System and methods for facilitating privacy enforcement

US 8,607,308 B1
Filed: 08/07/2006
Issued: 12/10/2013
Est. Priority Date: 08/07/2006
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of facilitating privacy enforcement, the computer-implemented method comprising:

receiving, from an associate of an enterprise, input related to use of stored customer information;

accessing at least one of a plurality of subsystems including data related to customers;

accessing at least one of a plurality of subsystems including data related to associates;

determining, based on the data related to associates, an attribute of the associate;

comparing the data related to customers with the attribute of the associate, wherein the comparison determines the stored customer information that the associate is able to access;

determining which of a plurality of subsystems to access based on comparing of data related to customers and the attribute of the associate;

wherein the plurality of subsystems comprises a governed data label subsystem storing metadata describing how, when and by whom government data stored in one or more external environments is collected, describing how, when and by whom policy data stored in at least one of the plurality of subsystems is collected, the government data comprising data related to government laws or government regulations, the metadata also describing how government data is formatted in the one or more external environments and how policy data is formatted in at least one of the plurality of subsystems;

accessing at least one of the plurality of subsystems to retrieve policy data and at least one of the external environments to retrieve government data based at least in part on the metadata;

maintaining, using the governed data label subsystem, a table of changes comprising a plurality of changes to enterprise policies, government laws and government regulations, the maintaining comprising escalating one or more of the changes in the table of changes for review in response to one or more requests received from associates of the enterprise;

updating the policy data, using the governed data label subsystem, in response to escalating the one or more changes;

filtering, using a processor, at least some of the stored customer information that the associate is able to access, wherein filtering comprises;

characterizing the data related to the associates and the data related to the customers in order to determine which from a plurality of restriction levels is applicable to the data related to the associates, resulting in a first restriction level, and which from a plurality of restriction levels is applicable to the data related to the customers, resulting in a second restriction level;

computing a third restriction level based on a Cartesian product mapping of the first restriction level and the second restriction level, andfiltering, based at least in part on the comparison of the data related to the customer with the third restriction level, the updated policy data and the government data; and

presenting the filtered stored customer information to the associate.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and methods for facilitating privacy enforcement are described. Embodiments of the present invention can deliver automated compliance and/or enforcement for certain consumer privacy laws and privacy-related policies to employees and contractors of an enterprise. When input related to the use of stored customer information is received, data subsystems can be accessed by a privacy engine, which then provides decisioning to produce an enforcement action. Examples of enforcement actions can include denying access to customer information, or granting such access but filtering the information. Enforcement actions can also include updating stored tables or other data structures to maintain an appropriate privacy enforcement posture when new information is added to systems or existing information is changed.

27 Citations

View as Search Results

21 Claims

1. A computer-implemented method of facilitating privacy enforcement, the computer-implemented method comprising:
- receiving, from an associate of an enterprise, input related to use of stored customer information;
  
  accessing at least one of a plurality of subsystems including data related to customers;
  
  accessing at least one of a plurality of subsystems including data related to associates;
  
  determining, based on the data related to associates, an attribute of the associate;
  
  comparing the data related to customers with the attribute of the associate, wherein the comparison determines the stored customer information that the associate is able to access;
  
  determining which of a plurality of subsystems to access based on comparing of data related to customers and the attribute of the associate;
  
  wherein the plurality of subsystems comprises a governed data label subsystem storing metadata describing how, when and by whom government data stored in one or more external environments is collected, describing how, when and by whom policy data stored in at least one of the plurality of subsystems is collected, the government data comprising data related to government laws or government regulations, the metadata also describing how government data is formatted in the one or more external environments and how policy data is formatted in at least one of the plurality of subsystems;
  
  accessing at least one of the plurality of subsystems to retrieve policy data and at least one of the external environments to retrieve government data based at least in part on the metadata;
  
  maintaining, using the governed data label subsystem, a table of changes comprising a plurality of changes to enterprise policies, government laws and government regulations, the maintaining comprising escalating one or more of the changes in the table of changes for review in response to one or more requests received from associates of the enterprise;
  
