February 1, 2018

GDPR-Specific Features

LogSentinel helps you comply with some of the requirements of GDPR, namely:

  • It helps demonstrate that personal data has been accessed only by authorized personnel and hasn’t been tampered with which satisfies the integrity and confidentiality requirements of GDPR
  • It allows storing of consent and request by data subjects in a secure way. It may not be enough to simply store a boolean column in the database – the date and time of the consent, the user’s IP address and other metadata may be needed. Additionally, as LogSentinel signs entries with a trusted timestamp, they have additional legal strength according to the eIDAS regulation. The /api/log-gdpr API endpoints provide a way to log GDPR-specific events
  • It provides a GDPR register in accordance with Article 30 for both controllers and processors and allows linking audit log entries with particular processes in the register. The register contains all the required fields and is much better than a spreadsheet in terms of usability and availability
  • You can enable limited auditor access to the audit trail in case there’s a GDPR-related inspection by the relevant authority

You can find out more in the documentation