Data processing and communications systems and methods for the efficient implementation of privacy by design
First Claim
1. A non-transitory computer-readable medium storing computer-executable instructions for demonstrating compliance with privacy-by-design practices, the computer-executable instructions comprising computer-executable instructions for:
- automatically electronically analyzing computer code to determine one or more privacy-related attributes of the computer code, each of the privacy-related attributes indicating one or more types of personal information that the computer code collects or accesses;
in response to determining that at least one of the one or more privacy-related attributes indicates that the computer code collects or accesses one or more particular types of personal information;
(A) executing the steps of;
(i) electronically displaying one or more prompts to one or more first individuals requesting that the one or more first individuals input information regarding the particular privacy-related attribute;
(ii) receiving input information from the one or more first individuals regarding the particular privacy-related attribute; and
(iii) communicating the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a first privacy assessment of the computer code;
receiving, by one or more computer processors, from the one or more second individuals, an indication of one or more revisions to the design of the computer code, the one or more revisions comprising one or more steps that would facilitate the compliance of the computer code with one or more privacy standards;
in response to receiving the indication of the one or more revisions, automatically initiating the generation of at least one task that is to be used in managing the design of the computer code, the at least one task comprising one or more tasks that, if completed, would individually or collectively result in the one or more revisions to the computer code;
receiving, by one or more computer processors, a notification that the at least one task has been completed;
at least partially in response to receiving the notification that the at least one task has been completed, generating a second, updated privacy assessment for the computer code that reflects the fact that the one or more revisions have been completed; and
saving data to computer memory indicating that the one or more revisions have been completed, wherein the computer-executable instructions comprise computer-executable instructions for;
receiving a go-live date for the computer code;
saving the go-live date to memory; and
conducting one or more audits to facilitate completion of the one or more revisions to the computer code before the go-live date.
2 Assignments
0 Petitions
Accused Products
Abstract
Computer-readable mediums, according to various embodiments, store computer-executable instructions for: (1) scanning computer code to determine what types of personal information the computer code collects or analyzes; (2) prompting a first one or more individuals for information regarding this aspect of the computer code (e.g., why the computer code is collecting the personal information); (3) communicating this information to a second set of one or more individuals; (4) receiving, from the second set of individuals, a recommended revision to the computer code that would facilitate the compliance of the computer code with one or more privacy standards; (5) facilitating the implementation of the revision; and (6) after the revision has been completed, generating an updated privacy assessment for the computer code that reflects the fact that the one or more revisions have been completed; and (7) generating a report listing the one or more revisions that have been completed.
512 Citations
26 Claims
-
1. A non-transitory computer-readable medium storing computer-executable instructions for demonstrating compliance with privacy-by-design practices, the computer-executable instructions comprising computer-executable instructions for:
-
automatically electronically analyzing computer code to determine one or more privacy-related attributes of the computer code, each of the privacy-related attributes indicating one or more types of personal information that the computer code collects or accesses; in response to determining that at least one of the one or more privacy-related attributes indicates that the computer code collects or accesses one or more particular types of personal information;
(A) executing the steps of;
(i) electronically displaying one or more prompts to one or more first individuals requesting that the one or more first individuals input information regarding the particular privacy-related attribute;
(ii) receiving input information from the one or more first individuals regarding the particular privacy-related attribute; and
(iii) communicating the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a first privacy assessment of the computer code;receiving, by one or more computer processors, from the one or more second individuals, an indication of one or more revisions to the design of the computer code, the one or more revisions comprising one or more steps that would facilitate the compliance of the computer code with one or more privacy standards; in response to receiving the indication of the one or more revisions, automatically initiating the generation of at least one task that is to be used in managing the design of the computer code, the at least one task comprising one or more tasks that, if completed, would individually or collectively result in the one or more revisions to the computer code; receiving, by one or more computer processors, a notification that the at least one task has been completed; at least partially in response to receiving the notification that the at least one task has been completed, generating a second, updated privacy assessment for the computer code that reflects the fact that the one or more revisions have been completed; and saving data to computer memory indicating that the one or more revisions have been completed, wherein the computer-executable instructions comprise computer-executable instructions for; receiving a go-live date for the computer code; saving the go-live date to memory; and conducting one or more audits to facilitate completion of the one or more revisions to the computer code before the go-live date. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium storing computer-executable instructions for demonstrating the compliance of an organization with privacy-by-design practices, the computer-executable instructions comprising computer-executable instructions for:
-
receiving a location of computer code from one or more individuals; automatically electronically analyzing the computer code to determine one or more privacy-related attributes of the computer code, each of the privacy-related attributes indicating one or more types of personal information that the computer code collects or accesses; in response to determining that the computer code has a particular one of the one or more privacy-related attributes, executing steps of;
(i) receiving input information from one or more first individuals regarding the particular privacy-related attribute; and
(ii) communicating the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a first privacy assessment of the computer code;receiving, from the one or more second individuals, one or more revisions to the computer code that would facilitate the compliance of the computer code with one or more privacy standards; in response to receiving the one or more revisions, automatically initiating a generation of at least one task that, if completed, would individually or collectively result in the one or more revisions to the computer code; receiving a notification that the at least one task has been completed; at least partially in response to receiving the notification that the at least one task has been completed, facilitating the completion of a second, updated privacy assessment for the computer code that reflects the fact that the one or more revisions have been completed; and generating an output documenting that;
(1) the first privacy assessment has been conducted;
(2) the one or more revisions have been made to the computer code to facilitate the compliance of the computer code with the one or more privacy standards; and
(3) the updated privacy assessment has been conducted, wherein the computer-executable instructions comprise computer-executable instructions for;receiving a go-live date for the computer code; saving the go-live date to memory; and conducting one or more audits to facilitate completion of the one or more revisions to the computer code before the go-live date. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A non-transitory computer-readable medium storing computer-executable instructions for efficiently demonstrating the compliance by an organization with privacy-by-design practices, the computer-executable instructions comprising computer-executable instructions for:
-
monitoring one or more computer storage locations to determine whether any new versions of a particular computer product have been stored in the one or more computer storage locations; determining that a new version of the particular computer product has been stored in the one or more computer storage locations; automatically electronically analyzing the new version of the particular computer product to determine one or more privacy-related attributes of the particular computer product, each of the privacy-related attributes indicating one or more types of personal information that the particular computer product collects or accesses; in response to determining that the new version of the particular computer product has a particular one of the one or more privacy-related attributes;
(A) executing the steps of;
(i) electronically displaying one or more prompts to one or more first individuals requesting that the one or more first individuals input information regarding the particular privacy-related attribute; and
(ii) communicating the information regarding the particular privacy-related attribute to one or more second individuals for use in conducting a first privacy assessment of the new version of the particular computer product; and
(B) changing an indicator associated with the new version of the particular computer product to indicate that, before the new version of the particular computer product is launched, the new version of the particular computer product should be modified to not include the particular privacy-related attribute;receiving, from the one or more second individuals, a listing of one or more revisions to a design of the particular computer product, the one or more revisions comprising one or more steps that would facilitate the compliance of the particular computer product with one or more privacy standards; in response to receiving the listing of the one or more revisions, automatically facilitating the completion of at least one task that is to be used in managing the design of the particular computer product, the at least one task comprising one or more tasks that, if completed, would individually or collectively result in the one or more revisions to the design of the particular computer code; receiving a notification that the at least one task has been completed; at least partially in response to receiving the notification that the at least one task has been completed, facilitating the generation of an updated privacy assessment for the particular computer product that reflects the fact that the one or more revisions have been completed; and generating a report indicating that the one or more revisions have been completed wherein the computer-executable instructions comprise computer-executable instructions for; receiving a go-live date for the computer code; saving the go-live date to memory; and conducting one or more audits to facilitate completion of the one or more revisions to the computer code before the go-live date. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
Specification