  updating the policy data, using the governed data label subsystem, in response to escalating the one or more changes;
  
  filtering, using a processor, at least some of the stored customer information that the associate is able to access, wherein filtering comprises;
  
  characterizing the data related to the associates and the data related to the customers in order to determine which from a plurality of restriction levels is applicable to the data related to the associates, resulting in a first restriction level, and which from a plurality of restriction levels is applicable to the data related to the customers, resulting in a second restriction level;
  
  computing a third restriction level based on a Cartesian product mapping of the first restriction level and the second restriction level, andfiltering, based at least in part on the comparison of the data related to the customer with the third restriction level, the updated policy data and the government data; and
  
  presenting the filtered stored customer information to the associate.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer-implemented method of claim 1 wherein:
    - the input comprises a query from the associate; and
      
      the filtering comprises filtering a response to the query.
  - 3. The computer-implemented method of claim 1 wherein the input comprises new enforcement data.
  - 4. The computer-implemented method of claim 1 wherein the input comprises subsystem change information.
  - 5. The computer-implemented method of claim 1 wherein:
    - the input comprises a query from the associate; and
      
      the filtering comprises selectively displaying data to the associate based on at least one of a customer affiliation and a privacy flag.
  - 6. The computer-implemented method of claim 4 wherein the subsystem change information further comprises information related to at least one of governed data labels, business purpose, an account, a household and an affiliate.

7. A privacy enforcement system comprising:
- a privacy engine comprising a processor that executes computer readable instructions stored on a non-transitory computer readable medium to;
  
  receive, from an associate, input related to use of stored customer information, wherein the stored customer information is associated with a customer;
  
  communicate with a source data subsystem to receive data related to the customer;
  
  communicate with a source data subsystem to receive data related to the associate;
  
  compare the data related to the customer with the data related to the associate, wherein the comparison determines the stored customer information that the associate is able to access;
  
  determine which of a plurality of subsystems to access based on comparing of data related to the customer and the data related to the associate;
  
  wherein the plurality of subsystems comprises a governed data label subsystem storing metadata describing how, when and by whom government data stored in one or more external environments is collected, describing how, when and by whom policy data stored in at least one of the plurality of subsystems is collected, the government data comprising data related to government laws or government regulations, the metadata also describing how government data is formatted in the one or more external environments and how policy data is formatted in at least one of the plurality of subsystems; and
  
  access at least one of the plurality of subsystems to retrieve policy data and at least one of the external environments to retrieve government data based at least in part on the metadata; and
  
  a source data subsystem comprising a processor to;
  
  maintain a table of changes comprising a plurality of changes to enterprise policies, government laws and government regulations, the maintaining comprising escalating one or more of the changes in the table of changes for review in response to one or more requests received from associates of the enterprise;
  
  update the policy data, in response to escalating the one or more changes; and
  
  wherein the privacy engine is further to;
  
  filter at least some of the stored customer information that the associate is able to access, wherein filtering comprises;
  
  characterizing the data related to the associates and the data related to the customers in order to determine which from a plurality of restriction levels is applicable to the data related to the associates, resulting in a first restriction level, and which from a plurality of restriction levels is applicable to the data related to the customers, resulting in a second restriction level;
  
  computing a third restriction level based on a Cartesian product mapping of the first restriction level and the second restriction level, andfiltering, based at least in part on the comparison of the data related to the customer with the third restriction level, the updated policy data and the government data; and
  
  present the filtered stored customer information to the associate.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 8. The privacy enforcement system of claim 7 further comprising a customer preferences database operatively connected to the processor of the privacy engine.
  - 9. The privacy enforcement system of claim 7 further comprising:
    - an online enforcement subsystem; and
      
      a batch enforcement subsystem.
  - 10. The privacy enforcement system of claim 7 further comprising:
    - an associate affiliate subsystem;
      
      a metadata subsystem;
      
      an account/customer/household affiliate subsystem; and
      
      an associate business purpose subsystem.
  - 11. The privacy enforcement system of claim 8 further comprising:
    - an online enforcement subsystem; and
      
