Within Finance there are multiple systems that contain personal data; eAuthorisations, eFinancials, eExpenses, eIT, eStores, eTime, FPM, Webfirst, Worktribe and Business Objects.  Some of the systems don’t have an end date which would allow finance to know when personal data had reached the end of their retention period, they also don’t have a mechanism to delete the records when the retention period has been exceeded.

The need therefore is fourfold;

•             create a way we can enter an end date against individuals in

eAuthorisations (this is the central system for controlling access to finance sub systems; eIT, WebFirst, eStotes, eTime, eExpenses, Work Tribe, FPM, Online Banking),

•             create a reporting mechanism from eAuthorisations that highlights when

data needs to be purged

•             create a mechanism (preferably an automatic process) that

deletes/de-identifies the data in eAuthorisations and the listed sub systems

•             maximise the existing functionality within eFinancials as this is not

linked to eAuthorisations (we already use parts of this functionality

(https://www.projects.ed.ac.uk/project/fin097) however it has never been extended past the modules implemented in this project.

 

Current project status

Report Date RAG Budget Effort Completed Effort to complete
November 2020 BLUE 115.0 days 109.0 days 0.0

Project Info

Project
Finance General Data Protection Regulation (GDPR)
Code
FIN127
Programme
Finance (FIN)
Management Office
ISG PMO
Project Manager
Anne Mathison
Project Sponsor
Craig Henderson
Current Stage
Close
Status
Closed
Project Classification
Run
Start Date
24-Sep-2018
Planning Date
11-Jan-2019
Delivery Date
11-Nov-2020
Close Date
13-Nov-2020
Overall Priority
Higher
Category
Compliance

Project Dashboard

Project journal

No entries found.

Change dashboard

Nothing to report.