GDPR logging – General Data Protection Regulation
Since May 25, 2018, you as an organization must comply with the GDPR legislation, or General Data Protection Regulation as the law is called in Dutch. Data logging is an important factor that can contribute to regulatory compliance. Puur Data supplies a standard GDPR logging solution that we can quickly implement for you. The data you need to log can consist of hundreds of millions of log lines produced by a multitude of applications. Our solution makes it possible to store these centrally and make them easily searchable. The solution checks whether all log lines have been read and, using Machine Learning algorithms, anomalous data patterns can be recognized that, for example, could indicate a data leak. In the latter case, you will be automatically notified, allowing you to intervene quickly.
GDPR logging demo
To show how this could work for you, we have created a demo. For the demo we use a fictitious application with the personal data of 3,000 customers*. There are seven employees who have access to the data. It is logged who carries out which action and from which person the data is requested. The actions can be: Addition, Download, Print, Update and View. The data has been logged since the beginning of 2017 and approximately 127,000 actions are logged every month. Our web front end makes it easy to find out what happened at what time.
* We used an open source database from the city of Chicago for this.
GDPR logging solution presentation
During the Elasticsearch Event that Puur Data organized together with Elastic at the NMM, Puur Data gave a presentation about a ready-made solution for logging with regard to GDPR and NEN 7513. Click on the video to watch the presentation.