      a batch enforcement subsystem.
  - 12. The privacy enforcement system of claim 8 further comprising:
    - an associate affiliate subsystem;
      
      a metadata subsystem;
      
      an account/customer/household affiliate subsystem; and
      
      an associate business purpose subsystem.
  - 13. The privacy enforcement system of claim 7 wherein the privacy engine is disposed in a middleware layer.
  - 14. The privacy enforcement system of claim 8 wherein the privacy engine is disposed in a middleware layer.
  - 15. The privacy enforcement system of claim 9 wherein the privacy engine is disposed in a middleware layer.
  - 16. The privacy enforcement system of claim 11 wherein the privacy engine is disposed in a middleware layer.

17. A computer program product, the computer program product comprising at least one non-transitory computer-readable medium having computer-readable program code embodied therein, the computer-readable program code comprising:
- an executable code configured for receiving, from an associate of an enterprise, input related to use of stored customer information;
  
  an executable code configured for accessing at least one of a plurality of subsystems including data related to customers;
  
  an executable code configured for accessing at least one of a plurality of subsystems including data related to associates;
  
  an executable code configured for determining, based on the data related to associates, an attribute of the associate;
  
  an executable code configured for comparing the data related to customers with the attribute of the associate, wherein the comparison determines the stored customer information that the associate is able to access;
  
  an executable code configured for determining which of a plurality of subsystems to access based on comparing of data related to customers and the attribute of the associate, wherein the plurality of subsystems comprises a governed data label subsystem storing metadata describing how, when and by whom government data stored in one or more external environments is collected, describing how, when and by whom policy data stored in at least one of the plurality of subsystems is collected, the government data comprising data related to government laws or government regulations, the metadata also describing how government data is formatted in the one or more external environments and how policy data is formatted in at least one of the plurality of subsystems;
  
  an executable code configured for accessing at least one of a plurality of subsystems to retrieve policy data and at least one of the external environments to retrieve government data based at least in part on the metadata;
  
  an executed code configured for maintaining, using the governed data label subsystem, a table of changes comprising a plurality of changes to enterprise policies, government laws and government regulations, the maintaining comprising escalating one or more of the changes in the table of changes for review in response to one or more requests received from associates of the enterprise;
  
  an executable code configured for updating the policy data, using the governed data label subsystem, in response to escalating the one or more changes;
  
  an executable code configured for filtering, using a processor, at least some of the stored customer information that the associate is able to access, wherein filtering comprises;
  
  characterizing the data related to the associates and the data related to the customers in order to determine which from a plurality of restriction levels is applicable to the data related to the associates, resulting in a first restriction level, and which from a plurality of restriction levels is applicable to the data related to the customers, resulting in a second restriction level;
  
  computing a third restriction level based on a Cartesian product mapping of the first restriction level and the second restriction level, andfiltering, based at least in part on the comparison of the data related to the customer with the third restriction level, the updated policy data and the government data; and
  
  an executable code configured for presenting the filtered stored customer information to the associate.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The computer program product of claim 17 wherein:
    - the input comprises a query from the associate; and
      
      the filtering comprises filtering a response to the query.
  - 19. The computer program product of claim 17 wherein the input comprises new enforcement data.
  - 20. The computer program product of claim 17 wherein the input comprises subsystem change information.
  - 21. The computer program product of claim 17 wherein:
    - the input comprises a query from the associate; and
      
      the filtering comprises selectively displaying data to the associate based on at least one of a customer affiliation and a privacy flag.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Galloway, Michael P., Langford, Mark W., Krell, James M., Misenheimer, Laura P., Stump, Brian L.
Primary Examiner(s)
SHAW, YIN CHEN

Application Number

US11/462,798
Time in Patent Office

2,682 Days
Field of Search

726 1- 4, 707/754, 707/783, 705/1.1, 705/2
US Class Current

726/2
CPC Class Codes

G06F 21/6218 to a system of files or obj...

G06Q 40/00 Finance; Insurance; Tax str...

System and methods for facilitating privacy enforcement

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

27 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

System and methods for facilitating privacy enforcement

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others