Addressing data privacy requests

BMC Helix Innovation Suite helps administrators address the personal data protection and privacy requirements associated with the General Data Protection Regulation (GDPR). The GDPR is a set of rules and principles governing the handling of personal data of individuals located in the European Union (EU).

Related topic

Data-privacy

As a Data Protection Officer or an administrator, you can address the data privacy requests that an individual raises.

Important

This document provides general information about the GDPR and GDPR key requirements. It is not intended to provide any legal advice. Detailed information about GDPR can be found at https://ec.europa.eu/info/law/law-topic/data-protection_en. Under this new Regulation, any organization handling personal data of European Union residents, regardless of its location, must understand which GDPR requirements apply to the organization and accordingly devise a plan to adjust its systems and processes, and educate its people.

Although BMC is not in the business of data privacy compliance software, some of the features of the BMC Helix Innovation Suite can help customers meet some requirements of the GDPR. For more information about the BMC solutions that help achieve the requirements of GDPR, see General Data Protection Regulation (GDPR).

Personal data in BMC Helix Innovation Suite

BMC Helix Innovation Suite applications may include users' personal data such as names, phone numbers, email addresses, government ID numbers, locations, credit card numbers, and IP addresses that can identify individuals personally. 

Personal data in BMC Helix Innovation Suite log files

BMC Helix Innovation Suiteretains the data in log files and then the log files are automatically deleted from the BMC cloud. However, on-premises customers can configure the log retention period. For more information, see Enabling-logs.

Personal data used by the BMC Helix Innovation Suite Cognitive Service

BMC Helix Innovation Suite deletes all the conversation logs from the BMC cloud once a week.

For information about the log limits in IBM Watson Assistant, see Log limitsin the IBM Watson  documentation.

For information about IBM Watson GDPR readiness, see GDPR in the IBM Watson documentation.

Capabilities for handling personal data

BMC Helix Innovation Suite provides an administrator the following capabilities to protect the personal data of a user:

  • Perform a lookup to find whether any personal data of a user is stored in applications. 
  • Provide a user with their personal data in a safe way.
  • Replace users' personal data permanently in the applications.

On behalf of a user, an administrator can perform the following operations on the user's personal data:

Operation

Description

Search

Search for the user's personal data available in applications and provide a report.

An administrator can download and send this data to the user in a portable and standard format such as the .csv file format. The search operation is performed on structured and unstructured data.

To enable search operation for structured data (For example: JSON and HTML), an administrator must configure the content-definition setting by providing the following value:

{"formName":"<name>","fieldName":"<field>","fieldFormat":"<JSON>/<HTML>/<TEXT>"}

If the content-definition setting is not configured, then the search is performed on the fields with datatype as Text and Character Large Object (CLOB).

Replace

Replace the user's personal data.

Data is not deleted, but it is replaced with a non-readable information permanently. The replace operation is performed only on the fields with datatype Text and CLOB.

Ignore

Ignore a record during a replace operation.

You can exclude any personal data from getting replaced. The ignored records are not replaced.

You must consider the following points while performing operations on personal data:

  • You must perform these operations in each environment separately such as development, QA, and production environments.
  • You cannot modify or search for the personal data stored in the following components:
    • Attachments stored along with records instances
    • Process definitions
    • Localized strings
  • You must not replace the login ID of a user.

To manage data privacy requests in the BMC Helix Innovation Suite database

When a user logs a data privacy request, the Data Protection Officer or administrator must act on the request by searching, extracting, or anonymizing the personal data connected to that user. Personal Data refers to the string that is searched in the database. 

Perform the following steps to use the AR SystemPersonal Data Privacy (PDP) utility to manage data privacy requests in the AR Systemdatabase:

  1. Back up the database.
  2. In BMC Helix ITSM, select Applications > Personal Data Privacy.
  3. Click the PDP Job Console form, and create a job.
  4. Enter the details of the requester.
  5. On the Personal Data tab, click Add.

  6. Enter values in the Personal Data Label and Personal Data fields.

    For example: To search for mmann@apexglobal.com, where mmann@apexglobal.com is the email address, enter Email Address in the Personal Data Label box and mmann@calbroservices.com in the Personal Data box.

    The Replace with box is auto-populated with a string. When the AR Forget operation is executed, the Replace with string replaces the string entered in the Personal Data box.

  7. Click Add.
    You can add multiple Personal Data strings in a job for a requester.

  8. Click Lock Personal Data to lock the data connected to the requester.

    You can use the Exclusion List or Inclusion List forms. For more details, see Considerations.

  9. On the Operations tab, select an operation, and click Execute.
    The following screenshot shows different types of the Execute operations:
    Execute operations.png
    The following table describes different types of Execute operations:

    Operation 

    Description

    AR Search

    Search Personal information data in the database and provide result in the Search

    Result tab.

    AR Extract

    Extract the result of AR Search operation in the CSV format.

    AR Forget

    AR Delete

    Extract the result of AR Search operation in the CSV format.

    When the anonymize operation is complete, a message describing the number of records that were anonymized or failed to anonymize is displayed. You can make the required changes in the search results and run the operation again for the failed records.

