Skip to Main Content
IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Future consideration
Created by Guest
Created on Jun 5, 2024

Data separation Act - Korea ISMS recommendation to separate tables for withdrawn/deleted consumers

According to the Korea regulation, system check was performed by K-ISMS team, and they have identified caveats with storing user related data. 

As the consumers information is shared across tables like person info, user, order etc., when the user withdraws/deletes his account, the data needs to be maintained in a separate table, per the recommendation.

  • Admin
    Bharat Khade
    Reply
    |
    Sep 11, 2024

    Hi Suraj,

    On the KISMS compliance to deploy OMS in Korean region, IBM suggests customers to exercise the option to customize the application to achieve data separation of active and inactive users. Request to do the needful. Any information level support required for this customization, please work with IBM support.


    regards,

    Bharat K




  • Admin
    Bharat Khade
    Reply
    |
    Sep 10, 2024

    Hi Suraj, Product team is awaiting security guidelines to make OMS complaint for KISMS. IBM will take a decision based on the guidelines received. Outcome will be shared with yu accordingly.


    thanks,

    Bharat K


  • Admin
    Bharat Khade
    Reply
    |
    Sep 4, 2024

    Thanks Suraj. IBM is checking more on this. Will get back. regards,

    Bharat K

  • Guest
    Reply
    |
    Sep 3, 2024

    Hi Bharat, yes this is from Korea region of Adidas.

    We had already discussed about GDPR feature with Korea audit team and also with IBM peers in the PMR call, but this does not suffice our requirement. The expectation is to separate the inactive users and active users in different tables (rather than the same table) and also their orders to archive separately in a different table when they withdraw/delete their account. The user would be treated as new if they come back again.

    You can go through the below to understand more on this.
    --> Regulation to separate the table as per the law. No exception to this case.



    Article 6 (Transaction Records to Be Preserved by Business Operators) (1) The subject matter and scope of transaction records to be preserved, and period of such preservation by a business operator pursuant to Article 6 (3) of the Act shall be as follows: Provided, That a mail order broker under Article 20 (1) of the Act (hereinafter referred to as "mail order broker") shall preserve the following transaction records to the extent of the records managed through his or her data processing system: <Amended on Sep. 29, 2016>

    1. Records related to marks and advertisements: Six months;

    2. Records related to cancellation of contracts or subscriptions, etc.: Five years;

    3. Records related to payment for and supply of goods, etc.: Five years;

    4. Records related to resolution of consumer complaints or disputes: Three years.

    (2) Business operators are obliged to provide consumers with the following methods of perusal and maintenance of transaction records under Article 6 (3) of the Act:

    1. To allow the consumer who is a party to a transaction to peruse and verify the transaction records at the relevant cybermall (referring to the cybermall set forth in subparagraph 4 of Article 2 of the Act; hereinafter the same shall apply) where the transaction has been made, and to store them in the data processing system, etc. in electronic form;

    2. To allow the consumer who is a party to a transaction to peruse or copy the transaction records at his or her request via visit, telephone, facsimile, e-mail, etc.: Provided, That where the works falling under any of Articles 4 through 6 of the Copyright Act (excluding works which can be copied under the Copyright Act) are included in the transaction records, copying thereof may be refused;

    3. Where the business operator keeps the transaction records and the personal information of the consumer who has withdrawn his or her consent to the use of such personal information pursuant to Article 6 (2) of the Act, the business operator shall keep them separately from those of other consumers who do not withdraw their consent to the use of their personal information.

    [This Article Wholly Amended on Aug. 13, 2012]

  • Admin
    Bharat Khade
    Reply
    |
    Sep 3, 2024

    Hi Suraj, please answer the queries above.

    thanks,

    Bharat K

  • Admin
    Bharat Khade
    Reply
    |
    Aug 21, 2024

    Hi Suraj, Can you please clarify if this OMS deployment is from Korea region of Adidas? Or you are planning the same in Korea?

    Or OMS deployed in some other non Korean teritory having the Korean customers creating orders in.


    Also, look at the GDPR documentation where IBM expects OMS customers to get rid of data of the deleted customers and archive separately. Hope that will help. Adidas team has been already replied on this topic previously.

    Please review the following documentation to assess the mandates and how to implement.https://www.ibm.com/docs/en/order-management-sw/9.5.0?topic=users-general-data-protection-regulation-gdpr-support#:~:text=Sterling%20Order%20Management%20provides%20GDPR,according%20to%20your%20business%20needs.IBM can support the base solution while the implementation would be upto adidas to ensure certification/compliance in the region.

    Please clarify the answers.


    thanks,

    Bharat K