Using an object model to improve handling of personally identifiable information
First Claim
1. A method for handling personally identifiable information, said method comprising:
- providing in a computer a first set of object classes representing active entities in an information-handling process, wherein a limited number of privacy-related actions represent operations performed on data;
providing in said computer a second set of object classes representing data and rules in said information-handling process, wherein at least one object class has said rules associated with said data; and
handling transactions involving said personally identifiable information, using said computer and said object classes.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention involves providing in a computer a first set of object classes representing active entities in an information-handling process, wherein a limited number of privacy-related actions represent operations performed on data, and providing in the computer a second set of object classes representing data and rules in the information-handling process, wherein at least one object class has rules associated with data. The invention also involves using the above-mentioned objects in constructing a model of an information-handling process, and providing output that identifies at least one way in which the information-handling process could be improved. One aspect of the present invention is a method for handling personally identifiable information. Another aspect of the present invention is a system for executing the method of the present invention. A third aspect of the present invention is as a set of instructions on a computer-usable medium, or resident in a computer system, for executing the method of the present invention.
-
Citations
17 Claims
-
1. A method for handling personally identifiable information, said method comprising:
-
providing in a computer a first set of object classes representing active entities in an information-handling process, wherein a limited number of privacy-related actions represent operations performed on data;
providing in said computer a second set of object classes representing data and rules in said information-handling process, wherein at least one object class has said rules associated with said data; and
handling transactions involving said personally identifiable information, using said computer and said object classes. - View Dependent Claims (2, 3)
-
-
4. A method for improving the handling of personally identifiable information, said method comprising:
-
performing an initial assessment of an information-handling process;
constructing a model of said information-handling process, based on said initial assessment; and
providing output, based on said gathering and constructing, that identifies at least one way in which said personally identifiable information could be better handled;
wherein said constructing includes;
representing entities, data, and rules in said information-handling process by using a limited number of object classes;
representing operations performed on data by using a limited number of privacy-related actions; and
representing transactions by using said limited number of object classes and said limited number of privacy-related actions. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 13, 14, 16, 17)
-
-
12. A system for handling personally identifiable information, said system comprising:
-
means for providing in a computer a first set of object classes representing active entities in an information-handling process, wherein a limited number of privacy-related actions represent operations performed on data;
means for providing in said computer a second set of object classes representing data and rules in said information-handling process, wherein at least one object class has said rules associated with said data; and
means for handling transactions involving said personally identifiable information, using said computer and said object classes.
-
-
15. A computer-usable medium having computer-executable instructions for handling personally identifiable information, said computer-executable instructions comprising:
-
means for providing in a computer a first set of object classes representing active entities in an information-handling process, wherein a limited number of privacy-related actions represent operations performed on data;
means for providing in said computer a second set of object classes representing data and rules in said information-handling process, wherein at least one object class has said rules associated with said data; and
means for handling transactions involving said personally identifiable information, using said computer and said object classes.
-
Specification