Having the ability to audit user activity and potentially suspicious activity is of paramount importance. That’s why we ensured that the view audit feature was made available in Workday a full year before the GDPR deadline.
There are three main requirements for this feature. The first is to give administrators and their auditors fast access to user activity within the Workday system. Next was the monitoring piece, ensuring businesses could be alerted to potential threats across their entire Workday platform and in real-time. Finally, from a privacy perspective, having the ability to see who viewed exactly what data and when is the cornerstone of good GDPR practice.
Nothing happens in Workday without the system capturing it and making the audit trail easily accessible to those who need it via a standard report. Businesses can use a REST API to move information into a data inventory system or to leverage all of this information and utilize it in their downstream systems.
As May 25 approaches, businesses should use this opportunity to think not only about how they reach GDPR compliance, but how their current technologies and processes could be transformed through more efficient data handling and processing. GDPR will not be the last global privacy directive, and by taking the right technology steps, organizations can prepare themselves for change.