GDPR Compliance For a Large Government Agency
A large government agency runs an e-government middleware that allows many organizations inside and outside of government to request personal data from government registers based on a valid legal reason.
While that is extremely useful for the provision of e-services, it also bears privacy risk. There must be an audit trail that cannot be modified even by internal privileged users.
SentinelTrails is integrated with the messaging middleware to store unmodifiable history of all accesses to personal data.
The visibility and immutability provided by audit trail allow the agency to be confident that it’s GDPR-compliant and no data is accessed without leaving a trace
Full audit trail of all accesses to personal data by all connected systems to meet GDPR record-keeping requirements
The Data protection officer has full visibility on the patterns of access to personal data through the system
The Data protection officer can define rules and use machine learning to detect anomalies in the access patterns