For all secured data, there will be two-level of access - masked and plain data. At first, based on the user's role, the requesting user will get masked values only. Only if the user explicitly requests for plain value will he/she get access to the plain value. The intention to get the plain values will be passed as part of the Request Header. All the plain accesses by a user will be logged. The Audit Log will contain the following details: requesting user's id, timestamp, data access policy used during decryption, the purpose for the decryption request, and the list of user ids whose data was decrypted. Based on these audit logs, any user can trace back who has accessed his/her data.