Personal use

Subscribers of BlueSafe service, iether single or family, profit of a simple archiving service

The subscriber (and its member) can access the content of their own events in a read only access mode. Each member can sort his/her events with various criteria.

Only the subscriber can delete the events.  The subscriber can browse all events and ask the members to mark which event can be deleted before to securely delete the events.

BlueSafe service

Record Management

BlueChatCal offers to companies a legal archiving as a Record Management compliant with ISO 15489 and Moreq2 standards and GDPR, HIPAA, CCPA regulations and most legal privacy frameworks. View GDPR compliance

Read only access

Only participants in an event and duly authorized persons have access in a read only mode to an event and it’s content.

Companies duly authorized persons are defined in the file plan and access either the metadata or the content.

• Audit service, authorized security officers
• Legal department authorized persons
• Operational managers authroized

File Plan and retention duration

Company legal department can define a file plan for each kind of events:

• Description of the kinds of events, chain of events (Business processes and projects) identified to be records
• The classification of the records into range of categories
• Authorized persons to access records (metadata and content) as per classification
• Description of the retention schedule:
  • cut-off dates (validation, control, inspection…)
  • duration
  • business rules for retention and deletion

Delete process preserving control and integrity

Individual cannot delete a record (event).

An event belonging to a chain of events cannot be deleted unless the entire chain to be deleted, consequently a business process or a project keeps its integrity

The delete is made with a safe process when the duration cut off date is reached. The process involves the legal department, the operational manager, the event owner to agree on the deletion.

Audit

Only duly authorized persons can have access to records as defined in the file plan.

• Inspectorate
• Audit
• Legal requirments
• Security department

Advanced access rights

Depending on the audit, the authorized person benefit from different access rights:

• Read only, can read the event and its entire content, except the individual vote, rate or like
• Read only “extended”: same as read only including the individual vote, rate and like
• Browse: can read the meta data of an event, but not its content. Nevertheless the browse right permit to detect in the participant list and event content the presence of a word or a chain of word (boolean query)

Advanced search

Audit benefits from an advanced search combining

• Keyword (event metadata)
• Range of dates
• Participants and role
• Free text search in metadata and content

Freeze records

Upon legal injunction or suspicion the Legal department can freeze the records: a subset of selected records.

This selection can be reduced or extended and divided into subset.

All access attempts (read or delete) to freeze records are kept in a special audit trail to catch red hands. Of course these demands are not successful.

Under its control, the legal department can give access to subset of frozen records to external investigators (police, regulation forensic authorities…)