The Role of a Well Defined Auditing Process in the Enforcement of Privacy Policy and Data Security

Financial people have advocated, and even demanded an auditing process within computers so that trails could be analyzed. Both security and privacy, likewise, can make great use of the same type of logging activity. This paper considers several issues with respect to such activity; but perhaps the most fundamental idea is that a single, unified, well-designed logging process has a wide variety of possible uses, and these ought all to be given weight during the design phase. Audit trails form a significant part of the detective mechanisms for data security, and they are essential in the case of computer records dealing with human subjects when privacy is at stake.