Existing access control mechanisms are not sufficient for data protection. They are only preventive and cannot guarantee that data is accessed for the intended purpose. This paper proposes a novel approach for multi-perspective conformance checking which considers the control-flow, data and privacy perspectives of a business process simultaneously to find the context in which data is processed. In addition to detecting deviations in each perspective, the approach is able to detect hidden deviations where non-conformity relates to either a combination of two or all three aspects of a business process. The approach has been implemented in the open source ProM framework and was evaluated through controlled experiments using synthetic logs of a simulated real-life process.