What can we use logs for?
Latest updates - 04 November 2025
04 November 2025 - We have updated this section of the guidance to reflect amendments from the Data (Use and Access) Act.
The DPA 2018 explains the limitations to what you can use logs for. You must only use logging information:
- to verify the lawfulness of processing;
- to assist with self-monitoring, including internal disciplinary proceedings;
- to ensure the integrity and security of personal information; or
- for the purposes of criminal proceedings.
You could use these logs to help you identify violations of your acceptable use policy or investigate any inappropriate access to, or disclosure of, information, or both.
Example
An organisation suspects a member of staff has inappropriately accessed and consulted a case management system to search for historic files to check on a friend. This action contravenes the acceptable use policy in place for that law enforcement system.
As part of the internal investigation, the organisation uses the logging records. These show:
- the identity of who accessed the system; and
- the date and time it was accessed.
The logging records also show:
- what was available to the staff member at the time of access; and
- what processing activities they carried out
If they find that the logging records prove the staff member has misused the case management system and other systems, it may lead to disciplinary action or criminal proceedings.
Logs help with demonstrating accountability. They can help you to:
- monitor and audit your systems; and
- provide a record of who you have shared information with, so you can inform those people about any changes to the information, if you need to.