Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Logs and data protection in europe

  • 27-07-2012 08:14PM
    #1
    ladybirdirl
    Registered Users, Registered Users 2 Posts: 1,165 ✭✭✭


    Evening all,

    Starting this thread here, mods please feel free to move if necessary.


    Question for security people

    Working with a well known SIEM for network security monitoring.
    Logs and events stored for 6 months in some cases.

    Is there any breach of eu/Irish data protection or privacy in the storage does anyone know?

    No PII but you could identify a user's activity within the system & so it could be used in the event of an internal investigation.


    Thanks all


Comments

  • #2
    gizmo555
    Closed Accounts Posts: 2,878 ✭✭✭gizmo555


    The general principle is that you must not retain personal data for longer than is necessary to fulfil the original purpose(s) for which it was collected.

    In addition to this, you may retain personal data for longer if you are under a legal obligation to do so. For example, an employer is legally required to retain records of staff working time and leave for three years.

    As you allude to, personal data need not necessarily directly identify the data subject - if the subject can be identified from the data in conjunction with other information that is in or likely to come into your posession, that's also covered by data protection law.


Advertisement