ERP systems and the challenges of legal protection of personal data

With the development and application of information technologies came the development of the first applications that automated the production process and data processing itself. This refers primarily to the input-output of goods, invoicing, bookkeeping... The adoption of information technologies in organizations has led to changes in basic business procedures. Ever since the early 1950s, companies have begun to apply information technology to business applications. In the beginning, companies used stand-alone mainframes. These were mainframe computers stored in offices where the main computer was in one room and could only be accessed by MIS (Management Information System) staff. This phase was followed by the use of mainframes and dumb terminals. Going to a separate computer was time-consuming, and the process itself was inefficient. It was resorted to setting up the so-called stupid terminals, which consisted of placing “weaker computers” through which users could enter data into the main computer. At the end of the 1970s, the first personal computers appeared, and at that time, almost every user had a personal computer to work on. With the increase in the number of personal computers, there was a need to introduce a local network (local area networks; client/server computing). Data entered into personal computers was now easily transferable to the main computer, and the term client/server computing was born. Already at the beginning of the 1990s, with the development of the Internet, companies began to use TCP/IP network protocols, and the process itself was significantly accelerated. That phase is labeled enterprise computing. Since the development and application of the Internet, the process itself has proceeded at an incredible speed, and the need for fast transmission, storage, and security of data has arisen. A new phase has emerged: cloud computing and mobile computing. All data is located on the so-called server. Cloud storage can be accessed by everyone.

ERP (Enterprise Resource Planning)

© 2023 by the authors. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license .

software programs that assist companies in managing their resources and operations. The ability of organizations to automate many of their activities is one of the major advantages of ERP systems. These systems try to integrate all the functions of the different departments of society into one computer system that can be used by all departments. The software can be used to perform a variety of tasks, including supply chain management, configuration, pricing, financial data accuracy, employee life cycle, business needs assessment, payroll and human resource management, accounting, standardization of critical business procedures, streamlining, and better project planning.

ERP systems are made to give managers a thorough understanding of business operations so they can make wise decisions. They offer real-time information on a variety of business variables, including inventory levels, sales results, and manufacturing schedules. This information can be utilized to streamline operations, cut costs, and boost productivity. The ability of managers to make better, quicker decisions is considerably improved by this knowledge. ERP systems also offer a central database that all staff members can access. Because of this, collaboration and communication within the company can be enhanced as everyone has access to the same information.

Due to the great expansion of the development of information technologies, there was also a sudden development of the ERP system. ERP systems were primarily intended for the integration of business processes in the company. With the help of the ERP system, information from numerous market sources is integrated with corporate data and the specifications of the suppliers themselves. It remains an open question whether the application of information technologies causes the centralization or decentralization of decision-making in the organization. The application of modern information technologies reduces the costs of communicating information and improves and speeds up the quality and speed of information processing, as well as management decision-making, which leads to more centralized management. On the other hand, their application reduces the costs of the agency through the improvement of monitoring capabilities, which leads to the decentralization of decision-making. Be that as it may, the application of information technologies, primarily software, has had the effect of disrupting or improving the work of companies in the search engine industry.

Despite these difficulties, many companies have discovered that investing in an ERP system has been worthwhile. ERP systems have helped firms increase their bottom line and stay competitive in today’s fast-paced business environment by streamlining their processes and offering real-time data.

Enterprise Resource Planning Systems - Enterprise resource planning systems

The background of the systems itself has a common database with which it functions and through which all data can be updated. By updating and controlling data through a single database, it is easier and faster to implement planning, management, and the use of all company resources.

The main goals of ERP systems are to enable the smooth flow of information through them. This means that changes in one area are immediately reflected in all other relevant functional areas. Regardless of the difficulty of implementing ERP systems, most companies have successfully implemented and introduced them. The purpose of ERP systems was initially to facilitate business processes, later to evaluate the same, and today they include administrative, sales, marketing, and human resources.

Advantages and disadvantages of ERP systems

A key advantage of ERP systems is enhanced productivity. Organizations can automate jobs, cut down on duplication, and streamline their operations by connecting different business processes. Cost reductions and increased productivity may result from this. Additionally, ERP systems improve the visibility of business operations, enabling firms to base choices on current data.

The main advantages of the ERP system are:

• •    organizational flexibility and agility

• •    decision support

• •    quality and efficiency

The quality of production, distribution, and customer service can all be significantly improved by integrating and optimizing an organization’s business processes with ERP systems.

