Audit & compliance

Overview

Every read and write that matters is captured in an immutable audit log with actor, target, before/after values, IP and device. Exports are signed and ready for regulators.

Why it matters

Audits used to mean weeks of pulling logs from five systems. Onzira's unified log cuts that to hours and makes proving compliance — DPDP, GDPR, HIPAA, ISO 27001 — a checkbox exercise.

Capabilities

Every capability is included in the box — no add-ons, no surprise upgrades.

• Immutable event log
• Per-record change history
• Compliance exports (CSV, PDF, JSON)
• Long-term archival (7+ years)
• Tamper-evident hashing
• Break-glass access tracking
• PHI access reporting
• Configurable retention policies

How teams use it

A typical day-in-the-life workflow our customers run on this module.

• Auditor requests access log for patient X
• Admin exports signed PDF in one click
• Quarterly access review uses built-in dashboard
• Long-term archive runs automatically

Integrations

Connect with the tools your clinic already uses.

• SIEM (Splunk, Datadog) export
• S3 / cold storage archival
• Compliance dashboards

Security & compliance

Enterprise-grade controls on by default.

• Hash-chained event log
• Per-export digital signature
• Retention policies enforced at storage

Outcomes

What customers typically see within the first 90 days.

• Audit cycles cut from weeks to hours
• Regulator-ready exports
• Trust with enterprise customers
• Faster ISO / SOC 2 certification