Data processing systems and methods for efficiently assessing the risk of privacy campaigns
First Claim
1. A computer-implemented data processing method for efficiently assessing the risk associated with a privacy campaign, the method comprising:
- receiving, by one or more computer processors, an audited privacy template, wherein the audited privacy template has been audited for compliance with one or more privacy standards, and wherein the audited privacy template comprises a plurality of question/answer pairings regarding a particular vendor, product, or service to be used as part of the privacy campaign;
receiving, by one or more computer processors, analysis of one or more data records associated with the particular vendor, product, or service;
identifying, by one or more computer processors, a particular weighting factor for each question/answer pairing of the plurality of question/answer pairings;
determining, by one or more computer processors, a relative risk rating for each question/answer pairing of the plurality of question/answer pairings based on the respective particular weighting factor for each question/answer pairing of the plurality of question/answer pairings;
electronically calculating, by one or more computer processors, an overall risk rating for the particular vendor, product, or service based upon the relative risk rating for each question/answer pairing of the plurality of question/answer pairings and the analysis of the one or more data records;
determining whether the overall risk rating for the particular vendor, product, or service satisfies certain pre-determined criteria; and
in response to determining that the overall risk rating for the particular vendor, product, or service does not satisfy the pre-determined criteria, generating an alert to a user indicating that the overall risk rating for the particular vendor, product, or service does not satisfy the pre-determined criteria.
2 Assignments
0 Petitions
Accused Products
Abstract
Data processing systems and methods, according to various embodiments are adapted for efficiently processing data to allow for the streamlined assessment of the risk level associated with particular privacy campaigns. The systems may provide a centralized repository of templates of privacy-related question/answer pairings for various vendors, products (e.g., software products), and services. Different entities may electronically access the templates (which may be periodically updated and centrally audited) and customize the templates for evaluating the risk associated with the entities'"'"' respective business endeavors that involve the relevant vendors, products, or services.
-
Citations
20 Claims
-
1. A computer-implemented data processing method for efficiently assessing the risk associated with a privacy campaign, the method comprising:
-
receiving, by one or more computer processors, an audited privacy template, wherein the audited privacy template has been audited for compliance with one or more privacy standards, and wherein the audited privacy template comprises a plurality of question/answer pairings regarding a particular vendor, product, or service to be used as part of the privacy campaign; receiving, by one or more computer processors, analysis of one or more data records associated with the particular vendor, product, or service; identifying, by one or more computer processors, a particular weighting factor for each question/answer pairing of the plurality of question/answer pairings; determining, by one or more computer processors, a relative risk rating for each question/answer pairing of the plurality of question/answer pairings based on the respective particular weighting factor for each question/answer pairing of the plurality of question/answer pairings; electronically calculating, by one or more computer processors, an overall risk rating for the particular vendor, product, or service based upon the relative risk rating for each question/answer pairing of the plurality of question/answer pairings and the analysis of the one or more data records; determining whether the overall risk rating for the particular vendor, product, or service satisfies certain pre-determined criteria; and in response to determining that the overall risk rating for the particular vendor, product, or service does not satisfy the pre-determined criteria, generating an alert to a user indicating that the overall risk rating for the particular vendor, product, or service does not satisfy the pre-determined criteria. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented data processing method for efficiently assessing the risk associated with a privacy campaign, the method comprising:
-
receiving, by one or more computer processors, an audited privacy template, wherein the audited privacy template has been audited for compliance with one or more privacy standards, wherein the audited privacy template comprises a plurality of question/answer pairings regarding a particular product or service provided by a vendor, and wherein each of the plurality of question/answer pairings identify a parameter selected from a group consisting of; an encryption status of one or more pieces of personal data stored by the particular product or service; storage information for the one or more pieces of personal data collected by the particular product or service; and access permission data associated with the one or more pieces of personal data collected by the particular product or service; and in response to receiving the audited privacy template, facilitating the electronic transfer of the audited privacy template, via one or more computer networks, to a plurality of computer systems, each computer system being associated with a different entity, for use in the different entities'"'"' respective computerized assessments of at least one respective privacy campaign, to be executed by the respective entity, that includes the use of a product or service that is the subject of the completed privacy template. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented data processing method for efficiently assessing the risk associated with a privacy campaign, the method comprising:
-
receiving, by one or more computer processors, a completed privacy template from a vendor, the completed privacy template comprising a plurality of question/answer pairings regarding a particular product or service provided by the vendor; determining, by one or more computer processors based on the completed privacy template, to request an updated version of the completed privacy template from the vendor; requesting, by one or more computer processors, the updated version of the completed privacy template from the vendor; receiving, by one or more computer processors, the updated version of the completed privacy template, the updated completed privacy template comprising an updated plurality of question/answer pairings regarding the particular product or service; in response to receiving the updated completed privacy template, automatically coordinating, by one or more computer processors, an audit of the updated completed privacy template for compliance with one or more privacy standards; receiving, by one or more computer processors, an audited updated completed privacy template; calculating a risk rating for the particular product or service based on the audited updated completed privacy template; and facilitating the electronic transfer of the audited updated completed privacy template and the risk rating for the particular product or service, via one or more computer networks, to a plurality of computer systems, each computer system being associated with a different entity, for use in the different entities'"'"' respective computerized assessments of at least one respective privacy campaign, to be executed by the respective entity, that includes the use of the particular product or service. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification