Data processing systems for fulfilling data subject access requests and related methods

US 10,565,397 B1
Filed: 10/21/2019
Issued: 02/18/2020
Est. Priority Date: 06/10/2016
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium storing computer-executable instructions for processing a request to delete personal data from a plurality of computing devices associated with a particular organization by:

receiving a plurality of delete personal data requests, each delete personal data request being a request, from a respective data subject, to delete personal data associated with the data subject; and

at least partially in response to receiving each respective delete personal data request;

automatically using a data model to identify;

(A) a first computing device on which first respective personal data associated with the respective data subject is stored; and

(B) a second computing device on which second respective personal data associated with the respective data subject is stored, wherein;

the data model defines;

at least one storage location utilized in the storage of a plurality of different items of personal data for the data subject as part of a processing activity; and

at least one transfer location to which the plurality of different items of personal data for the data subject are transferred; and

automatically using the data model to identify the first computing device and the second computing device comprises;

(A) using a unique identifier associated with the data subject in combination with the data model to identify the first computing device as storing the first respective personal data associated with the respective data subject; and

(B) using the unique identifier associated with the data subject in combination with the data model to identify the second computing device as storing the second respective personal data associated with the respective data subject;

at least partially in response to identifying the first computing device as storing the first respective personal data associated with the respective data subject, facilitating the deletion of the first respective personal data from the first computing device; and

at least partially in response to identifying the second computing device as storing the second respective personal data associated with the respective data subject, facilitating the deletion of the second respective personal data from the second computing device, wherein;

the data model stores information regarding respective storage locations of the plurality of different items of personal data for the data subject.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In particular embodiments, in response a data subject submitting a request to delete their personal data from an organization'"'"'s systems, the system may: (1) automatically determine where the data subject'"'"'s personal data is stored; and (2) in response to determining the location of the data (which may be on multiple computing systems), automatically facilitate the deletion of the data subject'"'"'s personal data from the various systems (e.g., by automatically assigning a plurality of tasks to delete data across multiple business systems to effectively delete the data subject'"'"'s personal data from the systems).

606 Citations

20 Claims

1. A non-transitory computer-readable medium storing computer-executable instructions for processing a request to delete personal data from a plurality of computing devices associated with a particular organization by:
- receiving a plurality of delete personal data requests, each delete personal data request being a request, from a respective data subject, to delete personal data associated with the data subject; and
  
  at least partially in response to receiving each respective delete personal data request;
  
  automatically using a data model to identify;
  
  (A) a first computing device on which first respective personal data associated with the respective data subject is stored; and
  
  (B) a second computing device on which second respective personal data associated with the respective data subject is stored, wherein;
  
  the data model defines;
  
  at least one storage location utilized in the storage of a plurality of different items of personal data for the data subject as part of a processing activity; and
  
  at least one transfer location to which the plurality of different items of personal data for the data subject are transferred; and
  
  automatically using the data model to identify the first computing device and the second computing device comprises;
  
  (A) using a unique identifier associated with the data subject in combination with the data model to identify the first computing device as storing the first respective personal data associated with the respective data subject; and
  
  (B) using the unique identifier associated with the data subject in combination with the data model to identify the second computing device as storing the second respective personal data associated with the respective data subject;
  
  at least partially in response to identifying the first computing device as storing the first respective personal data associated with the respective data subject, facilitating the deletion of the first respective personal data from the first computing device; and
  
  at least partially in response to identifying the second computing device as storing the second respective personal data associated with the respective data subject, facilitating the deletion of the second respective personal data from the second computing device, wherein;
  
  the data model stores information regarding respective storage locations of the plurality of different items of personal data for the data subject.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the non-transitory computer-readable medium stores computer-executable instructions for concurrently processing at least five of the plurality of delete personal data requests in an automated manner.
  - 3. The non-transitory computer-readable medium of claim 2, wherein the data model stores information regarding respective storage locations of a plurality of different respective items of personal data for each of a plurality of individuals other than the data subject.
  - 4. The non-transitory computer-readable medium of claim 1, wherein the non-transitory computer-readable medium stores computer-executable instructions for facilitating the execution of multiple delete personal data requests in response to a single command from a user.
  - 5. The non-transitory computer-readable medium of claim 1, wherein the non-transitory computer-readable medium stores computer-executable instructions for facilitating the concurrent execution of multiple delete personal data requests in response to a single command from a user.
  - 6. The non-transitory computer-readable medium of claim 1, wherein the non-transitory computer-readable medium stores computer-executable instructions for:
    - automatically verifying an identity of the respective data subject; and
      
      at least partially in response to verifying the identity of the respective data subject, processing the respective delete personal data request.
  - 7. The non-transitory computer-readable medium of claim 1, wherein the non-transitory computer-readable medium stores computer-executable instructions for:
    - at least partially in response to receiving each respective delete personal data request, obtaining metadata regarding the respective data subject;
      
      using the metadata to determine whether a priority of the respective request should be adjusted based on the obtained metadata; and
      
      in response to determining that the priority of the respective request should be adjusted based on the obtained metadata, adjusting the priority of the respective request, wherein the metadata comprises metadata selected from a group consisting of;
      
      (A) a location from which the respective request was made;
      
      (B) one or more current sensitivities to world events; and
      
      (C) a status of the data subject; and
      
      fulfilling the respective request according to the adjusted priority of the respective request.
  - 8. The non-transitory computer-readable medium of claim 7, wherein the metadata comprises a location from which the respective request was made.
  - 9. The non-transitory computer-readable medium of claim 7, wherein the metadata comprises a status of the respective data subject.
  - 10. The non-transitory computer-readable medium of claim 1, wherein each of the first and second computing devices is associated with a different respective corporate entity of a plurality of corporate entities.
  - 11. The non-transitory computer-readable medium of claim 10, wherein the plurality of corporate entities are sub-organizations of the particular organization.

