Invented by Kabir A. Barday, Mihir S. Karanjkar, Steven W. Finch, Ken A. Browne, Nathan W. Heard, Aakash H. Patel, Jason L. Sabourin, Richard L. Daniel, Dylan D. Patton-Kuhl, Kevin Jones, Jonathan Blake Brannon, OneTrust LLC
The OneTrust LLC invention works as followsIn various embodiments, the system can be configured to determine, in a substantially automatic manner, whether or not to take action in response to one of more identified risk triggers. (For example, data breaches, regulatory changes, etc.). The system can, for instance: 1) compare the potential trigger with one or several previous triggers experienced by a particular entity in the past; 2) identify a comparable previous trigger (e.g. one or two previous triggers related to similar changes in regulation, breaches of data, types of issues identified, etc.). The system can, for example: (1) compare the potential risk trigger to one or several previous risks triggers experienced by the particular entity at a previous time; (2) identify a similar previous risk trigger (e.g., one or two previous risk triggers related to a similar change in regulation or breach of data or type of issue identified).
Background for Data processing systems for identifying and assessing data processing risks, as well as remediating them using data modeling techniques
Over the last few years, privacy policies and related security operations have gained in importance. Companies and organizations of all sizes are increasingly experiencing breaches in security that lead to unauthorized access to personal data, including sensitive data. Personal data can include but not be limited to personally identifiable information (PII), information that can directly or indirectly identify an individual. PII includes names, addresses and dates of birth. It also includes social security numbers. Other personal information may include the Internet browsing habits of customers, their purchase history or even preferences (e.g. likes and dislikes as provided by social media).
Many organizations who obtain, use and transfer sensitive personal data have started to address privacy and security concerns. Many companies have tried to implement operational processes and policies that are compliant with industry and legal requirements in order to manage personal data. There is a growing need for better systems and methods that manage personal data in compliance with these policies.
As individuals became more aware of the dangers associated with the theft and misuse of their data, they sought out additional tools to manage which entities processed their data. Currently, there is a need for better tools to allow individuals reduce the number of entities who process their personal data. This includes entities with whom the individual does not actively conduct business.
The computer-implemented method for identifying and responding one or multiple potential risks based on data models, according to certain embodiments, includes: (1) identifying potential risk factors; (2) assessing, analyzing and determining the relevance of risk to the entity posed by one of more of these risk factors; (3) identifying, using one of more data modeling techniques, one of more data assets that are associated with the entity and may be affected by this risk; (4) deciding, based in part on one of more identified data assets,
The computer-implemented method of updating risk remediation information of a datamodel, in some embodiments includes: (1) accessing data remediation for an entity to identify the actions that can be taken to mitigate a potential risk in the event that one of more risk triggers are identified; (2) receiving a notification of an update of one of more data assets for the entity; (3) identifying updated potential risk signals for the entity; (4) analyzing and assessing the updated potential risk signals to determine the relevance of risk to the entity;
The following will describe various embodiments in greater detail with reference to the drawings. The invention can take many forms, and is not limited to those described here. These embodiments have been provided to ensure that the disclosure is complete and accurate, and that those in the know are fully informed of the scope and nature of the invention. “Like numbers refer to similar elements throughout.
A data-model generation and populating system according to certain embodiments is configured to create a data-model (e.g. one or more models) that maps a plurality data assets used by a corporation, or another entity (e.g. individual, organization, or the like). In the context of, for instance, one or more business process. In certain embodiments, the plurality data assets (e.g. data systems) can include, for instance, any entity which collects, processes or contains data, and/or that transfers data (e.g. a software program, “internet of Things”). computerized device, database, web site, data-center, server, etc.). A first data asset could be any software or device used by an entity (e.g. servers or other devices) for data collection, processing and transfer.
As shown in FIGS. As shown in FIGS. The data model may store the following information in various embodiments: (1) the organization that owns and/or uses a particular data asset (a primary data asset, which is shown at the center of the data model in FIG. The primary data asset sources the information; (4) one (or more) data subjects or categories of data subject from which the information is collected for the use of the data resource; (5) a particular type of data collected by each application for storage and/or usage by the asset; (6) a particular individual (e.g. particular individuals or types) who is permitted to access or use the stored data; (7) the specific types of data transferred to the destination asset and the particular data transferred. FIGS. As shown in FIGS.
In certain embodiments, the data models stores this information in each of a number of different data assets. It may also include links, such as between a portion of model which provides information on a particular first data asset, and a separate portion of model which provides information on a particular second data asset.
In different embodiments, the system for data model generation and populating may be implemented within any privacy management system configured to ensure compliance with a number of legal and industry standards relating to the collection or storage of private information. In some embodiments, an organization, subgroup, or another entity can initiate a privacy activity or campaign (e.g. processing activity) in the context of its business. In these embodiments, a privacy campaign can include any activity undertaken by an organization, e.g. a project, or any other activity, that involves the collection, entry and/or storing (e.g. in memory) any personal data related to one or more people. A privacy campaign can include, in certain embodiments, any project undertaken by an organisation that involves the use of personal information, or any activity that may have an impact on privacy for one or more people.
