The BMC Integration Service solution provides capabilities that help administrators address the personal data protection and privacy requirements associated with the General Data Protection Regulation (GDPR). The GDPR is a set of rules and principles governing the handling of personal data of individuals located in the European Union (EU).
This BMC document provides general information about the General Data Protection Regulation (GDPR) and GDPR key requirements. It is not intended to provide any legal advice. The GDPR can be found at https://ec.europa.eu/info/law/law-topic/data-protection_en. Under this new Regulation, any organization handling personal data of European Union residents, regardless of its location, needs to understand which GDPR requirements apply to its organization and accordingly devise a plan for adjusting its systems and processes and for educating its people. Although BMC is not in the business of data privacy compliance software, some of the features of the BMC Integration Service solution can help customers meet some requirements of the GDPR. For more information about how BMC solutions can help achieve the requirements of the GDPR, see https://www.bmc.com/it-solutions/gdpr-compliance.html.
Personal data in BMC Integration Service
According to the GDPR, personal data includes any information that can identify an individual directly or indirectly. For example, the following data can be considered as personal data: name, phone number, email address, IP address, government ID number, credit card numbers, and similar.
BMC Integration Service stores personal data in databases and related files for an unlimited time period (until the data is deleted, modified, or anonymized).
Using the BMC Integration Service Personal Data Privacy Utility
The BMC Integration Service Personal Data Privacy (PDP) Utility can be used by the data protection officer or the administrator to respond to the data privacy requests and inquiries from individuals. Use the Personal Data Privacy (PDP) Utility to perform the following GDPR compliance activities:
To use the BMC Integration Service Personal Data Privacy (PDP) Utility, you must have the administrator role.
Before you begin
If the utility finds matching personal data, you receive a response in the following format:
Use the response text to create a file that you can send to the requester regarding their personal data storage.
Do not anonymize active users. The action of anonymization is not reversible.
After anonymization is finished, the personal data values are replaced by the value <Personal Data Removed> in different parts of the user interface, as shown in the following examples.
<Personal Data Removed> in the Users section
<Personal Data Removed> in the Accounts section
<Personal Data Removed> in the Flows section
<Personal Data Removed> in the Configuration section