Systems and methods of automated compliance with data privacy laws
First Claim
Patent Images
1. A method of a server restricting transfer of private data that do not meet data privacy regulations, the method including:
- tracking a person-related data source by associating a data entity that holds person-related data with a trust object that tracks the person-related data source, wherein the person-related data includes private data;
wherein the trust object holds trust metadata, including;
name of the person-related data source,interface category of the person-related data source,physical origin of the person-related data source,consent-type given by subject of the person-related data,data privacy regulations that control access to the private data and are set for a legal jurisdiction that governs the physical origin,at least one purpose of assembling the person-related data, andat least one classification of the person-related data;
representing the data privacy regulations set for the legal jurisdiction that governs the physical origin of the person-related data in an access control object that specifies, by the legal jurisdiction, access control based on the name of the person-related data source, the physical origin of the person-related data source, the consent-type given by subject of the person-related data, the purpose of assembling the person-related data, and the classification of the person-related data;
receiving, from a client computer, a tenant request for the person-related data, wherein the tenant request identifies at least one legal jurisdiction where the person-related data will be subsequently used;
constructing a filter that implements access control, in accordance with the access control object representing the data privacy regulations specified in the legal jurisdiction that governs the physical origin of the person-related data, for the name of the person-related data source, the physical origin of the person-related data source, the consent-type given by subject of the person-related data, the purpose of assembling the person-related data, and the classification of the person-related data; and
automatically applying the filter to the person-related data requested by the client computer to restrict transfer of any private data, from the server to the client computer, that do not meet the data privacy regulations specified in the legal jurisdiction that governs the physical origin of the person-related data, and to restrict transfer of any private data from the server to the client computer that do not meet the data privacy regulations of the at least one legal jurisdiction identified in the tenant request.
1 Assignment
0 Petitions
Accused Products
Abstract
The technology disclosed relates to automated compliance with data privacy laws of varying jurisdictions. In particular, it relates to constructing trust filters that automatically restrict collection, use, processing, transfer, or consumption of any person-related data that do not meet the data privacy regulations of the applicable jurisdictions. The trust filters are constructed dependent on associating person-related data entities with trust objects that track person-related data sources.
-
Citations
15 Claims
-
1. A method of a server restricting transfer of private data that do not meet data privacy regulations, the method including:
-
tracking a person-related data source by associating a data entity that holds person-related data with a trust object that tracks the person-related data source, wherein the person-related data includes private data; wherein the trust object holds trust metadata, including; name of the person-related data source, interface category of the person-related data source, physical origin of the person-related data source, consent-type given by subject of the person-related data, data privacy regulations that control access to the private data and are set for a legal jurisdiction that governs the physical origin, at least one purpose of assembling the person-related data, and at least one classification of the person-related data; representing the data privacy regulations set for the legal jurisdiction that governs the physical origin of the person-related data in an access control object that specifies, by the legal jurisdiction, access control based on the name of the person-related data source, the physical origin of the person-related data source, the consent-type given by subject of the person-related data, the purpose of assembling the person-related data, and the classification of the person-related data; receiving, from a client computer, a tenant request for the person-related data, wherein the tenant request identifies at least one legal jurisdiction where the person-related data will be subsequently used; constructing a filter that implements access control, in accordance with the access control object representing the data privacy regulations specified in the legal jurisdiction that governs the physical origin of the person-related data, for the name of the person-related data source, the physical origin of the person-related data source, the consent-type given by subject of the person-related data, the purpose of assembling the person-related data, and the classification of the person-related data; and automatically applying the filter to the person-related data requested by the client computer to restrict transfer of any private data, from the server to the client computer, that do not meet the data privacy regulations specified in the legal jurisdiction that governs the physical origin of the person-related data, and to restrict transfer of any private data from the server to the client computer that do not meet the data privacy regulations of the at least one legal jurisdiction identified in the tenant request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 15)
-
-
8. A system, including:
a server including a processor and a computer readable storage medium storing computer instructions configured to cause the processor to; track a person-related data source by associating a data entity that holds person-related data with a trust object that tracks the person-related data source, wherein the person-related data includes private data; wherein the trust object holds trust metadata, including; name of the person-related data source, interface category of the person-related data source, physical origin of the person-related data source, consent-type given by subject of the person-related data, data privacy regulations that control access to the private data and are set for a legal jurisdiction that governs the physical origin, at least one purpose of assembling the person-related data, and at least one classification of the person-related data; represent the data privacy regulations set for the legal jurisdiction that governs the physical origin of the person-related data in an access control object that specifies, by the legal jurisdiction, access control based on the name of the person-related data source, the physical origin of the person-related data source, the consent-type given by subject of the person-related data, the purpose of assembling the person-related data, and the classification of the person-related data; receive, from a client computer, a tenant request for the person-related data, wherein the tenant request identifies at least one legal jurisdiction where the person-related data will be subsequently used; construct a filter that implements access control, in accordance with the access control object representing the data privacy regulations specified in the legal jurisdiction that governs the physical origin of the person-related data, for the name of the person-related data source, the physical origin of the person-related data source, the consent-type given by subject of the person-related data, the purpose of assembling the person-related data, and the classification of the person-related data; and automatically apply the filter to the person-related data requested by the client computer to restrict transfer of any private data, from the server to the client computer, that do not meet the data privacy regulations specified in the legal jurisdiction that governs the physical origin of the person-related data, and to restrict transfer of any private data from the server to the client computer that do not meet the data privacy regulations of the at least one legal jurisdiction identified in the tenant request. - View Dependent Claims (9, 10, 11, 12, 13, 14)
Specification