12. A computer-implemented data processing method for processing requests to delete personal data associated with respective data subjects from one or more computer systems of an organization, the method comprising:
- receiving, by one or more computer processors, a plurality of delete personal data requests, each delete personal data request being a request, from a respective data subject, to delete personal data associated with the data subject; and
  
  at least partially in response to receiving each respective request of the plurality of requests;
  
  automatically identifying, by one or more computer processors, one or more computing devices of the one or more computer systems on which the personal data associated with the respective data subject is stored, wherein identifying the one or more computing devices on which the personal data associated with the respective data subject is stored comprises;
  
  accessing, by one or more computer processors, a data model defining;
  
  at least one storage location where a plurality of pieces of personal data are stored as part of a processing activity;
  
  at least one transfer location to which the plurality of pieces of personal data are transferred from the at least one storage location as part of the processing activity; and
  
  using a unique identifier associated with the data subject, in combination with the data model, to identify the personal data associated with the respective data subject; and
  
  in response to identifying, by one or more computer processors, the one or more computing devices on which the personal data associated with the respective data subject is stored, automatically facilitating the deletion of the personal data associated with the respective data subject from the one or more computing devices.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The computer-implemented data processing method of claim 12, wherein the method further comprises concurrently processing, by one or more computer processors, at least five of the plurality of delete personal data requests in an automated manner.
  - 14. The computer-implemented data processing method of claim 12, wherein automatically facilitating the deletion of the personal data associated with the respective data subject from the one or more computing devices comprises overwriting the personal data associated with the respective data subject in computer memory associated with the one or more computing devices.
  - 15. The computer-implemented data processing method of claim 12, wherein facilitating the deletion of the personal data associated with the respective data subject from the one or more computing devices comprises facilitating the deletion of the respective data subject'"'"'s personal data from both the at least one storage location and the at least one transfer location.
  - 16. The computer-implemented data processing method of claim 12, wherein the unique identifier associated with the data subject comprises a unique identifier generated in response to receiving consent from the respective data subject for the initial storage of the personal data associated with the respective data subject as part of the processing activity.
  - 17. The computer-implemented data processing method of claim 12, wherein identifying one or more computing devices of the one or more computer systems on which the personal data associated with the respective data subject is stored comprises identifying the one or more computing devices using one or more data modeling means.
  - 18. The computer-implemented data processing method of claim 12, wherein the method further comprises:
    - identifying a first processing activity under which the respective data subject has previously provided consent for the collection of personal data; and
      
      electronically accessing a first data inventory associated with the first processing activity, the first data inventory identifying;
      
      a first data asset of the one or more computer systems on which the personal data collected as part of the first processing activity is stored;
      
      transfer data associated with the first data asset; and
      
      access data associated with the first data asset; and
      
      facilitating the deletion of the personal data associated with the respective data subject from the one or more computing devices by;
      
      automatically assigning a first task to delete the personal data associated with the respective data subject from the first data asset;
      
      identifying a second data asset based at least in part on the transfer data;
      
      automatically assigning a second task to delete the personal data associated with the respective data subject from the second data asset;
      
      identifying a third data asset based at least in part on the access data; and
      
      automatically assigning a third task to delete the personal data associated with the respective data subject from the third data asset.

19. A computer-implemented data processing method for deleting one or more pieces of personal data in response to a data subject access request, the method comprising:
- receiving, using one or more electronic receiving means, a data subject access request from a requestor comprising one or more request parameters;
  
  accessing, using one or more electronic access means, a data model defining;
  
  at least one storage location utilized in the storage of a plurality of pieces of personal data as part of a processing activity; and
  
  at least one transfer location to which the plurality of pieces of personal data are transferred, wherein the data model comprises information regarding a respective storage location of each of one or more pieces of personal data associated with the requestor;
  
  using the data model and a unique identifier associated with the requestor to identify the respective storage location of each of the one or more pieces of personal data associated with the requestor, the one or more pieces of personal data being stored in one or more data repositories associated with a particular organization;
  
  determining whether the one or more request parameters comprise a request to delete the one or more pieces of personal data; and
  
  in response to determining that the one or more request parameters comprise the request to delete, automatically facilitating the deletion, using one or more data deletion means, of the one or more pieces of personal data.
- View Dependent Claims (20)
- - 20. The computer-implemented data processing method of claim 19, wherein:
    - the method further comprises identifying, using one or more consent receipt management means, one or more processing activities undertaken by the particular organization that involve the storage of the one or more pieces of personal data; and
      
      processing the request further comprises identifying the respective storage location of each of the one or more pieces of personal data based at least in part on storage data associated with the one or more processing activities.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
OneTrust LLC
Original Assignee
OneTrust LLC
Inventors
Barday, Kabir A., Sabourin, Jason L., Brannon, Jonathan Blake, Karanjkar, Mihir S., Jones, Kevin
Primary Examiner(s)
Bui, Hanh Thi-Minh

Application Number

US16/659,437
Publication Number

US 20200050792A1
Time in Patent Office

120 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/6245   Protecting personal data, e...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2143   Clearing memory, e.g. to pr...

Data processing systems for fulfilling data subject access requests and related methods

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

606 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Data processing systems for fulfilling data subject access requests and related methods

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

606 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links