Data processing systems and methods for auditing data request compliance
First Claim
Patent Images
1. A privacy management computer system for auditing one or more responses to one or more data subject access requests received by a particular entity, the system comprising:
- one or more computer processors; and
computer memory operatively coupled to the one or more processors, wherein the one or more computer processors are adapted for;
receiving a plurality of data subject access requests via a plurality of webforms on respective computing devices from a plurality of data subject access requestors;
automatically determining a type of each data subject access request, the determined type of data subject access request being selected from a group consisting of;
(1) a request to delete personal data of the requestor that is being stored by a particular organization;
(2) a request to provide, to the requestor, personal data of the requestor that is being stored by the particular organization;
(3) a request to update personal data of the requestor that is being stored by the particular organization; and
(4) a request to opt out of having the particular organization use the requestor'"'"'s personal information in one or more particular ways;
determining, based at least partially on the determined type of each data subject access request, a workflow that is to be used to process each request;
facilitating the processing of each of the plurality of data subject access requests via the workflow;
providing a data subject access request compliance portal;
receiving an audit request, via the data subject access request compliance portal, to audit compliance, by the particular entity with one or more data subject access request requirements, the audit request comprising one or more request parameters;
perform the audit based on the one or more request parameters;
generate a report of one or more results of the audit; and
provide the report to a privacy officer associated with the particular entity.
2 Assignments
0 Petitions
Accused Products
Abstract
A privacy management system that is configured to process one or more data subject access requests and further configured to: (1) enable a data protection officer to submit an audit request; (2) perform an audit based on one or more parameters provided as part of the request (e.g., one or more parameters such as how long an average request takes to fulfill, one or more parameters related to logging and/or tracking data subject access requests and/or complaints from one or more particular customer advocacy groups, individuals, NGOs, etc.); and (3) provide one or more audit results to the officer (e.g., by displaying the results on a suitable display screen).
541 Citations
20 Claims
-
1. A privacy management computer system for auditing one or more responses to one or more data subject access requests received by a particular entity, the system comprising:
-
one or more computer processors; and computer memory operatively coupled to the one or more processors, wherein the one or more computer processors are adapted for; receiving a plurality of data subject access requests via a plurality of webforms on respective computing devices from a plurality of data subject access requestors; automatically determining a type of each data subject access request, the determined type of data subject access request being selected from a group consisting of;
(1) a request to delete personal data of the requestor that is being stored by a particular organization;
(2) a request to provide, to the requestor, personal data of the requestor that is being stored by the particular organization;
(3) a request to update personal data of the requestor that is being stored by the particular organization; and
(4) a request to opt out of having the particular organization use the requestor'"'"'s personal information in one or more particular ways;determining, based at least partially on the determined type of each data subject access request, a workflow that is to be used to process each request; facilitating the processing of each of the plurality of data subject access requests via the workflow; providing a data subject access request compliance portal; receiving an audit request, via the data subject access request compliance portal, to audit compliance, by the particular entity with one or more data subject access request requirements, the audit request comprising one or more request parameters; perform the audit based on the one or more request parameters; generate a report of one or more results of the audit; and provide the report to a privacy officer associated with the particular entity. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented data processing method for receiving and facilitating the processing of data subject access requests and subsequently auditing a plurality of processed data subject access requests, the method comprising:
-
receiving, by at least one computer processor, a data subject access request from a data subject access requestor; automatically determining, by at least one computer processor, a type of the data subject access request, the determined type of data subject access request being selected from a group consisting of;
(1) a request to delete personal data of the requestor that is being stored by a particular organization;
(2) a request to provide, to the requestor, personal data of the requestor that is being stored by the particular organization;
(3) a request to update personal data of the requestor that is being stored by the particular organization; and
(4) a request to opt out of having the particular organization use the requestor'"'"'s personal information in one or more particular ways;determining, by at least one processor, based at least partially on the determined type of data subject access request, a workflow that is to be used to process the request; after determining the workflow, facilitating, by at least one processor, the processing of the request via the computer-implemented workflow; providing a data subject access request compliance portal; receiving an audit request, via the data subject access request compliance portal, to audit compliance, by the particular organization with one or more data subject access request requirements, the audit request comprising one or more request parameters; perform the audit based on the one or more request parameters; generate a report of one or more results of the audit; and provide the report to a privacy officer associated with the particular organization. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeOneTrust LLC
-
Original AssigneeOneTrust LLC
-
InventorsBarday, Kabir A., Brannon, Jonathan Blake, Sabourin, Jason L., Karanjkar, Mihir S., Jones, Kevin, Beaumont, Richard A.
-
Primary Examiner(s)Zaidi, Syed A
-
Application NumberUS16/105,602Publication NumberTime in Patent Office295 DaysField of Search726 27US Class CurrentCPC Class CodesG06F 15/76 Architectures of general pu...G06F 21/552 involving long-term monitor...G06F 21/604 Tools and structures for ma...G06F 21/6245 Protecting personal data, e...G06F 2221/2101 Auditing as a secondary aspectG06F 2221/2141 Access rights, e.g. capabil...H04L 63/0407 wherein the identity of one...H04L 63/101 Access control lists [ACL]H04L 63/102 Entity profilesH04L 63/104 Grouping of entitiesH04L 63/107 wherein the security polici...H04L 63/108 when the policy decisions a...
