- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- Looking for information about "data breach notific...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Looking for information about "data breach notification process"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2015 2:45 PM
I am looking for information on an "data breach notification process" for SAP HCP.
If anyone knows about an official SAP policy document that addreses this aspect please let me know.
Thanks, Randolf
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2015 12:07 AM
Hi Randolf,
Unless you are referring to policy internal to SAP, data breach notification is generally technology agnostic and will vary based on local regulation.
In the UK we have guidance from the Information Commissioners Office which can be used to formulate detailed policy that fits your organisation/clients requirements: https://ico.org.uk/media/for-organisations/documents/1562/guidance_on_data_security_breach_managemen...
Cheers,
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2015 12:14 AM
I guess Randolf is asking if SAP has it's own guideline how it's going to respond to data breach on HCP platform. I guess that's what potential customers of HCP are asking for. Obviously, SAP must comply with local regulations but it can get pretty complex really quickly. What if customers are in US as well as in EU and so on.
Cheers
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2015 12:26 AM
Good point Martin, I guess you are more awake in your time zone than I am
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2015 10:39 AM
ThanksMartin, this is exactely what I am lookin for. I need a description how SAP handles the communication of violation issues to effected customers. This is typically outlined in a policiy document which can be provided to customers.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2015 9:35 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2015 9:37 PM
I would like to see that document as well but I could not find it. The only maybe relevant thing that I found is a note about various certifications for HCP. I am not sure if any of these standards addresses data breach disclosure.
Cheers
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-11-2015 11:36 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-11-2015 8:59 AM
Yes, I was going to comment that there is a SAP logo right next to your name but I let it go. SAP is a big company and it already happened to me that SAP employees asked me over some technical details of SAP solution.
Cheers
- SAP Managed Tags:
- Security
