Hello to all,
I am looking for the best solution to answer the following needs:
A new Swiss law will come into force in September 2023. It will oblige information systems to be able to report that a user has accessed the data.
The objective is to set up a SIEM (Security Information and Event Management Solution).
Thus, a solution is needed that allows to:
Logging of at least the following personal data operations (Art. 3, para. 2):
The logbook must provide information on (Art. 3, para. 3)
- the nature of the processing
- the identity of the person who carried out the processing
- the identity of the recipient
- the time at which the processing took place
Also, logs must be kept for 1 year separately from the system in which the personal data are processed.
So I wanted to know if there is already an existing solution in Alfresco (on an Alfresco 4.2 Community version) or if it was necessary to develop a custom solution? And if a custom solution needs to be developed, what would be the best solution to meet the needs and limit the impact on the application's operation?
For information: The two laws are: New Federal Law on Data Protection (nLPD) and new Ordinance on the Federal Law on Data Protection (nOLPD)
PS: This is my first topic created here. I hope I'm not in the wrong forum but if I am, I'm sorry for that