DATA PROCESSING SYSTEMS FOR THE IDENTIFICATION AND DELETION OF PERSONAL DATA IN COMPUTER SYSTEMS
First Claim
1. A computer-implemented data processing method for processing a request to delete personal data associated with a data subject from one or more computer systems of an organization, the method comprising:
- receiving, by one or more computer processors, a request from a data subject to delete the personal data associated with the data subject from one or more computer systems of an organization; and
at least partially in response to receiving the request;
processing the request by one or more computer processors;
automatically identifying, by one or more computer processors, one or more computing devices on the one or more computer systems on which the personal data associated with the data subject is stored; and
in response to determining, by one or more computer processors, the one or more computing devices storing the personal data associated with the data subject, automatically facilitating the deletion of the personal data associated with the data subject from the one or more computing devices.
2 Assignments
0 Petitions
Accused Products
Abstract
In particular embodiments, in response a data subject submitting a request to delete their personal data from an organization'"'"'s systems, the system may: (1) automatically determine where the data subject'"'"'s personal data is stored; and (2) in response to determining the location of the data (which may be on multiple computing systems), automatically facilitate the deletion of the data subject'"'"'s personal data from the various systems (e.g., by automatically assigning a plurality of tasks to delete data across multiple business systems to effectively delete the data subject'"'"'s personal data from the systems).
-
Citations
20 Claims
-
1. A computer-implemented data processing method for processing a request to delete personal data associated with a data subject from one or more computer systems of an organization, the method comprising:
-
receiving, by one or more computer processors, a request from a data subject to delete the personal data associated with the data subject from one or more computer systems of an organization; and at least partially in response to receiving the request; processing the request by one or more computer processors; automatically identifying, by one or more computer processors, one or more computing devices on the one or more computer systems on which the personal data associated with the data subject is stored; and in response to determining, by one or more computer processors, the one or more computing devices storing the personal data associated with the data subject, automatically facilitating the deletion of the personal data associated with the data subject from the one or more computing devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented data processing method for deleting one or more pieces of personal data in response to a data subject access request, the method comprising:
-
receiving, using one or more electronic receiving means, a data subject access request from a requestor comprising one or more request parameters; processing the request by identifying, using one or more data mapping means, a respective storage location of each of the one or more pieces of personal data associated with the requestor, the one or more pieces of personal data being stored in one or more data repositories associated with a particular organization; determining whether the one or more request parameters comprise a request to delete the one or more pieces of personal data; and in response to determining that the one or more request parameters comprise the request to delete, automatically facilitating the deletion, using one or more data deletion means, the one or more pieces of personal data. - View Dependent Claims (10)
-
-
11. A personal data processing and deletion system comprising;
-
one or more processors; one or more data assets that store a plurality of personal data associated with a plurality of data subjects, each piece of the plurality of personal data being associated with a respective particular processing activity of a plurality of processing activities undertaken by an organization; and computer memory, wherein; the computer memory stores one or more data models defining one or more data transfers among the one or more data assets; and the data processing and deletion system is configured for; receiving a first data subject request associated with a first data subject from a remote computing device, the first data subject request comprising a request to delete one or more first pieces of personal data from the personal data processing and deletion system, one or more first pieces of personal data being associated with the first data subject; in response to receiving the first data subject request, identifying, based at least in part on the one or more data models and the plurality of processing activities undertaken by the organization, a respective storage location of each of the one or more first pieces of personal data on the one or more data assets; and in response to identifying the storage location of each of the one or more pieces of personal data, automatically facilitating the deletion of each of the one or more first pieces of personal data from each respective storage location. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification