Encryption of Wage Types in SAP HCM
FIS thereby complies with the high data protection requirements in the personnel area.
Salary data is one of the most sensitive data in a company. At a first glance, this data can only be viewed by persons with respective HR authorizations. However, this is a false conclusion since wage type amounts are "only" stored in tables which can also be read by means of standard transactions. As a consequence, actually unauthorized users might have a relatively easy access to salary information. At the same time, some companies do not want single persons responsible in HR administration to view amounts for all wage types or only details, such as surcharges for specific employees.
For this purpose, FIS/hrd® WAE has been developed. When using the module, amounts saved during maintenance are no longer directly included in the infotype tables but stored separately and in an encrypted way. In these tables, the personnel numbers or amounts belonging to the respective values are not obvious. This information will only be released again during runtime, i.e. upon salary data maintenance, for instance.
During configuration, the administrator has numerous options: It can be prevented via the "strict authorization check" that a non-authorized person responsible is allowed to view sensitive salary data for specific groups (e.g. non-tariff employees). All other information and amounts the person responsible might need to access remain visible.
If required, Employee and Manager Self Services are also taken into account. In doing so, employees are still able to view and maintain their data. The same applies to their managers. Consequently, the encryption via the new FIS module once again enables SAP HCM users to significantly improve the security of their personnel data.