By 2022, 80 percent of the companies covered by the European Data Protection Regulation (GDPR) will have to pay fines for not pursuing legacy decommissioning. “ Gartner is more aware of the legal risks that exist with legacy systems in terms of data protection go out, do not warn. The reason for this lies in particular in the so-called right to be forgotten. However, which company can delete all information about a customer at the level of a single record or a single document on request in all its systems? One solution to this problem is the decommissioning of legacy systems or Neudeutsch Application Retirement.
Just save is risky
The European data protection represents a new era. While the company could be equated with data security in the past, data protection often is no longer possible since 25 May 2018. Previously, the motto was: save everything and make sure that it is not stolen, lost or deleted. And, of course, there are countless regulations that suggest this approach: financial documents must be kept audit-proof for ten years, liability-related information such as customer data, quality checks in production, construction plans or maintenance reports for up to thirty years and patient data even longer.
These regulations are one of the main reasons why companies do not simply move all information into the new system and shut down legacy systems when switching systems. Because a system change including data migration usually includes a change to the data structures. As a result, most companies only migrate part of the legacy data, logging every single step for traceability and legal certainty. At the same time, they keep their legacy systems for the rest of the information, operate them alongside their new solutions, and only power them up when needed – and dispose of them only when the legal retention period has expired.
As common as this approach is, it is so risky. Only the procurement of spare parts for aged hardware can cause problems. In addition, the legacy systems run out of maintenance and become vulnerable because they no longer have security updates. Added to this are the internal maintenance effort and possibly even license and support fees, even if the system is no longer used in day-to-day business. Finally there is the complexity problem. After all, larger companies in particular do not only have one central system in which all the data for one customer or supplier is located, but several, if not many. Accordingly, the number of old systems is large.
The lifecycle is important
Imagine, a long-standing customer demands that all information stored by him be deleted. In a typical application landscape, data and documents can be found in a wide variety of systems: ERP, CRM, e-mail servers and document management systems, etc. And these are just the operational business solutions! Added to this are the corresponding legacy systems. Such a request would have to be all searched, the information collected and checked to see which of them could be immediately deleted and which still needed to be retained due to legal deadlines. If, for example, invoices from different years are found below, it should be ensured that these are deleted after the ten-year period has expired. The process, which is triggered by this single request can take many years to complete. And if a company fails to comply with this request, penalties may also be imposed by the authorities.
Application Retirement is worth it
Without records management and consistent retention management, this task can not be accomplished. On the other hand, it is financially and technically too expensive to retrofit all inventory and legacy systems accordingly. The best solution, therefore, is to store the information from the legacy legacy systems on a proprietary, modern platform that has comprehensive retention management capabilities.
The associated cost of IT is low compared to the benefits: Such a platform for corporate information not only eliminates the legal and security risks mentioned. Rather, it saves money. Once the information has been extracted from the legacy systems and stored on the new platform, it can be completely shut down. This also eliminates license, maintenance and support costs. Therefore, the fastest, safest and most rewarding way to comply with the requirements of the European General Data Protection Regulation is to phase out legacy systems : via application retirement.
So turn off now! We show you how .