v1.1.0 — Phase 4: Audit Trails & Breach Management
What's new in v1.1.0
Audit Log
Every data-changing action in the Admin Portal is now recorded in an immutable audit log.
- Role-filtered views (compliance officers see all events; lower roles see their own)
- Filter by date range, table, event type, and actor
- Expandable before/after state for each event
- 12 tables covered including members, roles, dispensing events, compliance records
Breach Incident Management
New Breach Incidents module for managing GDPR data breaches:
- Dual-clock tracking: T+8h internal alert and T+72h authority notification deadline
- Status workflow: discovered → assessing → notified_authority → notified_individuals → closed
- Automatic escalation alerts as deadlines approach
- Structured evidence capture for regulatory submissions
DSAR Management
Initial DSAR module for handling Data Subject Access Requests:
- Register access, erasure, portability, and restriction requests
- Automatic 30-day response deadline
- Status workflow: pending → in_progress → completed / rejected
- Members with open DSARs excluded from retention archival
Compliance Dashboard (9 panels)
The Compliance Dashboard now shows 9 real-time panels covering all major compliance areas, plus a green/yellow/red overall status indicator.
Fixes
- Fixed an issue where the 500-member cap check was not enforced for concurrent registrations
- Improved error messaging on role change approval failures