Data processing and communications systems and methods for the efficient implementation of privacy by design
First Claim
1. A computer-implemented data processing method for demonstrating compliance with privacy-by-design practices, the method comprising:
- automatically electronically analyzing, by one or more computer processors, computer code to determine one or more privacy-related attributes of the computer code, each of the privacy-related attributes indicating one or more types of personal information that the computer code collects or accesses;
in response to determining that the computer code has a particular one of the one or more privacy-related attributes;
(A) executing, by one or more computer processors, the steps of;
(i) electronically displaying one or more prompts to one or more first individuals requesting that the one or more first individuals input information regarding the particular privacy-related attribute;
(ii) receiving input information from the one or more first individuals regarding the particular privacy-related attribute; and
(iii) communicating the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a first privacy assessment of the computer code;
(B) changing, by one or more computer processors, an indicator associated with the code to indicate that, before the computer code is launched, the particular privacy-related attribute should be reviewed by one or more designated individuals; and
(C) changing, by one or more computer processors, an indicator associated with the computer code to indicate that, before the computer code is launched, the computer code should be modified to not include the particular privacy-related attribute;
receiving, by one or more computer processors, from the one or more second individuals, one or more revisions to the design of the computer code to be implemented before an implementation date of the computer code, the one or more revisions comprising one or more steps that facilitate the compliance of the computer code with one or more privacy standards;
in response to receiving the one or more revisions, automatically initiating, by one or more computer processors, the generation of at least one task that is to be used in managing the design of the computer code, the at least one task comprising one or more tasks that, if completed, would individually or collectively result in the one or more revisions to the design of the computer code;
receiving, by one or more computer processors, a notification that the at least one task has been completed;
at least partially in response to receiving the notification that the task has been completed, generating, by one or more computer processors, a second, updated privacy assessment for the computer code that reflects the fact that the one or more revisions have been completed; and
generating, by one or more computer processors, a report listing the one or more revisions that have been completed.
2 Assignments
0 Petitions
Accused Products
Abstract
Data processing systems and methods for: (1) receiving from a first set of users, respective answers for question/answer pairings regarding a product'"'"'s proposed design; (2) using the question/answer pairings to prepare an initial privacy impact assessment for the product; (3) displaying the plurality of question/answer pairings to a second set of users; (4) receiving recommended steps to be implemented, before the product'"'"'s implementation date, as part of the design of the product to address any privacy-related concerns identified in the initial privacy impact assessment; and (5) after the tasks have been completed, generating a report documenting that: (a) the initial privacy assessment has been conducted for the product; (b) one or more revisions have been made to the product to facilitate the compliance of the product with the one or more privacy standards; and (c) an updated privacy assessment has been conducted for the product.
-
Citations
17 Claims
-
1. A computer-implemented data processing method for demonstrating compliance with privacy-by-design practices, the method comprising:
-
automatically electronically analyzing, by one or more computer processors, computer code to determine one or more privacy-related attributes of the computer code, each of the privacy-related attributes indicating one or more types of personal information that the computer code collects or accesses; in response to determining that the computer code has a particular one of the one or more privacy-related attributes;
(A) executing, by one or more computer processors, the steps of;
(i) electronically displaying one or more prompts to one or more first individuals requesting that the one or more first individuals input information regarding the particular privacy-related attribute;
(ii) receiving input information from the one or more first individuals regarding the particular privacy-related attribute; and
(iii) communicating the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a first privacy assessment of the computer code;
(B) changing, by one or more computer processors, an indicator associated with the code to indicate that, before the computer code is launched, the particular privacy-related attribute should be reviewed by one or more designated individuals; and
(C) changing, by one or more computer processors, an indicator associated with the computer code to indicate that, before the computer code is launched, the computer code should be modified to not include the particular privacy-related attribute;receiving, by one or more computer processors, from the one or more second individuals, one or more revisions to the design of the computer code to be implemented before an implementation date of the computer code, the one or more revisions comprising one or more steps that facilitate the compliance of the computer code with one or more privacy standards; in response to receiving the one or more revisions, automatically initiating, by one or more computer processors, the generation of at least one task that is to be used in managing the design of the computer code, the at least one task comprising one or more tasks that, if completed, would individually or collectively result in the one or more revisions to the design of the computer code; receiving, by one or more computer processors, a notification that the at least one task has been completed; at least partially in response to receiving the notification that the task has been completed, generating, by one or more computer processors, a second, updated privacy assessment for the computer code that reflects the fact that the one or more revisions have been completed; and generating, by one or more computer processors, a report listing the one or more revisions that have been completed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented data processing method for demonstrating the compliance of an organization with privacy-by-design practices, the method comprising:
-
electronically obtaining, by one or more computer processors, computer code based on a location provided by one or more first individuals, of the computer code; automatically electronically analyzing, by one or more computer processors, the computer code to determine one or more privacy-related attributes of the computer code, each of the privacy-related attributes indicating one or more types of personal information that the computer code collects or accesses; in response to determining that the computer code has a particular one of the one or more privacy-related attributes;
(A) executing, by one or more computer processors, the steps of;
(i) receiving input information from the one or more first individuals regarding the particular privacy-related attribute; and
(ii) communicating, by one or more computer processors, the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a first privacy assessment of the computer code; and
(B) changing, by one or more computer processors, an indicator associated with the computer code to indicate that, before the computer code is launched, the particular attribute should be reviewed by one or more designated individuals;receiving, from the one or more second individuals, one or more revisions to the design of the computer code to be implemented before an implementation date of the computer code, the one or more revisions comprising one or more steps that facilitate the compliance of the computer code with one or more privacy standards; in response to receiving the one or more revisions, automatically initiating, by one or more computer processors, the generation of at least one task that, if completed, would individually or collectively result in the one or more revisions to the design of the computer code; receiving a notification, by one or more computer processors, that the at least one task has been completed; at least partially in response to receiving the notification that the task has been completed, generating, by one or more computer processors, a second, updated privacy assessment for the computer code that reflects the fact that the one or more revisions have been completed; and generating, by one or more computer processors, a report documenting that;
(1) the initial privacy assessment has been conducted;
(2) the one or more revisions have been made to the computer code to facilitate the compliance of the computer code with the one or more privacy standards; and
(3) the updated privacy assessment has been conducted. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A computer system for efficiently demonstrating the compliance by an organization with privacy-by-design practices, the computer system comprising at least one computer processor and memory operatively coupled to the at least one processor, the computer system being configured for:
-
receiving a request to monitor the computer code for new versions of the particular computer code; monitoring one or more computer storage locations to determine whether any new versions of the particular computer code have been stored in the one or more computer storage locations; determining that a new version of the particular computer code has been stored in the one or more computer storage locations; automatically electronically analyzing the new version of the particular computer code to determine one or more privacy-related attributes of the particular computer code, each of the privacy-related attributes indicating one or more types of personal information that the computer code collects or accesses; in response to determining that the new version of the particular computer code has a particular one of the one or more privacy-related attributes;
(A) executing the steps of;
(i) electronically displaying one or more prompts to one or more first individuals requesting that the one or more first individuals input information regarding the particular privacy-related attribute; and
(ii) communicating the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a first privacy assessment of the new version of the particular computer code; and
(B) changing an indicator associated with the new version of the particular computer code to indicate that, before the new version of the particular code is launched, the new version of the particular computer code should be modified to not include the particular privacy-related attribute;receiving, from the one or more second individuals, one or more revisions to the design of the particular computer code to be implemented before an implementation date of the particular computer code, the one or more revisions comprising one or more steps that facilitate the compliance of the particular computer code with one or more privacy standards; in response to receiving the one or more revisions, automatically initiating, by one or more computer processors, the generation of at least one task that is to be used in managing the design of the particular computer code, the at least one task comprising one or more tasks that, if completed, would individually or collectively result in the one or more revisions to the design of the particular computer code; receiving a notification that the at least one task has been completed; at least partially in response to receiving the notification that the task has been completed, generating, by one or more computer processors, an updated privacy assessment for the particular computer code that reflects the fact that the one or more revisions have been completed; and generating a report indicating that the one or more revisions have been completed. - View Dependent Claims (15, 16, 17)
-
Specification