Data Privacy Regulations

IBM’s commitment to Customer Privacy mandates that IBM Sterling® Order Management System and related offerings are compliant with the prevalent privacy-related regulations that are announced by various government bodies. For example, General Data Protection Regulation (GDPR) for the European Union and California Consumer Privacy Act (CCPA) for the State of California.

• General Data Protection Regulation (GDPR) support - The GDPR is adopted by the European Union’s 27 member countries (“EU”). When you handle personal data, it establishes a stronger data protection regulatory framework for the processing of individual personal data that impacts IBM and IBM’s client contracts, policies, and procedures.
• California Consumer Privacy Act support - The CCPA is a state statute that is intended to enhance privacy rights and consumer protection for residents of California, United States.

Most privacy mandates can be implemented by using or extending the GDPR service to implement the CCPA requirements and can be customized by following the Service Definition Framework. For more information about the prebuilt services to serve Data Service Requests, see General Data Protection Regulation (GDPR) support.