[Koha-bugs] [Bug 21189] New: GDPR: Log all CRUD actions on patron data

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21189

            Bug ID: 21189
           Summary: GDPR: Log all CRUD actions on patron data
 Change sponsored?: ---
           Product: Koha
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5 - low
         Component: Patrons
          Assignee: koha-bugs at lists.koha-community.org
          Reporter: vfernandes at keep.pt
        QA Contact: testopia at bugs.koha-community.org
                CC: gmcharlt at gmail.com, kyle.m.hall at gmail.com

Under the auspices of the recently issued European legislation regarding data
privacy (GDPR), the Portuguese government has issued a series of mandatory
requirements, as well as general recommendations, for software applications
that are implemented under the umbrella of public bodies (RCM 41/2018).

Since Koha is mostly used by municipalities and universities in Portugal, some
of these mandatory requirements need to be address by Koha implementers in
Portugal.

We believe that this requirement is also useful for the community at large.
Here’s a description of the requirement.

*** Requirement description ***

Every operation that has to do with creating, updating, deleting and changing
permissions of user personal data should be logged.

One should know who, when, on who and from the operation has been performed.

*** Scope ***

Applies in all cases.

-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.