    PDP_SS.PNG

    There might be personal data that is not connected to the user that has requested data privacy request. In this case, examine and modify the search result report to include the personal data that is connected to the user.

    Run the utility for one individual at a time and provide all the possible personal data within the same job to anonymize. This approach produces the optimal number of records to review for the search result of the requester.

    Be sure to anonymize or delete all the personal data of a user in a single operation. Partial anonymization or deletion of personal data for a user might cause data inconsistencies in the database and might result in errors within the database.

Statuses in Personal Data Privacy utility

The following table explains statuses that are displayed across different phases of the Personal Data Privacy utility:

Status

Description

New

The initial status that is assigned automatically when a job is created.

Waiting for personal data

Personal data is not yet added after the job is created.

Ready for Search

Personal data is filled, and the utility is ready for the search operation.

Performing Search

The utility is searching for personal data.

Performing operation

The extract or anonymize operation is in progress.

Successful

The operation was completed for all the selected records.

Failed

The operation was not completed for all of the selected records due to some errors in the data.

To manage data privacy requests in the Smart IT database

When the Personal Data Privacy (PDP) utility (located in the installationDirectory\BMC Software\Smart_IT\SmartITCustomizationUtil\password-encryption-version-BUILD-SNAPSHOT.zip) runs on the User or People form to anonymize the Login Name field for a requester, the Smart IT database must be updated with the anonymized string.

Perform the following steps to manage data privacy requests in the

Smart IT

database:

  1. Double-click to open the PDP utility:
    For Windows: PDPU_SmartIT_DB_Tool-9.1.05-SNAPSHOT\scripts\win\smartit_pdpu_tool.bat
    For Linux: PDPU_SmartIT_DB_Tool-9.1.05-SNAPSHOT\scripts\linux\smartit_pdpu_tool.sh

  2. Enter the following command to encrypt the password for the Smart ITdatabase:

    Command in shell mode: pdpu-encrypt-password <your password>EncryptPassword.PNG

  3. Open PDPU_SmartIT_DB_Tool-9.1.05-SNAPSHOT\scripts\win\..\..\config\application.yml in a text editor and update the following database connection details:

    Field

    Value

    driver - class - name

    Enter the name of the database.

    url

    Enter the URL to access the database.

    username

    Enter the name of the user who has the permissions to update the database.

    password

    Paste the encrypted password (that is copied from step 2) in the following syntax: ENC(xxxxxxxxxxxxxxxxxxxxxxxx)

    tenantid

    Enter the tenant ID between the double quotations.

 Considerations for a data privacy operation

Consider the following points while executing a request for a data privacy operation:

  • You must configure the list of forms in the following forms:
    • Exclusion List: Specifies the names of forms in which the personal data must not be searched.
      For example: To prevent searching for personal data in the Audit form, you must add the Audit form to the Exclusion List.
    • Inclusion List: Specifies the names of forms in which the personal data must be searched.
  • If a form is added to both forms, the Exclusion List takes precedence over the Inclusion List.
  • When the Exclusion List or Inclusion List is not configured, personal data is searched in all the forms.
  • Before executing AR Extract or AR Forget operations, you must execute an AR Search operation. If you select any operation other than Search, you will get an error.
  • Personal data is not searched inside an attachment.
  • Personal data in the Last modified by field is not anonymized.
  • The anonymization operation cannot anonymize a specific field value if the size of a field is less than the Replace String field value.
  • A data privacy operation is not reversible. Before executing the AR Forget operation, make sure that the entered information string is correct.
  • When multiple Personal Data records are added to a job, sometimes multiple errors are displayed in the job logs of the AR SystemPersonal Data Privacy utility.

Frequently asked questions about the PDP utility

What if an organization is not established in the EU?

The GDPR applies to the processing of the personal data of EU residents, regardless of the location of the organization processing such personal data.

Does the PDP utility search personal data inside attachments?

No.

Who can run the PDP utility? Does it require any special permissions to execute a PDP operation?

The BMC Helix Innovation Suite administrator or PDP administrator of BMC Helix Innovation Suite can run the PDP utility.

Can I pause a PDP operation and continue later?

No.

Can I cancel a PDP operation?

No.

What does the Lock Personal data button do?

The Lock Personal data button is used to prevent simultaneous access to the data that is related to an individual. The personal data must be locked to operate the PDP utility. Additionally, the locking personal data option allows the administrator to verify the personal data as the data cannot be changed after it is locked.

How do I use PDP utility for multiple people?

This is usually a request-driven operation. An individual wants to know about stored personal data that is connected to that individual, or requests to be forgotten. This utility helps companies to address such requests for personal data stored in the BMC Helix Innovation Suite solution.

Is the utility available in AR System as a shared service, too?

Yes, the utility is also available for AR System as a service installation.

Can multiple data privacy jobs run at the same time?

It is not recommended to run multiple data privacy jobs in parallel. The jobs can be run from the job console only.

Is it possible to create a workflow to fill the replacement configuration table in the first tab?

You can use the native AR Systemplatform capabilities with the forms for PDP utility. 

If an ex-employee is re-hired in an organization, can the anonymized data be reverted?

There is no built-in revert function. After the data anonymized, data cannot be reverted.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*