Search

US-20260127302-A1 - SAVING RESOURCES AND INCREASING COMPLIANCE FOR DATA PRIVACY INTEGRATION PROTOCOLS

US20260127302A1US 20260127302 A1US20260127302 A1US 20260127302A1US-20260127302-A1

Abstract

The present disclosure involves systems, software, and computer implemented methods for data privacy. One example method includes receiving a request to export and then delete personal data for a data subject. A work package is sent to applications that requests a respective application to perform a blocking check and a data export for an object that represents the data subject. A data privacy integration service receives, from the applications, response information to the work package that includes blocking check information and personal data export information. The personal data export information is evaluated, and a determination is made that each application has completed a requested personal data export. In response to determining that each application of the multiple applications has completed the requested personal data export, the data privacy integration service evaluates blocking check information received from multiple applications to determine whether to send a blocking-related command to the multiple applications.

Inventors

  • Benny Rolle
  • Matthias Vogel

Assignees

  • SAP SE

Dates

Publication Date
20260507
Application Date
20241105

Claims (20)

  1. 1 . A computer-implemented method comprising: receiving, at a data privacy integration service that manages data privacy protocols for applications in a multiple-application landscape, a request to export and then delete personal data for a data subject; sending, in response to the request, by the data privacy integration service and to multiple applications, a work package that requests a respective application to perform a blocking check and a data export for an object that represents the data subject; receiving, at the data privacy integration service, from the multiple applications, response information to the work package that includes blocking check information and personal data export information; evaluating, by the data privacy integration service, personal data export information received from the multiple applications; determining, by the data privacy integration service and based on evaluation of the personal data export information, that each application of the multiple applications has completed a requested personal data export; and in response to determining that each application of the multiple applications has completed the requested personal data export, evaluating, by the data privacy integration service, blocking check information received from multiple applications to determine whether to send a blocking-related command to the multiple applications.
  2. 2 . The computer-implemented method of claim 1 , wherein the blocking check is a request for an application to determine whether the object representing the data subject can or cannot be blocked in the application, wherein a veto vote for an application indicates that the application cannot block the object.
  3. 3 . The computer-implemented method of claim 2 , wherein evaluating blocking check information comprises determining whether any application has provided a veto vote for the object.
  4. 4 . The computer-implemented method of claim 3 , further comprising, sending, as the blocking-related command, by the data privacy integration service, in response to determining that each application of the multiple applications has provided a non-veto vote for the object, a block command to each of the multiple applications that instructs a respective application to block the object.
  5. 5 . The computer-implemented method of claim 4 , wherein each application of the multiple applications successfully completes the block command and deletes the object after a respective retention period for the object expires.
  6. 6 . The computer-implemented method of claim 4 , further comprising determining, by the data privacy integration service, to not send the block command in response to determining that at least one application has provided a veto vote for the object or that at least one application has failed to provide a vote for the object.
  7. 7 . The computer-implemented method of claim 6 , wherein the data privacy integration service determines, for a first application, that the first application has not provided a veto vote based on the first application responding to the work package with an indication that the first application does not store personal data related to the data subject.
  8. 8 . The computer-implemented method of claim 1 , wherein the blocking check includes a purpose for which personal data may be processed and is a request for an application to determine whether the purpose can be disassociated from the object representing the data subject.
  9. 9 . The computer-implemented method of claim 8 , further comprising, sending, as the blocking-related command, by the data privacy integration service, in response to determining that each of the multiple applications is able to disassociate the purpose from the object, a disassociate-purpose command to each of the multiple applications that instructs a respective application to disassociate the purpose from the object.
  10. 10 . The computer-implemented method of claim 9 , further comprising determining, by the data privacy integration service, to not send the disassociate-purpose command in response to determining that at least one application is not able to disassociate the purpose from the object.
  11. 11 . The computer-implemented method of claim 9 , wherein a first application, after disassociating the purpose from the object, blocks the object based on the object no longer having any associated purposes in the first application.
  12. 12 . The computer-implemented method of claim 1 , further comprising: receiving, by the data privacy integration service, blocking statuses from applications in response to block-related commands; determining, by the data privacy integration service an overall blocking status based on received blocking statuses; and providing, by the data privacy integration service, the overall blocking status in response to the request.
  13. 13 . The computer-implemented method of claim 1 , further comprising: aggregating, by the data privacy integration service, personal data for the data subject received from multiple applications; and providing, by the data privacy integration service, in response to the request, aggregated personal data for the data subject.
  14. 14 . The computer-implemented method of claim 1 , further comprising: receiving, at the data privacy integration service, a second request to export and then delete personal data for a second data subject; determining, by the data privacy integration service, that an exception condition exists for the second data subject; and in response to determining that the exception condition exists for the second data subject, sending, by the data privacy integration service, in response to the second request, a response to the second request indicating that the request to export and then deleted personal data for the second data subject cannot be completed.
  15. 15 . The computer-implemented method of claim 14 , wherein determining that the exception condition exists for the second data subject comprises determining, by the data privacy integration service, that a litigation hold exists for the second data subject that prevents deletion of personal data for the second data subject.
  16. 16 . The computer-implemented method of claim 1 , further comprising: determining, by the data privacy integration service, in response to the request, that at least one blocking protocol is in progress for the data subject in the multiple-application landscape; sending, by the data privacy integration service, a command to multiple applications to stop the blocking protocol for the data subject; determining, by the data privacy integration service, that each application has stopped the blocking protocol; and determining, by the data privacy integration service, to send the work package that requests each application to perform the blocking check and the data export based on determining that each application has stopped the blocking protocol.
  17. 17 . The computer-implemented method of claim 16 , wherein determining, by the data privacy integration service, that at least one blocking protocol is in progress for the data subject comprises: determining that a first application has, as part of a blocking protocol, blocked but not deleted the object; and determining that a second application has, as part of the blocking protocol, blocked and also deleted the object; the method further comprising: sending, by the data privacy integration service, an unblock command for the object to the first application; and sending, by the data privacy integration service, a redistribute object command for the object to a distribution service requesting the distribution service to redistribute the object to the second application.
  18. 18 . The computer-implemented method of claim 1 , further comprising including, in response to the request, by the data privacy integration service, the object representing the data subject on a hold list that prevents initiation of a blocking protocol for the data subject while the request is being processed.
  19. 19 . A system, comprising: a computing device; and a computer-readable storage device coupled to the computing device and having instructions stored thereon which, when executed by the computing device, cause the computing device to perform operations comprising: receiving, at a data privacy integration service that manages data privacy protocols for applications in a multiple-application landscape, a request to export and then delete personal data for a data subject; sending, in response to the request, by the data privacy integration service and to multiple applications, a work package that requests a respective application to perform a blocking check and a data export for an object that represents the data subject; receiving, at the data privacy integration service, from the multiple applications, response information to the work package that includes blocking check information and personal data export information; evaluating, by the data privacy integration service, personal data export information received from the multiple applications; determining, by the data privacy integration service and based on evaluation of the personal data export information, that each application of the multiple applications has completed a requested personal data export; and in response to determining that each application of the multiple applications has completed the requested personal data export, evaluating, by the data privacy integration service, blocking check information received from multiple applications to determine whether to send a blocking-related command to the multiple applications.
  20. 20 . A non-transitory computer-readable storage medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations comprising: receiving, at a data privacy integration service that manages data privacy protocols for applications in a multiple-application landscape, a request to export and then delete personal data for a data subject; sending, in response to the request, by the data privacy integration service and to multiple applications, a work package that requests a respective application to perform a blocking check and a data export for an object that represents the data subject; receiving, at the data privacy integration service, from the multiple applications, response information to the work package that includes blocking check information and personal data export information; evaluating, by the data privacy integration service, personal data export information received from the multiple applications; determining, by the data privacy integration service and based on evaluation of the personal data export information, that each application of the multiple applications has completed a requested personal data export; and in response to determining that each application of the multiple applications has completed the requested personal data export, evaluating, by the data privacy integration service, blocking check information received from multiple applications to determine whether to send a blocking-related command to the multiple applications.

