Expand all | Collapse all

GDPR & IDMS : how to implement

  • 1.  GDPR & IDMS : how to implement

    Posted 01-18-2018 10:33 AM

    We got the question how to easily and cheaply implement GDPR into our IDMS applications.  We're considering activating "journal retrieval" to log all read activity into our journals, but we're a bit unsure about the impact on 1) overall performance and 2) the extra journal activity. Is there anyone who has experience with this , or can give an indication of what impact we can expect on the journalling activity/archiving ?  Thanks for your feedback.

  • 2.  Re: GDPR & IDMS : how to implement

    Posted 01-18-2018 11:31 AM

    Be aware that JOURNAL RETRIEVAL does not journal all read activity. All it does is forces all runs units to write BGIN and ENDJ checkpoints to the journal, including those that perform no updates. With NOJOURNAL RETREIVAL, run units that do no updates don't get BGIN/ENDJ checkpoints written.


    So I don't think this will give you what you are looking for. 

  • 3.  Re: GDPR & IDMS : how to implement

    Posted 01-18-2018 03:28 PM

    Hello there;


    There are a number of different areas that can be addressed with and in our IM solutions for GDPR.  Is there a specific area of concern?  The most common include, but are not limited to:



    •   Who has access to what users?


    •   Who has access to do what to what users?


    •   Who has access to do what to what systems?


    •   Who can read or access information on what users?


    •   What can the users do?


    •   What logs are readable and by who?


    •   Who is part of the notification chain if you have email configured?


    •   Who can access what part or the solution and from where?


    •   … each requires slightly different things to turn on or report on.


    There are a bunch of more, but depends on which of the requirements you are looking to address.






    All the best;


    Denny Prvu


    Sr. Public Sector Cyber Security Advisor

    CA Technologies<>