In any embodiment described, personal data can include, for instance: (1) a name of a data person (which could be an individual); (2) their address; (3) their telephone number; (4) their e-mail; (5) the social security number of the subject; (6) information relating to one or more credit accounts of the subject (e.g. credit card numbers); (7) banking information of the subject; (8) location data of the subject (e.g. present or previous location); (9) internet searches of the subject; (10) and/ In some embodiments, personal data can include cookies.
The system can generate a data model in various embodiments. For example, it may: (1) identify data assets that are associated with an organization; (2) create a data inventory of each data asset, which includes information like: (a), one or several processing activities associated therewith, (b) data regarding data transfer to/from the data assets and data about which data assets or individuals the data was received from or transferred to (c) data about personal data for each data asset (e.g. particular types of data stored, processed etc. “In particular embodiments, when generating a data model, the system may: (1) identify one or multiple data assets associated with a particular organization; (2) generate a data inventory for each of the one or several data assets. The data inventory includes information such as: (a) one or two processing activities associated with each of the one or many data asset(s); (b) transfer data associated with each one or more data asset(s), including data regarding which data is transferred to/from the data assets and from whom the data was received and/or transferred or transferred or e or individuals or data; (3) (4)
In particular embodiments, one or several techniques to populate the data model can include, for instance: (1) gathering information for the model using one or multiple questionnaires that are associated with a privacy campaign, processing activities, etc. One or more of the intelligent identity scanning techniques described herein can be used to identify and map personal data that is stored in a system to a suitable model, data asset, etc. The data model can be obtained from a third party application or other application using an API.
In certain embodiments, a system is configured for generating and populating a data-model substantially on the fly, e.g. as it receives new data related to particular processing activities. In other embodiments, a data-model is generated and populated based, at least in part, on information already stored in the system (e.g. in one or multiple data assets), using, for example, one or several scanning techniques described in this document.
As can be seen from this disclosure, an organization could undertake different privacy campaigns, activities of processing, etc. This includes the collection and storage personal data. In some embodiments each of the multiple processing activities can collect redundant data, e.g. collect the same data more than once for an individual, and store the data or redundant data at one or several locations (e.g. on one or many different servers, databases, etc.). This allows a specific organization to store personal data at a variety of locations, including known and unknown ones. The system can be configured to generate and populate a model of data assets involved in the collection of personal data and the storage and processing thereof. This data model will facilitate a simple retrieval of the information stored by the organisation. In various embodiments, for example, the system can be configured to use data models to respond substantially automatically to one or multiple data access requests from an individual (e.g. or another organization). In other embodiments, data model generation and populating may enhance the functionality of an organization’s computing system by allowing a more streamlined retrieval from the system. Below, we describe in more detail the various embodiments of a method for creating and populating data models.
The Cross-Border Visualization Generation System can be configured to do the following: “In particular embodiments a Cross-Border Visualization Generation System will identify and analyze one data asset or data systems associated with an entity, and then identify a specific physical location for each data asset.
In various embodiments, a Data Model Adaptive Execution System can be configured to take one of more appropriate actions in light of one or several regulations (e.g. one or multiple legal regulations, binding corporate rules etc.). In order to comply with one or several industry or legal standards relating to the collection or storage of private data (e.g. personal data), a company may be required by law to change one or more aspects in the way it collects, stores and/or processes such data. To determine whether a change or another risk trigger is a problem that needs to be addressed, the system can be configured to evaluate the relevance of the risks posed by a potential risk trigger. It may also identify specific processing activities or data assets which may be affected.
The system can, for example,: 1) identify and/or identify one or more potential triggers of risk; 2) assess and analyze these potential triggers to determine the relevance of risk; (3) use data modeling techniques to identify specific processing activities and/or assets that could be affected by the risks; (4) decide based on the relevance of risk and the affected processes/systems whether to take any actions; and, (5) take an appropriate action as a response to the triggers of risk, if needed.
The risk triggers may include, for example a change in legal or industry standards/regulations related to the collection, storage, and/or processing of personal data, a data breach, or any other suitable risk trigger. To remediate the risks, suitable actions may include, for instance, generating and submitting a report to a privacy officer, or another individual, automatically changing the encryption level of certain data stored by the systems, quarantining specific data, etc.
In various embodiments, the system can be configured to determine, substantially automatically, whether or not to take action in response to one of more identified risk triggers. (e.g. data breaches, regulatory changes, etc.). For example, the system may substantially automatically determine a relevance of a risk posed by (e.g., a risk level) the one or more potential risk triggers based at least in part on one or more previously-determined responses to similar risk triggers. This can include, for instance, one of more previously-determined responses for the entity that identified the current trigger or one or more similar situated entities or any other suitable entity.Click here to view the patent on Google Patents.