Disadvantages of the ERP System:

• •    The best practices created by the ERP vendor are frequently used to pre-define business processes in ERP software.

• •    Implementing an ERP might give you the chance to revamp obsolete, inefficient, or inefficient

processes, or even improve them. Even though vendor best practices are, by definition, suitable for the majority of enterprises, they might not be the “best.”

• •    The failure or improper operation of key corporate processes and information systems resulted in significant losses in revenue, profit, and market share.

• •    Orders and shipments are often lost, inventory changes are not properly recorded...

In order for the preparation for the new ERP system to be successful, planning and timely planning, as well as the development and training of personnel, are necessary.

The main causes of ERP implementation failure include:

• •    Lack of training and unpreparedness of workers for the new work requirements required by the ERP system

• •    Desire to implement ERP systems as soon as possible

• •    Employee participation in the planning and development stages of change management processes is delayed...

ERP implementation strategy in 8 steps :

• 1.    Define the requirements

• 2.    Check the specifications to see if your company can meet them

• 3.    Document user procedures

• 4.    ERP installation tactics include a Big Bang, phased, hybrid, and parallel adoption approach

• 5.    Carefully consider adaptation alternatives

• 6.    Choose the right project leader

• 7.    Don’t forget mobile users

• 8.    Provide training with enough time and resources.

ERP systems are effective tools that can boost an organization’s productivity, teamwork, and decision-making. Organizations can streamline their operations and improve visibility into their business operations by integrating diverse business processes into a single platform. Scalability, usability, and support services are critical considerations when selecting an ERP system.

ERP II Systems

ERP II (ERP/2) systems are new concept systems that provide the latest extensions to ERP systems (Classe, 2001). The first version of the ERP system did not cover sales and marketing, did not include the ability to manage relationships with clients, so these were clearly missing and incomplete. Nowadays, it is unthinkable to use any system without exchanging data via the Internet, and the original systems did not provide user support on the Web. ERP systems currently incorporate administrative, sales, marketing, and human resource functions as a result of their evolution over time. The Web may now be used by businesses to link all components of the value chain, including inventory and manufacturing, with their clients, suppliers, distributors, and other key players.

Differences between ERP and ERP II

ERP	ERP II
It is developed in 1990s.	It is developed in 2000s.
ERP was concerned with optimizing an enterprise-Internal Optimization.	These systems are about optimizing the supply chain through collaboration with trading partners.
Focuses on manufacturing and distribution.	Focuses on all sectors and segments of business.
It’s process is internal and hidden.	It’s process is externally connected.
Data is internally generated and consumed.	Data is internally and externally published and subscribed.
It is web-aware, closed and monolithic.	It is web-based, open and componentized.

Source:

Major ERP trends

Mobile ERP - employees and managers have direct access to information regardless of where they are. Any company involved in an ERP evaluation and planning to implement a mobile ERP must consider the role of mobile applications in its overall business solution (Hossein, 2004).

ERP in the cloud is a newer type of service, i.e. upgrade, implementation of the old ERP solution on the selected cloud platform. By using the cloud, companies are relieved of the costs and complexity of physical infrastructure. This becomes important for small and medium-sized enterprises with a limited budget. “Software as a service uses a cloud, which provides the computing power to run the solution but is not a cloud itself” (Lenart, 2011).

ERP in the cloud offers specific services according to the needs of the company and provides numerous benefits. Some of the leading public cloud platforms: Microsoft Azure, Amazon Web Services, and Google Cloud.

Advantages of using ERP in the cloud:

• •    Lower cost of ownership – costs of owning physical and software components are reduced due to the use of cloud services. There is no need to invest in IT resources to maintain infrastructure and hardware.

• •    Better availability of the solution - the existence of the ERP system on the cloud enables constant support and correctness of the system because a special service takes care of its use.

• •    Solid integration – great service around the integration of ERP solutions and offers of various business applications.

• •    Personalized cloud model - the possibility of choosing between a public or private cloud model gives you the opportunity to choose the optimal solution for the company and adapt it to your requirements by choosing a personalized cloud model.

• •    Agility and scalability at the level of application and exploitation of IT resources...

Steps to the introduction and use of ERP in the cloud:

• 1.    Analysis of software requirements and business processes

• 2.    Installation of selected ERP software

• 3.    Setting up cloud hosting and managing services that support ERP

• 4.    Use of ERP services with expert support

Utilizing an ERP system that is cloud-based has three key benefits:

• •    The system can be accessed from any location that offers Internet connectivity.

