‘We’re very disappointed’ by SBA’s decision to pull back from SAP application process
Posted On July 30, 2021
SBA applied to SBA for a waiver that would allow the government agency to allow the public to use its SAP application system, according to the filing.
SAP filed a petition with the U.S. Patent and Trademark Office to apply for a “waiver of the Federal Information Processing Standard” and “application for an exception to the Federal Privacy Rule.”
The application was denied by the U-S-A in October 2017.
“While SBA will not have to abide by the Federal Policy or Federal Information Security Standard for its application for an exemption from the Federal Data Privacy and Security Standard, SBA believes that the Federal policy and the Federal Standard are more appropriate and effective tools to protect the personal information and data of its employees and contractors than SAP’s current practices,” the filing stated.
In an interview, Scott O’Connell, SAP’s head of business development, said the agency’s request was for a modification to the existing Federal Privacy and Protection of Data Standard.
However, he said the request did not cover the public-facing use of SAP’s system, and that SAP’s application was designed for public use.
“This is not about SAP’s public-use application,” O’Connor said.
“This is about the data we collect and the use that we are permitted to make.”
While SSA was the only government agency that applied to the government for an “exemption” to the FPS, O’Connors said that he believes it is not the only federal agency that has been considering whether to pull SAP’s software from the public use and public use for public release.
A federal data breach involving the personal data of more than 1.6 million people has prompted a federal probe of whether SAP is responsible.
O’Conn, a former Microsoft employee, said SAP has “failed to make any substantial changes” to its software, which has been used for more than a decade in government.
He added that SAP will seek an exemption for its own use in 2018.
On Wednesday, a Justice Department inspector general’s report said that the federal government has a long history of failing to protect its employees’ personal information from data breaches.
The report also criticized the way SAP’s data breaches have been handled.
Its report said SAP did not take action to mitigate the risks that information could have been stolen, but instead made “unnecessary and unwise assumptions” about who might have been affected.
Earlier this month, a number of tech companies including Facebook, Amazon and Google filed a complaint with the Securities and Exchange Commission, calling for greater transparency about their use of the company’s data-protection software.
After a review, the SEC announced that it would investigate the complaint.