Auditing Downloads from Interactive Reports

Since the Data Protection Act (DPA) came into force auditing of the viewing and downloading of personnal information has become an issue. The DPA allows for the use of personal information so long as there is a valid buisiness reason and that appropriate measures are taken to protect that information. Auditing downloads is one way for an organisation to monitor who has taken information off-line and therefore out of their control. These are the basic steps:

1. Create an audit log table:

ID (NUMBER)
APP_USER (VARCHAR2(60))
DOWNLOAD_DATE (DATE)
QUERY (VARCHAR2(4000))


2. Create an Hidden and Protected item :P1_IR_REPORT_ID

3. Install the apex_ir_query package by Stew Styker at

http://stewstools.wordpress.com/apex_ir_query-package/

4. Create a Page Process

Process point - Onload Before Header
Condition Type - Request is Contained within Expression 1
Expression 1 - CSV,RTF,XLS,PDF
Source:

INSERT INTO DOANLOAD_AUDIT
(APP_USER
,DOWNLOAD_DATE
,QUERY)
VALUES
(:APP_USER
,SYSDATE
,apex_ir_query.ir_query_where(:APP_ID,<IR report page>,:SESSION,:P1_IR_REPORT_ID))


Comments

Anonymous said…
How can I get ??
shunt said…
How can you get what?