Sensitive Data Access Audit
You can audit the viewing of sensitive data in the HCM Responsive pages. You can use this information for compliance and monitoring of access to sensitive data from your browser.
Read access to the following sensitive attributes can be audited:
-
National Identifier Number
-
Passport Number
-
Driver License Number
-
Personal Home Address
-
Personal Email Address
-
Personal Telephone Number
-
Other Communication Account
-
Citizenship Number
-
Visa Number, Work Permit, and Residency Number
The Sensitive Data Access Audit page is secured using a function security privilege with a privilege code of PER_VIEW_SENSITIVE_DATA_ACCESS_AUDIT_PRIV. It's granted to the predefined IT Auditor role. If you want to allow any custom job or abstract roles to access this page, you should grant this function security privilege to the custom roles.
|
Function Security Privilege |
Predefined Role |
|---|---|
|
PER_VIEW_SENSITIVE_DATA_ACCESS_AUDIT_PRIV |
IT Auditor |
Enable Sensitive Data Access Audit
To enable auditing of sensitive data access, you need to set the Mobile-Responsive Sensitive Data View Audit Enabled (ORA_HCM_SENSITIVE_DATA_VIEW_AUDIT_ENABLED) profile option to Y.
-
Go to the Setup and Maintenance work area.
-
Search for and click the Manage Administrator Profile Values task.
-
Search for the ORA_HCM_SENSITIVE_DATA_VIEW_AUDIT_ENABLED profile option code and select it from the search results.
-
Below, set the Profile Level to site and the Profile Value to Y.
-
Click Save and Close.
The sensitive data access audit information for a user session is available after the user has signed out of Oracle HCM Cloud, or their session has timed out, or they have performed more than 20 clicks.