Introduction In this article we are going to focus on the area of Person Removal. Considering the increasing Data legislation sweeping Countries, States and other Municipalities, there is a requirement for Organizations to implement ‘Forget me’ type procedures. These procedures require Personal Information be ‘Forgotten’ where Data Subjects request it. This is not just confined to customers of your Organization; every Person is considered a Data Subject. This requirement started with GDPR in the European Union and has made its way across to America by way of the California Consumer Protection Act, with many more States following. Oracle HCM Cloud has had a feature since 2019 that allows you choose Person records and essentially delete them and a lot (but not all) of their Data. Transactions are kept and a unique identifier is kept for transaction history (although this can be broken, read more below). Up until now the ability to ‘delete’ a person was something that had to be done through the Application pages, granted by way of Security (ORC_HRC_REMOVE_PERSON_INFORMATION specifically).
With this, Organizations have had the ability to control the process of removing a Person’s information and choose who should do it.
Oracle has been updating the way you upload data to the Application over the last few releases. Where Data was uploaded via different Pages in the Application, all Data uploads are now centralized in the HCM Data Loader function. This feature allows for many different transactions and data to be uploaded into the Application, including:
Payroll Setup & Transactional Data
The HCM Data Loader tool however once granted allows a User to first download a template for entering data on Person details to be removed and then uploaded. Once uploaded and the process complete, the Person information is removed. Oracle advises to only run the process on Employees whose status is set to Terminated and that if the Work Relationship is removed, the link to the worker is lost and any data for this worker will no longer be purged by this process. As of this point (Q1 2021) you cannot secure Templates or Uploads in HCM Data Loader, if you have access to Data Loader you can use the full functionality. Ideally, an Organization should be able to secure the individual Templates and Upload by process to ensure effective Security and Separation of Duties are implemented. This way you could secure the Person Removal process and control the access to it.
Evidently any process that allows for mass deletions of Employees and other types of Users without Approval or other control is a major problem. Combined with the conditions that exist within the Data Loader tool (setting Employees to terminated - the process does not discriminate who gets removed) this process represents a major Risk to any Organization.
Anyone who can upload Data via Data Loader has the chance to Remove Person information from the system and:
Disrupt the Operations of the Organization, Users transactions will come to a halt if they have been removed.
Allow malicious activity to be covered up by removing their (or others) Person information to slow or stop the risk of being caught.
Create a heavy workload to diagnose and re-implement Users who should not have been deleted.
Reduce trust in the operations and ultimately Financial accuracy.
A comprehensive part of Operations, Financial Reporting, Audit, Compliance and Control is the accountability of the people who utilize an Organization’s Applications and processes. Trust in your Application for accuracy and efficiency in its operation should be relied upon. With this feature we are urging Organizations to consider this functionality and implement effective Controls around Data Loader (and the Remove Person process within the Application).
These findings were discovered through our Patch Impact Analysis which reviews changes coming to your Oracle Cloud Environments, you can find out more HERE.
If you are struggling to implement a program for effective Controls in your Oracle (and more) Applications, Seecuring provides a subscription based service that provides:
Segregation of Duties
User Access Reviews
Patch Impact Analysis & Configuration Changes
We have been working with ERP/HCM Applications since the early 2000's, and work with leading CPA's, Audit staff and Application specialists to deliver a complete solution.
Before you invest in expensive Software, why not look at GRC as a Service? Faster delivery, lower cost, and more than just reports on your issues - we help Organizations achieve their goals for Internal Controls.