Features

The authorization concept for data privacy is based on the general authorization checks for Human Resources and archiving.

When destroying data, you use write and delete programs that communicate with the logical database PNPCE. The PNPCE logical database performs the standard authorization checks for all infotype data records that are requested by the report using the INFOTYPES statement.

For detailed information, see the documentation for the program SAPDBPNPCE for the logical database PNPCE.

Furthermore, you can use the report-specific authorization check HR: Reporting (authorization object P_ABAP) to override the authorization for the write programs and the delete programs for personal data, irrespective of the infotype authorization. You can thus grant a user authorization to destroy HR master data without also granting this user other authorizations for personal data.

Since the write programs and delete programs refer to archiving objects, they are also subject to the authorization concept for archiving. For more information, see User Authorization Checks in archiving.

You can control write and delete authorizations separately, independently of the authorization checks mentioned.