GDPR in Sage X3

By | January 3, 2022

GDPR stands for General Data Protection Regulation. It is a European Union (EU) law that came into effect on 25th May 2018.Data subjects will now have the right to demand subject access to their personal information, and the right to demand that an organization destroys their personal information.

Sage X3 compliance with GDPR: As of now X3 does not comply direct with the GDPR. But X3 provides tools which can help comply with GDPR. Following are the screens which are added in X3 under Data protection sub module.

  • Check companies for DPO
  • Data protection setup
  • Data protection search
  • List of email data
  • List of phone data,
  • List of personal data

Let’s see in detail working of each screen.

  • Check companies for DPO

data protection officer (DPO) is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). Data protection officers are responsible for overseeing a company’s data protection strategy and its implementation to ensure compliance with GDPR requirements.

You can define DPO under Contact tab in Company.

Once you run this function by clicking on OK button it will display a log file containing the list of Data Protection Officers (DPO) by company.

The log file is divided into two groups:

Outside the European Community

Part of the European Community

  • Data protection setup

Using this setup screen you can select data types defined as phone numbers, email addresses, BP, customer, supplier as individuals (Reference type). In case of a data breach, you can then run a search on this data. Using this code, you can find them and know where they are referenced.

  • Data protection search

This function is used to search, in all the movement tables, for records which reference tables linked to a given code. User can search for personal data, or update any data like Email address, Last name, First name, Phone number. You first need to determine if this person is linked to a record in the ERP database he can be BP, customer or supplier..,

Once you enter code and click on search, the results of the search are grouped by type and by table. All the tables which has the BP code entered it will get displayed like below (Refer to below screen).

On the table of sales invoice (SINVOICE), once you click on Detail it will display list sales invoice created for that customer. Likewise you can select any table and fetch the details.

  • List of email data

This function is used to generate the list of email addresses of the persons who should be contacted in case of a data breach. This list can be extracted to a CSV file.

  • List of phone data

This function is used to generate the list of the phone numbers of the persons who should be contacted in case of a data breach. This list can be extracted to a CSV file.

  • List of personal data

This function is used to generate the list of personal data contained in the database. These are tables and columns in which the data stored can be used to identify an individual.

Refer below blog for more details on List of email data, phone data and personal data.

https://www.greytrix.com/blogs/sagex3/2021/03/13/to-export-all-the-email-address-phone-number-and-personal-details/

Having a clear and efficient systems for responding to data requests is becoming increasingly important. Responsibility of safeguarding User’s personal data is vital in today’s world. Hope this blogs helps you to take a step forward in protecting and accessing user data.