Using a rules model to improve handling of personally identifiable information

US 7,069,427 B2
Filed: 06/19/2001
Issued: 06/27/2006
Est. Priority Date: 06/19/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method of handling personally identifiable information, said method comprising:

defining a limited number of privacy-related actions regarding said personally identifiable information;

constructing a rule for each of said privacy-related actions, wherein each rule defines an action corresponding to an associated privacy-related action, a logical condition that identifies a condition under which a particular decision is generated, and a decision indicating a manner by which said associated privacy-related action is to be performed;

creating a programming object containing a set of rules, wherein the set of rules comprises at least one of said constructed rules;

associating said programming object with said personally identifiable information;

processing a request using the programming object containing said set of rules, wherein processing said request comprises;

determining if said set of rules includes at least one rule having an action corresponding to an action specified in the request, a condition that evaluates to “

true,” and

a decision that indicates that the action is authorized;

selecting a rule in the set of rules that has an action corresponding to said action specified in the request, said condition that evaluates to “

true.” and

said decision that indicates that the action is authorized; and

providing an output based on selecting said rule in the set of rules.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is a system and method for handling personally identifiable information, using a rules model. The invention involves defining a limited number of privacy-related actions regarding personally identifiable information; constructing a rule for each circumstance in which one of said privacy-related actions may be taken or must be taken; allowing for the input of dynamic contextual information to precisely specify the condition for evaluation of a rule; creating a programming object containing at least one of said rules; associating the programming object with personally identifiable information; processing a request; and providing an output. The invention does not merely give a “yes-or-no answer. The invention has the advantage of being able to specify additional actions that must be taken. The invention may use a computer system and network. One aspect of the present invention is a method for handling personally identifiable information. Another aspect of the present invention is a system for executing the method of the present invention. A third aspect of the present invention is as a set of instructions on a computer-usable medium, or resident in a computer system, for executing the method of the present invention.

329 Citations

20 Claims

1. A method of handling personally identifiable information, said method comprising:
- defining a limited number of privacy-related actions regarding said personally identifiable information;
  
  constructing a rule for each of said privacy-related actions, wherein each rule defines an action corresponding to an associated privacy-related action, a logical condition that identifies a condition under which a particular decision is generated, and a decision indicating a manner by which said associated privacy-related action is to be performed;
  
  creating a programming object containing a set of rules, wherein the set of rules comprises at least one of said constructed rules;
  
  associating said programming object with said personally identifiable information;
  
  processing a request using the programming object containing said set of rules, wherein processing said request comprises;
  
  determining if said set of rules includes at least one rule having an action corresponding to an action specified in the request, a condition that evaluates to “
  
  true,” and
  
  a decision that indicates that the action is authorized;
  
  selecting a rule in the set of rules that has an action corresponding to said action specified in the request, said condition that evaluates to “
  
  true.” and
  
  said decision that indicates that the action is authorized; and
  
  providing an output based on selecting said rule in the set of rules.
- View Dependent Claims (2, 3, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein said output is selected from the group consisting ofauthorizing said privacy-related action,authorizing said privacy-related action, plus specifying one or more tasks,and denying said request but also suggesting what must be done to have said request approved.
  - 3. The method of claim 1, wherein said output includes the specification of at least one additional action that must be taken.
  - 10. The method of claim 1, wherein processing a request using said programming object containing said set of rules further comprises:
    - identifying one or more tasks associated with said selected rule, if a decision of said rule indicates that said rule has associated tasks;
      
      adding said one or more tasks specified for said privacy-related action to a list data structure associated with said programming object, wherein said list data structure contains one or more tasks for each rule associated with said programming data structure that has a decision indicating that said action identified in said request is authorized; and
      
      returning, in said output said list data structure associated with said programming object.
  - 11. The method of claim 10, wherein said identifying of one or more tasks, adding said one or more tasks to a list data structure, and returning said list data structure are performed if said selected rule has a decision indicating that said action associated with said rule is obligated.
  - 12. The method of claim 1, wherein if a result of said determining if said set of rules includes at least one rule having an action corresponding to an action specified in said request, a condition that evaluates to “
    - true,” and
      
      a decision that indicates that said action is authorized, indicates that no such rule is present in said set of rules, said method further comprises;
      
      denying said request;
      
      searching for one or more suggestion rules in said set of rules that have an action corresponding to said action specified in said request, a condition that evaluates to “
      
      true,” and
      
      a decision that indicates that a suggestion is to be provided; and
      
      providing a suggestion, based on said one or more suggestion rules, indicating what operation needs to be performed in order for said action specified in said request to be authorized.
  - 13. The method of claim 1, wherein said limited number of privacy-related actions define privacy-related actions that may be performed by one of a data subject that is identified by said personally identifiable information, a data user that requests access to said personally identifiable information, and a third party to which privacy-related notifications concerning said personally identifiable information may be sent.
  - 14. The method of claim 1, wherein said programming object is an empty form programming object that represents a paper form that may be completed by a provider of said personally identifiable information.
  - 15. The method of claim 14, wherein associating said programming object with said personally identifiable information comprises:
    - entering said personally identifiable information into fields of said empty form programming object, wherein said one or more rules of said programming object are applied to said personally identifiable information.

