Phased rollout This version of the software is currently available only to early adopter SaaS customers as the first step in our phased rollout.

Addressing data privacy requests


As the data protection officer or the administrator, you can manage and resolve end users' requests associated with the General Data Protection Regulation (GDPR) by using the BMC Helix Digital Workplace Personal Data Privacy Utility. This topic provides information about the BMC Helix Digital Workplace Personal Data Privacy Utility, and describes how to export and anonymize personal data.



The BMC Helix Digital Workplace Personal Data Privacy Utility is a scripting tool that enables the data protection officer or the administrator to perform the following activities to match some of the GDPR compliance requirements:

Important

For information about the GDPR compliance requirements, visit the official EC website at https://ec.europa.eu/info/law/law-topic/data-protection_en. For additional information about BMC and GDPR compliance, see https://www.bmc.com/it-solutions/gdpr-compliance.html and Data-privacy-the-GDPR-and-the-Digital-Workplace-technology.

The Personal Data Privacy Utility works for basic configuration (BMC Helix Digital Workplace) and advanced configuration (BMC Helix Digital Workplace Catalog and BMC Helix Digital Workplace), and is compatible with Linux, Windows, MSSQL, and Oracle. 

You can download the utility from the BMC Electronic Product Distribution (EPD) portal.

You can run the utility remotely, and not on the local BMC Helix Digital Workplace servers.

To export personal data

Important

You can export personal data for only one user at a time.

  1. Extract the archive with the Personal Data Privacy Utility.
  2. Open the config folder, and configure the database connection in the application.properties file.

    • If you are working with BMC Helix Digital Workplace Basic, select the basic option. Then, according to the provided examples, configure the database connection for BMC Helix Digital Workplace only (ignore the BMC Helix Digital Workplace Catalog section).
    • If you are working with BMC Helix Digital Workplace Advanced, select the advanced option, Then, according to the provided examples, configure the database connections for BMC Helix Digital Workplace and BMC Helix Digital Workplace Catalog.
    Click here to see the breakdown of values in the application.properties file
    # Profile configuration
    #
    # Possible options: 'basic', 'advanced'
    #
    # 'basic' - allows working only with DWP product
    # 'advanced' - allows working with DWP and DWP Catalog products
    spring.profiles.active=advanced
    # DB Connection Properties
    #
    # Settings for driver class name (MS SQL Server DB):
    # driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver
    #
    # Settings for driver class name (Oracle DB):
    # driver-class-name: oracle.jdbc.driver.OracleDriver
    #
    # Settings for driver class name (PostgreSQL):
    # driver-class-name: org.postgresql.Driver
    #
    # Settings for url (PostgreSQL):
    # url: jdbc:postgresql://<host>:<port_number>/<database_name>
    #
    # Settings for url (MS SQL Server):
    # url: jdbc:sqlserver://<host>:<port_number>;DatabaseName=<database_name>
    #
    # Settings for url (Oracle):
    # url: jdbc:oracle:thin:@<host>:<port_number>:<database_name>
    dwp.business.driver-class-name=com.microsoft.sqlserver.jdbc.SQLServerDriver
    dwp.business.url=jdbc:sqlserver://<host>:<port_number>;DatabaseName=<database_name>
    dwp.business.username=<Business_Schema>
    dwp.business.password=<Password>
    dwp.system.driver-class-name=com.microsoft.sqlserver.jdbc.SQLServerDriver
    dwp.system.url=jdbc:sqlserver://<host>:<port_number>;DatabaseName=<database_name>
    dwp.system.username=<System_Schema>
    dwp.system.password=<Password>
    dwp.tenantid=000000000000001
    catalog.driver-class-name=com.bmc.arsys.jdbc.core.Driver
    catalog.url=jdbc:arserver://<host>:<port_number>;user=<user_name>; password=<Password>
    catalog.username=<user_name>
    catalog.password=<Password>
    # Number of port by which DWP Catalog is reachable
    catalog.port=8008
    # Logging levels
    # Possible values: ALL, DEBUG, ERROR, FATAL, INFO, OFF, TRACE, WARN
    logging.file=dp-tool.log
    logging.level.root=ERROR
    logging.level.com.bmc=DEBUG
  3. Open the scripts folder.
  4. Open the appropriate subfolder:
    • If you are working on the Linux OS, open the linux subfolder.
    • If you are working on the Microsoft Windows OS, open the windows subfolder.
  5. In the set_user_to_export file, provide the user ID, and the location for the exported files:

    • To set the user whose data you are exporting, enter the dp-export userID command.
    • (Optional) To set the location for the exported files, enter the dp-export userID --p outputFolderPath command.

