Data Storage Security

The infotypes in Personnel Management contain particularly sensitive data. This data is protected by central authorization objects.

Note Note

For more information about authorization objects, see Authorizations .

End of the note.
Examples of infotypes containing particularly sensitive data:

  • International infotypes for Personnel Administration (PA-PA)

    • Personal Data (0002)

    • Basic Pay (0008)

    • Bank Details (0009)

    • Family Member/Dependents (0021)

  • Personnel Development (PA-PD)

    • Qualifications

    • Appraisals

  • Personnel Cost Planning and Simulation (PA-CP)

    • Planning of Personnel Costs (0666), contains salary-based information

  • Management of Global Employees (PA-GE)

    • Compensation Package Offer (0706)

Other sensitive Personnel Management data

  • Budget Management

    The Budget Management component accesses the salary data of employees and displays data from the Controlling (CO) and Funds Management (FI-FM) components. The standard authorization concept for Human Resources , Controlling , and Funds Management is used for these processes. The following authorization objects are also available to protect the data:

    • P_ENCTYPE ( HR: PBC - Financing ): Determines which funds reservation types a user can access and which activities the user is allowed to perform.

    • P_ENGINE ( HR: Authorization for Automatic Commitment Creation ): Determines which activities a user is allowed to perform when creating commitments.

  • Pension Fund (PA-PF)

    Access to salary data, pensions, and benefits entitlements is protected by the following authorization objects:

    • P_ORIGIN ( HR: Master Data )

    • P_CH_CK ( HR-CH: Pension Fund: Account Access )

    • P_NL_PKEV ( Bevoegdheidsobject voor PF-gebeurtenissen )

  • Personnel Cost Planning (PA-CM-CP and PA-CP)

    The old Personnel Cost Planning (PA-CM-CP) and the new Personnel Cost Planning and Simulation (PA-CP) components both save salary-relevant information to the clusters of the database PCL5. You can control access rights using the authorization object P_TCODE ( HR: Transaction Code ).

  • Employee Interaction Center (PA-EIC)

    The EIC Authentication infotype (0816) enables question and response pairs to be saved that an agent of Employee Interaction Center then uses to identify a calling employee. You can only maintain the infotype with the Authentication for EIC Employee Self-Service.

  • HR Administrative Services (PA-AS)

    The personnel file and all process instances are saved with intermediate statuses and history to the Case Management databases.