4. A system for handling personally identifiable information, said system comprising:
- a processor; and
  
  a memory coupled to the processor, wherein the memory stores instructions which, when executed by the processor, cause the processor to;
  
  define a limited number of privacy-relaxed actions regarding said personally identifiable information;
  
  construct a rule for each of said privacy-related actions, wherein each rule defines an action corresponding to an associated privacy-related action, a logical condition that identifies a condition under which a particular decision is generated, and a decision indicating a manner by which said associated privacy-relaxed action is to be performed;
  
  create a programming object containing a set of rules, wherein the set of rules comprises at least one of said constructed rules;
  
  associate said programming object with said personally identifiable information;
  
  process a request using the programming object containing said set of rules, wherein processing said request comprises;
  
  determining if said set of rules includes at least one rule having an action corresponding to an action specified in the request, a condition that evaluates to “
  
  true,” and
  
  a decision that indicates that the action is authorize;
  
  selecting a rule in the set of rules that has an action corresponding to said action specified in the request, said condition that evaluates to “
  
  true,” and
  
  said decision that indicates that the action is authorized; and
  
  providing an output based on selecting said rule in the set of rules.
- View Dependent Claims (5, 6, 16, 17, 18, 19, 20)
- - 5. The system of claim 4, wherein said output is selected from the group consisting ofauthorizing said privacy-related action,authorizing said privacy-related action, plus specifying one or more tasks,and denying said request but also suggesting what must be done to have said request approved.
  - 6. The system of claim 4, wherein said output includes the specification of at least one additional action that must be taken.
  - 16. The system of claim 4, wherein said instructions further cause the processor to process a request using said programming object containing said set of rules by:
    - identifying one or more tasks associated with said selected rule, if a decision of said rule indicates that said rule has associated tasks;
      
      adding said one or more tasks specified for said privacy-related action to a list data structure associated with said programming object, wherein said list data structure contains one or more tasks for each rule associated with said programming data structure that has a decision indicating that said action identified in said request is authorized; and
      
      returning, in said output, said list data structure associated with said programming object.
  - 17. The system of claim 16, wherein said identifying of one or more tasks, adding said one or more tasks to a list data structure, and returning said list data structure are performed if said selected rule has a decision indicating that said action associated with said rule is obligated.
  - 18. The system of claim 4, wherein if a result of said determining if said set of rules includes at least one rule having an action corresponding to an action specified in said request, a condition that evaluates to “
    - true,” and
      
      a decision that indicates that said action is authorized, indicates that no such rule is present in said set of rules, said instructions further cause the processor to;
      
      deny said request;
      
      search for one or more suggestion rules in said set of rules that have an action corresponding to said action specified in said request, a condition that evaluates to “
      
      true,” and
      
      a decision that indicates that a suggestion is to be provided; and
      
      provide a suggestion, based on said one or more suggestion rules, indicating what operation needs to be performed in order for said action specified in said request to be authorized.
  - 19. The system of claim 4, wherein said programming object is an empty form programming object that represents a paper form that may be completed by a provider of said personally identifiable information.
  - 20. The system of claim 19, wherein said instructions cause the processor to associate said programming object with said personally identifiable information byentering said personally identifiable information into fields of said empty form programming object, wherein said one or more rules of said programming object are applied to said personally identifiable information.

7. A computer program product comprising a computer-usable medium having a computer readable program for handling personally identifiable information, wherein the computer readable program, when executed on a computing device, causes the computing device to:
- define a limited number of privacy-related actions regarding said personally identifiable information;
  
  construct a rule for each of said privacy-related actions, wherein each rule defines an action corresponding to an associated privacy-related action, a logical condition that identifies a condition under which a particular decision is generated, and a decision indicating a manner by which said associated privacy-related action is to be performed;
  
  create a programming object containing a set of rules, wherein the set of rules comprises at least one of said constructed rules;
  
  associate said programming object with said personally identifiable information;
  
  process a request using the programming object containing said set of rules, wherein processing said request comprises;
  
  determining if said set of rules includes at least one rule having an action corresponding to an action specified in the request, a condition that evaluates to “
  
  true,” and
  
  a decision that indicates that the action is authorized;
  
  selecting a rule in the set of rules that has an action corresponding to said action specified in the request, said condition that evaluates to “
  
  true,” and
  
  said decision that indicates that the action is authorized; and
  
  providing an output based on selecting said rule in the set of rules.
- View Dependent Claims (8, 9)
- - 8. The computer program product of claim 7, wherein said output is selected from the group consisting ofauthorizing said privacy-related action,authorizing said privacy-related action, plus specifying one or more tasks,and denying said request but also suggesting what must be done to have said request approved.
  - 9. The computer program product of claim 7, wherein said output includes the specification of at least one additional action that must be taken.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Camenisch, Jan, Gilbert, Arthur M., McCullough, Michael Robert, Brown, Nigel Howard Julian, Adler, Steven B., Kesdogan, Dogan, Palmer, Charles Campbell, Schnyder, Michael, Karjoth, Guenter, Bangerter, Endre Felix, Nelson, Adam Charles, Presler-Marshall, Martin Joseph Clayton, Waidner, Michael, Herreweghen, Elsie Van
Primary Examiner(s)
Morse, Gregory
Assistant Examiner(s)
Ho, Thomas

Application Number

US09/884,153
Publication Number

US 20030014654A1
Time in Patent Office

1,834 Days
Field of Search

709/225, 719/315, 719/316, 717/108, 713/1, 726/1
US Class Current

713/1
CPC Class Codes

G06F 21/6245 Protecting personal data, e...

G06F 21/6254 by anonymising data, e.g. d...

Using a rules model to improve handling of personally identifiable information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

329 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Using a rules model to improve handling of personally identifiable information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

329 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links