Within Finance there are multiple systems that contain personal data; eAuthorisations, eFinancials, eExpenses, eIT, eStores, eTime, FPM, Webfirst, Worktribe and Business Objects. Some of the systems don’t have an end date which would allow finance to know when personal data had reached the end of their retention period, they also don’t have a mechanism to delete the records when the retention period has been exceeded.
The need therefore is fourfold;
• create a way we can enter an end date against individuals in
eAuthorisations (this is the central system for controlling access to finance sub systems; eIT, WebFirst, eStotes, eTime, eExpenses, Work Tribe, FPM, Online Banking),
• create a reporting mechanism from eAuthorisations that highlights when
data needs to be purged
• create a mechanism (preferably an automatic process) that
deletes/de-identifies the data in eAuthorisations and the listed sub systems
• maximise the existing functionality within eFinancials as this is not
linked to eAuthorisations (we already use parts of this functionality
(https://www.projects.ed.ac.uk/project/fin097) however it has never been extended past the modules implemented in this project.
Current project status
|Report Date||RAG||Budget||Effort Completed||Effort to complete|
|November 2020||BLUE||115.0 days||109.0 days||0.0|