Audit & Compliance

Last verified: 13 February 2026 | Applies to: Enterprise

In 30 seconds

Enterprise plans provide audit logs, a compliance API, and data exports for monitoring and governing Claude usage across your organisation. These tools let you track who’s using Claude, what they’re doing, and maintain records for regulatory compliance. One critical gap: Cowork sessions are not captured.

What’s available

Tool	What it does
Audit logs	Timestamped records of user activity — conversations started, features used, connectors accessed
Compliance API	Programmatic access to audit data for integration with your compliance tools (SIEM, GRC)
Data exports	Bulk export of conversation data for archival or analysis

The Cowork gap

Known gap: Cowork audit trail

This is the most important thing on this page: Cowork conversation history is stored locally on users’ machines. It is not captured in Audit Logs, the Compliance API, or Data Exports.

What this means:

• If an employee uses Cowork to process sensitive data, there’s no centralised record
• Compliance teams cannot audit Cowork sessions retroactively
• Chat conversations are fully captured — Cowork sessions are not

Mitigations:

• For auditable work, require staff to use Chat instead of Cowork
• Create a policy requiring users to copy Cowork outputs into tracked systems
• Monitor Cowork usage patterns (you can see that it’s being used, just not the content)
• Consider restricting Cowork access to specific roles via admin controls

Audit log details

Audit logs capture:

• User identity — who performed the action (email, SSO identity)
• Timestamp — when the action occurred
• Action type — conversation started, connector used, plugin activated, file created
• Feature — Chat, Cowork (usage only, not content), Connectors, Code
• Metadata — conversation ID, session duration, model used

Audit logs do not capture:

• Full conversation content (available via Data Exports if enabled)
• Cowork session content
• Files processed locally in Cowork

Compliance API

The Compliance API provides programmatic access to audit data:

• Integrate with your SIEM — pipe Claude audit data into Splunk, Datadog, or your existing security monitoring
• Feed your GRC tools — automated compliance reporting for SOC 2, ISO 27001, and other frameworks
• Custom dashboards — build internal reporting on Claude usage

Contact Anthropic’s enterprise team for API documentation and access.

Data exports

Bulk export conversation data for:

• Archival — retain records per your data retention policy
• Analysis — understand usage patterns across the organisation
• Compliance — provide records to auditors or regulators on request

Exports are available in standard formats. Frequency and format options available through the enterprise dashboard.

Regulatory frameworks

Framework	Claude Enterprise support
SOC 2 Type II	Anthropic maintains certification. Request the report.
GDPR	DPA available. Review sub-processor list and data processing locations.
HIPAA	Contact Anthropic for healthcare-specific guidance. Not standard.
PCI DSS	Not currently certified. Do not process payment card data through Claude.
ISO 27001	Check with Anthropic for current certification status.

Related

• Security & Compliance — data handling overview
• Admin Setup — deployment configuration
• Security & Privacy — general data flow overview
• Cowork — understanding the audit gap

---

Something wrong or outdated? Let us know →

Get weekly workflows — subscribe to the newsletter.