Back to Compliance and Audit

Growth · Part of Compliance and Audit

PII access log + purpose annotation

Available

Every read of PII (national ID, home address, emergency contact, etc.) logged with the actor, target employee, and timestamp. Optional tenant toggle: require the actor to state a business purpose at read time and capture that purpose alongside the read.

PII access log — every read of national ID, home address, emergency contact, etc. logged with the actor, target employee, timestamp, and (when purpose annotation is enabled) the stated business reason. Same filters as the unified audit log, scoped to PII actions.
PII access log — every read of national ID, home address, emergency contact, etc. logged with the actor, target employee, timestamp, and (when purpose annotation is enabled) the stated business reason. Same filters as the unified audit log, scoped to PII actions.

For the operator

Use this when something feels off — a complaint, an investigation, a discovery request. Filter to the suspect actor + a date range and read the access pattern. If purpose annotation is on, you see WHY each access happened, not just THAT it happened. The /report subpage is your go-to for periodic per-employee PII review: pick the employee, hand them a list of who touched their record.

Business impact

Maps directly to PIPEDA / GDPR / CCPA "right to know who accessed my data" provisions. For enterprise customers in healthcare or financial services, this is non-negotiable infrastructure — purpose annotation is the toggle that turns FrontLine into a defensible record system in front of a regulator.

Previous

Unified audit log viewer + export

Next

Failed + denied access log

Request Early Access
PII access log + purpose annotation — Compliance and Audit — FrontLine Atlas | FrontLine