    Important

    If the location for the exported files is not specified, the utility puts the exported files in the scripts folder.

  6. Save the changes, and close the file.
  7. Return to the scripts folder, and open the startup_export file.
    The script automatically executes the command specified in step 5.

After the export is finished, the exported files are located in the appropriate folder and saved in CSV format. These files can be forwarded to the requester.

Before you begin

The BMC Helix Digital Workplace and BMC Helix Digital Workplace Catalog databases are dependent on the BMC Helix ITSM/Action Request System (AR System) databases. To perform a complete personal data anonymization, follow these steps:

  1. Anonymize the requester's personal data in BMC Helix ITSM/Action Request System (AR System). Follow the instructions in Addressing data privacy requests in the Action Request System (AR System) documentation.
  2. After the anonymization is finished in BMC Helix ITSM/Action Request System (AR System), use BMC Helix Digital Workplace Personal Data Privacy Utility to anonymize the requester's personal data in BMC Helix Digital Workplace and BMC Helix Digital Workplace Catalog.

 To anonymize personal data

Warning

Do not anonymize active users. The action of anonymization is not reversible.


Important

During the anonymization of user's personal data, the utility deletes the ratings and reviews regarding the BMC Helix Digital Workplace Catalog services that this user received.

  1. Extract the archive with the Personal Data Privacy Utility.
  2. Open the config folder, and configure the database connection in the application.properties file

    • If you are working with BMC Helix Digital Workplace Basic, select the basic option. Then, according to the provided examples, configure the database connection for BMC Helix Digital Workplace only (ignore the BMC Helix Digital Workplace Catalog section).
    • If you are working with BMC Helix Digital Workplace Advanced, select the advanced option. Then, according to the provided examples, configure the database connections for BMC Helix Digital Workplace and BMC Helix Digital Workplace Catalog.
    Click here to see the breakdown of values in the application.properties file
    # Profile configuration
    #
    # Possible options: 'basic', 'advanced'
    #
    # 'basic' - allows working only with DWP product
    # 'advanced' - allows working with DWP and DWP Catalog products
    spring.profiles.active=advanced
    # DB Connection Properties
    #
    # Settings for driver class name (MS SQL Server DB):
    # driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver
    #
    # Settings for driver class name (Oracle DB):
    # driver-class-name: oracle.jdbc.driver.OracleDriver
    #
    # Settings for driver class name (PostgreSQL):
    # driver-class-name: org.postgresql.Driver
    #
    # Settings for url (PostgreSQL):
    # url: jdbc:postgresql://<host>:<port_number>/<database_name>
    #
    # Settings for url (MS SQL Server):
    # url: jdbc:sqlserver://<host>:<port_number>;DatabaseName=<database_name>
    #
    # Settings for url (Oracle):
    # url: jdbc:oracle:thin:@<host>:<port_number>:<database_name>
    dwp.business.driver-class-name=com.microsoft.sqlserver.jdbc.SQLServerDriver
    dwp.business.url=jdbc:sqlserver://<host>:<port_number>;DatabaseName=<database_name>
    dwp.business.username=<Business_Schema>
    dwp.business.password=<Password>
    dwp.system.driver-class-name=com.microsoft.sqlserver.jdbc.SQLServerDriver
    dwp.system.url=jdbc:sqlserver://<host>:<port_number>;DatabaseName=<database_name>
    dwp.system.username=<System_Schema>
    dwp.system.password=<Password>
    dwp.tenantid=000000000000001
    catalog.driver-class-name=com.bmc.arsys.jdbc.core.Driver
    catalog.url=jdbc:arserver://<host>:<port_number>;user=<user_name>; password=<Password>
    catalog.username=<user_name>
    catalog.password=<Password>
    # Number of port by which DWP Catalog is reachable
    catalog.port=8008
    # Logging levels
    # Possible values: ALL, DEBUG, ERROR, FATAL, INFO, OFF, TRACE, WARN
    logging.file=dp-tool.log
    logging.level.root=ERROR
    logging.level.com.bmc=DEBUG
  3. Open the scripts folder.
  4. Open the appropriate subfolder:
    • If you are working on the Linux OS, open the linux subfolder.
    • If you are working on the Microsoft Windows OS, open the windows subfolder.
  5. In the set_user_to_anonymize file, provide the user ID of the user whose data you are anonymizing.
    Enter the dp-anonymize userID command.
  6. Save the changes, and close the file.
  7. Return to the scripts folder, and open startup_export file.
    The confirmation message appears.
  8. To execute the anonymization, type y and press Enter.
    To decline the anonymization, type n and press Enter.

After the anonymization is finished, you cannot find the personal data of the requester in the system. The absence of the user's personal data indicates a successful anonymization.