Importantly, the laws relate not just to how you collect and use data, but the strength of your data security measures. If a breach occurs you could be liable for massive fines, not to mention the reputation hit.

The good news is that recent improvements to SAP Business One allows for personal data to be captured, processed, controlled and maintained to protect individuals’ data from unauthorised access and provide greater transparency—helping your business to remain compliant.

 

Updates you need to assure customers

Specifically, SAP Business One’s most recent patch, PL08, makes it easier to work with the personal information of sales employees and buyers, allowing the data for these people to be: reported on; cleaned up; blocked, or unblocked.

But PL08 is just the latest in a string of measures SAP has implemented to improve the software’s ability to help you comply with the GDPR.

Previous patches (PL07, PL06, PL05, and PL04) have also addressed GDPR legal issues, including:

    • Being able to determine the different types of individuals within your system whose personal data you have collected and need to protect.
    • Enabling businesses to retrieve and create a report for any individual if they request information on the data a company possesses about them.
    • Making it possible to follow-up an individual’s request that their personal data is erased after legal holding periods have ended.
    • Logging where, when and who made changes to personal data within SAP Business One—a critical requirement of the GDPR.
    • Making it easier to manage data for Default Customers for accounts receivable invoices and payments including being able to delete all transactional personal data when performing a cleanup.
    • Categorisation of bank account data as sensitive personal data with bank account values encrypted in the database.
    • Enabling control by log/record of any access to special categories of personal data and encrypting values set to ‘sensitive’ in the database so that values are hidden by default in the user interface, which ensures only selected authorised users can view this data.
    • Making it possible to block and unblock access to an individual’s personal data so it can’t be used in future marketing material once permission has expired, but can be retained and accessed in future if a need arises (e.g., legal reporting to an external authority).

The improvements have also enabled SAP Business One users to initiate and use all the features of the Personal Data Protection Management functionality—which includes wizards—from a centralised location within the software.

The functionality is automatically activated for localisations in EU countries but has to be manually activated elsewhere. If you’re not using it already, you can turn on the Personal Data Protection Management functionality within SAP Business One (via the Company Details form) and then gradually start defining personal data protection functionality—there’s no immediate need for further actions.

For more information on patches or how to use the ERP to manage your compliance with data protection laws, explore the SAP Business One support centre.

Talk to us about getting the most out of your investment in SAP by contacting our expert consultants.

Share