Data processing systems and methods for operationalizing privacy compliance via integrated mobile applications
First Claim
1. A computer-implemented data processing method for electronically receiving the input of processing activity data related to a processing activity and electronically calculating a risk level for the processing activity based on the data inputs comprising:
- providing a software application for installation on a computing device;
displaying on a graphical user interface, via the software application, a prompt to create an electronic record for a processing activity, wherein the processing activity utilizes personal data collected from at least one or more persons or one or more entities;
receiving a command to create an electronic record for the processing activity;
creating an electronic record for the processing activity and digitally storing the record;
presenting, on one or more graphical user interfaces, a plurality of prompts for the input of processing data related to the processing activity;
electronically receiving processing activity data input by one or more users via the graphical user interface, wherein the processing activity data identifies each of;
a description of the processing activity;
one or more types of personal data related to the processing activity;
a subject from which the personal data was collected;
the storage of the personal data; and
access to the personal data;
processing the processing activity data by electronically associating the processing activity data with the record for the processing activity;
receiving, via the software application, one or more inputs related to processing activity, the one or more inputs comprising an image of a privacy incident captured using the computing device;
automatically scanning the image of the privacy incident;
analyzing the scanned image to identify the processing activity associated with the privacy incident;
modifying the electronic record for the processing activity based at least in part on the one or more inputs;
analyzing the image to identify one or more contents in the image;
determining, based at least in part on the one or more contents, whether to modify a risk level for the processing activity; and
in response to determining to modify the risk level, calculating an updated risk level for the processing activity by;
identifying a plurality of risk factors for the processing activity, wherein each of the plurality of risk factors has a risk rating and an associated weighting factor and the plurality of risk factors includes;
a type of the personal data collected as part of the processing activity; and
storage information for the personal data collected as part of the processing activity;
electronically modifying the risk rating for at least one of the plurality of risk factors;
after modifying the risk rating for at least one of the plurality of risk factors, electronically calculating the updated risk level for the processing activity based upon, for each respective one of the plurality of risk factors, the risk rating and the weighting factor for the risk factor; and
digitally storing the updated risk level associated with the record for the processing activity.
2 Assignments
0 Petitions
Accused Products
Abstract
Data processing systems and methods for receiving data regarding a plurality of data privacy campaigns and for using that data to calculate or modify a relative risk associated with the campaign based on the received data. In various embodiments, the system may be adapted to: (1) receive processing activity data input by users via a software application presented on graphical user interface for one or more privacy campaigns; (2) automatically assess and display a relative risk associated with each campaign; (3) providing a software application via which a user may provide one or more inputs, for example, capture an image; and (4) automatically update the relative risk for the campaign based on the information provided in the one or more inputs. In some embodiments, the system is configured to enable a user, via the software application, to view information related to the privacy campaign, modify that data, etc.
-
Citations
20 Claims
-
1. A computer-implemented data processing method for electronically receiving the input of processing activity data related to a processing activity and electronically calculating a risk level for the processing activity based on the data inputs comprising:
-
providing a software application for installation on a computing device; displaying on a graphical user interface, via the software application, a prompt to create an electronic record for a processing activity, wherein the processing activity utilizes personal data collected from at least one or more persons or one or more entities; receiving a command to create an electronic record for the processing activity; creating an electronic record for the processing activity and digitally storing the record; presenting, on one or more graphical user interfaces, a plurality of prompts for the input of processing data related to the processing activity; electronically receiving processing activity data input by one or more users via the graphical user interface, wherein the processing activity data identifies each of; a description of the processing activity; one or more types of personal data related to the processing activity; a subject from which the personal data was collected; the storage of the personal data; and access to the personal data; processing the processing activity data by electronically associating the processing activity data with the record for the processing activity; receiving, via the software application, one or more inputs related to processing activity, the one or more inputs comprising an image of a privacy incident captured using the computing device; automatically scanning the image of the privacy incident; analyzing the scanned image to identify the processing activity associated with the privacy incident; modifying the electronic record for the processing activity based at least in part on the one or more inputs; analyzing the image to identify one or more contents in the image; determining, based at least in part on the one or more contents, whether to modify a risk level for the processing activity; and in response to determining to modify the risk level, calculating an updated risk level for the processing activity by; identifying a plurality of risk factors for the processing activity, wherein each of the plurality of risk factors has a risk rating and an associated weighting factor and the plurality of risk factors includes; a type of the personal data collected as part of the processing activity; and storage information for the personal data collected as part of the processing activity; electronically modifying the risk rating for at least one of the plurality of risk factors; after modifying the risk rating for at least one of the plurality of risk factors, electronically calculating the updated risk level for the processing activity based upon, for each respective one of the plurality of risk factors, the risk rating and the weighting factor for the risk factor; and digitally storing the updated risk level associated with the record for the processing activity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented data processing method comprising:
-
providing a software application for installation on a computing device; displaying on a graphical user interface, via the software application, a prompt to modify an electronic record for a processing activity, wherein the processing activity utilizes personal data collected from at least one or more persons or one or more entities; receiving, from a user of the computing device, first information associated with the processing activity; modifying the electronic record for the processing activity based at least in part on the first information; receiving, via the software application, an input of second information related to the processing activity, wherein the second information comprises an image of a particular privacy incident; scanning one or more contents of the second information; identifying one or more keywords in the one or more contents of the second information; determining, based at least in part on the one or more keywords identified in the second information, whether to modify a risk level for the particular processing activity; and in response to determining to modify the risk level; modifying at least one risk rating of a plurality of risk ratings, wherein each of the plurality of risk ratings are associated with a respective piece of the first information; and calculating an updated risk level for the processing activity based at least in part on the modified at least one risk rating, the plurality of risk ratings, and a weighting factor associated with each respective piece of the first information; and displaying, on the graphical user interface, the second information associated with the processing activity, wherein; the second information comprises information selected from a group consisting of; one or more responses to one or more screening questions; one or more pieces of information related to the particular privacy incident associated with the processing activity; one or more response to one or more training quizzes. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification