cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SPL screening of employees

Former Member

on ‎06-29-2010 5:59 AM

0 Kudos

Dear all,

there is a functionality to screen employess in GTS. Therefore it is necessary to transfer employees from HCM-SAP to GTS. Unfortunately each employee get's an own business partner in GTS. Everyone who can search for a business partner can also see the private adress of the employee. Here in Germany this is very critical because of data protection.

Do you know a solution to give access to this business partners only for a special user but for some other user to all other business partners (eg. for Export and classic SPL-Screening)?

I know this alternatives:

- A seperate GTS System only for HCM-Data (but this gets very expensive)

- Manual check via external XML File (but this than not a automatic screening)

Thanks.

Regards Tobias

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎06-29-2010 9:26 AM
0 Kudos

I was thinking on the below mentioned lines and hope this helps you:-

1. Have a separate Legal regulation specific to Germany and Internal for you company and its employee.

2. Have an update of you SPL list for this specific Legal Regulation.

3. Screen the employee for this Legal Regulation.

4. Using FTO for Germany for authorization objects.

Distinguishing on the basis of number range would be helpful for you internal BP number range for employees in GTS. Along with the note (875270) which you have mentioned, some additional configs need to be done for the IDOCs for inbound processing.

You can look at the combination of authorization for the special users having a separate profile (GTS_SPLEXT - Legal Control: Sanctioned Party List: Author. LegReg + FTORG and GTS_SPL - Leg. Control: Sanctioned Party List: Auth. f. Legal Regulatn). But this would only be at the production environment.

Show replies
Show replies
Former Member
‎06-30-2010 2:18 PM
0 Kudos

Hi,

Creating different Legal Regulations is certainly a good solution, right now we are looking at using the Authorisation Group in the BP Master (TAB Control).

Therefore all Employees that are transferred get the entry EMP in that field ( BUT000 / AUGRP). Then we restrict the Display for the entries on that field. That is, we allow it for all ranges except for EMP.

Sometimes in the GTS Systems not all Authorisation Objects are active, so you might need to activate them using transaction SU25. Careful, if you are allready live with certain modules of GTS this could result in problems on the existing user authorisations and you will need to do regression tests.

Regards,

Marc

Former Member
‎07-11-2010 3:43 PM
0 Kudos

Hi, i tried it. If i open a export declaration there is only an authorization check if i have access to display business partners but not regarding business partner type.

If i find therefore a solution i assume that authorization group will work.

Regards Tobias

Former Member
‎06-29-2010 7:51 AM
0 Kudos

Hello Mr. Reutemann,

we are going to use the same functionality in GTS.

As I know the Employee data are replicated in to GTS as Business Partner in the Role "employee". You can use the advanced authorization in GTS which gives you the opportunity to restrict the user roles just on this BP role or exclude it in other roles.

So I think you can adjust two different authorization roles, one for HR people and e.g. one for sales.

I am interessetes to know, how can I transfer HR data in to GTS??? Do you have already set up this? Would you give me some hints, please?

Thanks

Abbas Rashidi

Show replies
Show replies
Former Member
‎06-29-2010 8:13 AM
0 Kudos

Hi,

pleae check this OSS-Note: 875270

Ask a Question