Audit & Compliance
Compliance built directly into the HR process
Append-only audit log with SHA-256 hash chain, role-based access and traceable change logs. Built for companies with high requirements for documentation and traceability.
Hash chain
Changes become traceable
Every audit entry contains the SHA-256 hash of the previous entry. This way the integrity of the audit chain can be verified. Append-only at the database level supports a traceable record of changes.
- SHA-256 hash of the previous entry in every row
- Append-only at the database level
- Verification endpoint for the audit role
Logging
What is logged
Who? When? What? Why? — four questions every audit entry answers.
Who?
User ID and IP address of the person triggering the action.
When?
Server timestamp in UTC.
What?
Before/after state of the affected data row, fully reconstructable.
Why?
Justification as a mandatory field on every manual intervention.
Privacy
Pseudonymisation for legitimate retention
When personal data is no longer needed in clear text, identifying fields can be pseudonymised. Booking-relevant data can be retained where legal retention obligations or legitimate evidentiary purposes apply.
- Personal fields can be pseudonymised
- Booking-relevant data can be retained for evidentiary purposes
- Changes are documented with timestamp, triggering person and scope
Compliance
Compliance foundations
Privacy features
Pseudonymisation of personal fields based on a defined rule set.
Append-only
Audit log without update rights, only new entries possible.
SHA-256
Hash chain for integrity verification across audit entries.
Hosting in Germany
Application and database on Hetzner servers in Nuremberg and Falkenstein.
Audit architecture
Three technical building blocks
- SHA-256
- Hash algorithm of the audit chain
- 100 %
- Append-only — no retroactive modification of existing entries
- 16
- German states with holiday logic
Demo
Show us your compliance requirements
We'll show you how lumen.hr supports audit logs, role-based access and traceable change logs. An audit-focused demo is available on request.