Description

TECHNICAL FIELD The present disclosure relates to computer-implemented methods, software, and systems for data privacy protocols. BACKGROUND Applications used for organizations can use master data (such as name and address) and transactional data (such as orders and bills). Transactional data typically references corresponding master data. For instance, a transactional object of type Order can refer to a master data object of type Customer. A given master data object can be referenced by one or more (or perhaps no) transactional objects. In some cases, data may be considered master data in one context and transactional data in another context. For example, insurance contract data may be considered transactional data with respect to a customer object but considered master data with respect to transactional insurance claim data. When an organizational landscape includes multiple systems, a master data replication process can be performed so that master data objects are consistent across systems. SUMMARY The present disclosure involves systems, software, and computer implemented methods for data privacy protocols. An example method includes: receiving, at a data privacy integration service that manages data privacy protocols for applications in a multiple-application landscape, a request to export and then delete personal data for a data subject; sending, in response to the request, by the data privacy integration service and to multiple applications, a work package that requests a respective application to perform a blocking check and a data export for an object that represents the data subject; receiving, at the data privacy integration service, from the multiple applications, response information to the work package that includes blocking check information and personal data export information; evaluating, by the data privacy integration service, personal data export information received from the multiple applications; determining, by the data privacy integration service and based on evaluation of the personal data export information, that each application of the multiple applications has completed a requested personal data export; and in response to determining that each application of the multiple applications has completed the requested personal data export, evaluating, by the data privacy integration service, blocking check information received from multiple applications to determine whether to send a blocking-related command to the multiple applications. Implementations can include one or more of the following features. The blocking check can be a request for an application to determine whether the object representing the data subject can or cannot be blocked in the application, wherein a veto vote for an application indicates that the application cannot block the object. Evaluating blocking check information can include determining whether any application has provided a veto vote for the object. The data privacy integration service can send, as the blocking-related command, in response to determining that each application of the multiple applications has provided a non-veto vote for the object, a block command to each of the multiple applications that instructs a respective application to block the object. Each application of the multiple applications can successfully complete the block command and delete the object after a respective retention period for the object expires. The data privacy integration service can determine to not send the block command in response to determining that at least one application has provided a veto vote for the object or that at least one application has failed to provide a vote for the object. The data privacy integration service can determine, for a first application, that the first application has not provided a veto vote based on the first application responding to the work package with an indication that the first application does not store personal data related to the data subject. The blocking check can include a purpose for which personal data may be processed and is a request for an application to determine whether the purpose can be disassociated from the object representing the data subject. The data privacy integration service can send, as the blocking-related command, in response to determining that each of the multiple applications is able to disassociate the purpose from the object, a disassociate-purpose command to each of the multiple applications that instructs a respective application to disassociate the purpose from the object. The data privacy integration service can determine to not send the disassociate-purpose command in response to determining that at least one application is not able to disassociate the purpose from the object. A first application, after disassociating the purpose from the object, can block the object based on the object no longer having any associated purposes in the first application. The data privacy integration service can r