Auditing, privacy, and compliance

Databricks has features that allow you to audit and monitor detailed usage patterns. Not all audit and monitoring features are available on all pricing tiers. The following table contains an overview of the features and how they align to pricing plans.

Feature

Pricing tier

Audit logs

Premium

GDPR and CCPA compliance with Delta Lake

Standard

Compliance security profile

Enterprise

HIPAA compliance features

Enterprise

PCI-DSS compliance controls

Enterprise

FedRAMP Moderate compliance controls

Enterprise

Infosec Registered Assessors Program (IRAP) compliance controls

Enterprise

Enhanced security monitoring

Enterprise

Audit log schemas for security monitoring

Enterprise

Audit logs

Databricks provides access to audit logs of activities performed by Databricks users, allowing you to monitor detailed usage patterns. You can configure two types of audit and usage logging:

Privacy and compliance

Databricks has put in place controls to meet the unique compliance needs of highly regulated industries.

To learn how you can use Delta Lake on Databricks to manage General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) compliance for your data lake, see GDPR and CCPA compliance with Delta Lake

For more information about privacy and compliance and Databricks, see the Databricks Security and Trust Center.

The compliance security profile

You must enable the compliance security profile to use Databricks to process data that is regulated under the following compliance standards:

You can enable the compliance security profile on all existing and future workspaces in your Databricks account or on specific workspaces. See Enable the compliance security profile.

You are solely responsible for ensuring your own compliance with all applicable laws and regulations.

Monitoring

Enhanced security monitoring provides an enhanced hardened disk image and additional security monitoring agents that generate logs that you can review. See Enhanced security monitoring.

Enhanced security monitoring and the compliance security profile both enable several additional monitoring agents. The output for these monitoring agents is available within Databricks audit logs. For more information, see Additional security monitoring events.