Concur Data Disposal Process - What all fields con...

ArifM57 · ‎Jan 18, 2022

In the Concur Data disposal process, concur considers some data as "Sensitive" & remove it after a maximum of 12 months from the date of Inactivating the data once the Data retention process is activated for the instance.

However, when asked Concur support which all fields considered to be "Sensitive" data, they have only provided generic information as examples like SSN Number, Passposr No. etc. but have not shared the exact all fields that which all fields exactly removed as part of "Sensitive" data when we activate the Data Retention Policy.

Has anyone came across similar requirement? & are you able to share your input on how to manage this part & how can we get to know which all fields exactly considered as "Sensitive" Data?

Thanks!

PetraZ · ‎Apr 2, 2023

Hi, we are dealing with the same issue. We need clarification of "Sensitive Data", what is covered by category "Invoice", "Expenses", but we only received this manual:Shared: Data Retention Setup Guide for Concur Standard Edition (concurtraining.com)

KevinD · ‎Apr 6, 2023

@ArifM57 I am not an expert in this area, but from what I've heard and how I understood it, any data that can identify that person is considered sensitive. So, SSN, first name, last name, email address. I wasn't able to find an external/customer facing all encompassing list of the the sensitive data items.

Thank you,
Kevin
SAP Concur Community Manager
Did this response answer your question? Be sure to select “Accept as Solution” so your fellow community members can be helped by it as well.

Concur Data Disposal Process - What all fields considered as Sensitive Data