• •    Organizations employing cloud-based ERP are able to avoid the hardware and software implementation costs that are typical of on-premises solutions.

• •    Because cloud-based ERP solutions are scalable, it is possible to add new ERP modules and expand ERP functionality to include new business partners (such as suppliers) and business processes.

The company must carefully consider the disadvantages of using cloud-based ERP systems as well. The following are the top three disadvantages of using a cloud-based ERP system:

• •    It’s unclear whether cloud-based ERP solutions are safer than systems installed on-site.

• •    Organizations that use ERP systems hosted in the cloud give up control of an important IT asset.

• •    The third disadvantage is a direct result of the inability to manage IT resources.

Social ERP - deals with social media and its importance. With the development of various social media services, primarily Facebook, Twitter, and LinkedIn, communication, marketing, and data exchange are a much faster, more efficient, and more entertaining level. Social media is gaining momentum in the implementation of the ERP system itself. Using an existing ERP system, social ERP capabilities can help employees and partners collaborate and communicate. People may be rapidly and easily connected, enabling them to work together to proactively address business challenges.

Six basic benefits of social functionality research for ERP systems social-erp-the-next-step-in-collaboration-and-customer-engagement/):

• 1.    Facilitates cooperation and communication in the company

• 2.    Monitor conversations, projects and processes

• 3.    Improves business processes

• 4.    Document business processes to support lean initiatives

• 5.    Increases customer engagement

• 6.    Builds and maintains your knowledge base

Two-tier ERP - an organized way to run essentially two different ERP systems at the same time: ERP for the corporate level, while the other is at the subsidiary level.

The challenges of legal protection of personal data

The protection of natural persons in relation to data processing is provided for both by international documents (Article 8, paragraph 1, of the Charter of Fundamental Rights of the European Union) and by domestic regulations (Article 42 of the Constitution of the Republic of Serbia). Globalization in the field of the digital economy also required that the issue of personal data protection be regulated in a uniform manner in a wider area, and accordingly, the European Parliament and the EU Council adopted the General Data Protection Regulation. On the international level, the International Convention of the Council of Europe on the Protection of Persons in Relation to the Automatic Processing of Personal Data was adopted (2005), and ratified by the Republic of Serbia (2006). In accordance with the obligation to harmonize domestic legislation with EU regulations, the Republic of Serbia has adopted a series of regulations that adequately provide protection to natural persons in relation to data processing, namely: the Personal Data Protection Strategy, Personal Data Protection Act. As part of the obligation to create an institutional apparatus in the Republic of Serbia, the institution of the Commissioner for Information of Public Importance and Protection of Personal Data was introduced.

The process of data collection and the creation of a database requires compliance with certain principles that are stipulated in both international documents and domestic regulations (Personal Data Protection Strategy, Article 5 of the Personal Data Protection Act). These are: (1) The principle of legality, which provides for the observance of certain rules concerning the existence of the written consent of the person whose data is collected and the authority to collect the data; (2) The principle of limitation of purpose, which stipulates the obligation to specify the purpose for which the data is collected before the start of data collection, which cannot be changed or expanded later; (3) The principle of proportionality stipulates that data that are needed for the purpose for which they are collected, and not data that have nothing to do with the purpose for which the data is collected; (4) The principle of transparency of processing, which stipulates that the person about whom the data is collected is informed about the actions of data processing and about the purpose for which the data is collected; (5) The principle of accuracy of the data collected; (6) The principle of time limitation in which data is processed and stored, which in the case of companies and employees would be the period during which they are employed, and after the termination of the employment relationship there is no legal basis for storing and processing data and there is an obligation to delete data; (7) The principle of non-discrimination, which foresees the obligation to respect the right to data protection for everyone, regardless of race, gender, or religion (Krivokapić et al., 2016).

Violation of the rules prescribed by law on the collection, processing, and storage of personal data entails misdemeanors, and in some cases, criminal liability. The Personal Data Protection Act provides for misdemeanor liability and fines for legal entities and responsible persons in cases of violation of the Personal Data Protection Act. The criminal law provides for criminal liability in cases of unauthorized collection of data (Article 146), unauthorized deletion and alteration of data (Article 298), and entry of incorrect data (Article 301). “Along with the development of technology, one of the characteristics of modern society is the appearance of criminal acts precisely by using the same technology to commit criminal acts” (Stošić and Janković, 2022, p. 84).

Conflict of interests

We have no known conflictof interest to disclose