Basic ConceptsData protection: How? Three types of operation can be involved in personal data protection.
Data protection: What data? It is necessary to carefully identify all data containing personal information subject to data protection: which object types, which fields, which object types contain personal data in their 'usrcre' and 'usrchg' fields. Namely:
The above consideration may apply not only to data stored in the main database but also to already archived data and audit&history data. Data protection: When? Timing and scheduling is another important aspect of data protection. Each data object is subject to a life cycle from which the times for access and deletion periods can be derived. Possible points in time for the start of a period are:
Decisive factors for periods for access and deletion can be for example:
The specific times and deadlines depend on numerous factors and must be worked out company-specifically for each type of data and in cooperation with the data protection officer. | |||||