Distributed customer data management network handling personally identifiable information

US 9,288,184 B1
Filed: 05/09/2014
Issued: 03/15/2016
Est. Priority Date: 05/16/2013
Status: Active Grant

First Claim

Patent Images

1. A system for distributing personally identifiable information comprising:

a regional server located in a first jurisdiction comprising;

a first set of jurisdictional rules that define personally identifiable information for the first jurisdiction;

a first computer application that inputs data, that applies the first set of jurisdictional rules to the data and that outputs a first data set that is personally identifiable information and a second data set that is not personally identifiable information;

a first data repository in communication with the first computer application that stores data that have been input but that have not had the first set of jurisdictional rules applied;

a second data repository in communication with the first computer application that stores the first data set;

a first set of masking rules for masking the first data set; and

a second computer application in communication with the first computer application that interprets and applies the first set of masking rules to obfuscate the first data set;

a recipient computer located in a second jurisdiction that inputs data conforming to a second set of jurisdictional rules that define personally identifiable information for the second jurisdiction; and

a central computer in communication with the regional server and the recipient computer comprising;

a plurality of operational tools that use a ticket pattern to allow actions in the system including authentication, authorization, acceptance of terms and conditions, requirements and opt-in acceptance;

a rules interpreter that inputs the first data set, that applies the second set of jurisdictional rules to the first data set and that outputs a third data set of personally identifiable information conforming to the second set of jurisdictional rules;

a second set of masking rules for masking the third data set;

a third computer application in communication with the rules interpreter that applies the second set of masking rules to obfuscate the third data set; and

a fourth computer application that receives the first data set from the regional server and routes it to the rules interpreter and that receives the third data set from the third computer application and routes the third data set to the recipient computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for handling Personally Identifiable Information (PII) in a globally compliant manner, across and within governmental or defined synthetic jurisdictions without violating the privacy laws or rules of the involved jurisdictions. Disclosed systems for distributing PII include a regional server in a first jurisdiction with a first set of jurisdictional rules, a central computer and a recipient computer. The recipient computer is located in a second jurisdiction and inputs data conforming to a second set of jurisdictional rules. The central computer communicates with both the regional server and the recipient computer. The central computer masks data coming from the first jurisdiction and from the second jurisdiction so that the data complies with the rules of the destination jurisdiction.

70 Citations

View as Search Results

20 Claims

1. A system for distributing personally identifiable information comprising:
- a regional server located in a first jurisdiction comprising;
  
  a first set of jurisdictional rules that define personally identifiable information for the first jurisdiction;
  
  a first computer application that inputs data, that applies the first set of jurisdictional rules to the data and that outputs a first data set that is personally identifiable information and a second data set that is not personally identifiable information;
  
  a first data repository in communication with the first computer application that stores data that have been input but that have not had the first set of jurisdictional rules applied;
  
  a second data repository in communication with the first computer application that stores the first data set;
  
  a first set of masking rules for masking the first data set; and
  
  a second computer application in communication with the first computer application that interprets and applies the first set of masking rules to obfuscate the first data set;
  
  a recipient computer located in a second jurisdiction that inputs data conforming to a second set of jurisdictional rules that define personally identifiable information for the second jurisdiction; and
  
  a central computer in communication with the regional server and the recipient computer comprising;
  
  a plurality of operational tools that use a ticket pattern to allow actions in the system including authentication, authorization, acceptance of terms and conditions, requirements and opt-in acceptance;
  
  a rules interpreter that inputs the first data set, that applies the second set of jurisdictional rules to the first data set and that outputs a third data set of personally identifiable information conforming to the second set of jurisdictional rules;
  
  a second set of masking rules for masking the third data set;
  
  a third computer application in communication with the rules interpreter that applies the second set of masking rules to obfuscate the third data set; and
  
  a fourth computer application that receives the first data set from the regional server and routes it to the rules interpreter and that receives the third data set from the third computer application and routes the third data set to the recipient computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system recited in claim 1 further comprising a user interface in the regional server in communication with the first computer application for user data input and data editing.
  - 3. The system recited in claim 1 further comprising an email facility in the regional server in communication with the first computer application wherein all email communication is within the first jurisdiction.
  - 4. The system recited in claim 1 further comprising a firewall in the regional server to control all incoming and outgoing data.
  - 5. The system recited in claim 1 further comprising a web service engine and web application hosting in the regional server.
  - 6. The system recited in claim 1 further comprising a plurality of regional servers with each regional server located in one of a plurality of different jurisdictions and with each regional server in communication with the central computer and having a set of jurisdictional rules associated with the regional server located in said one of the plurality of different jurisdictions and a set of masking rules associated with the regional server located in said one of the plurality of different jurisdictions.
  - 7. The system recited in claim 1 further comprising:
    - a third-party cloud based customer relationship management software customer experience suite located in the second jurisdiction; and
      
      a fifth computer application in the central computer in communication with the rules interpreter and the third-party cloud based customer relationship management software customer experience suite that applies the second set of masking rules to obfuscate the third data set.
  - 8. The system recited in claim 1 wherein the recipient computer further comprises:
    - a customer management system user interface;
      
      a set of computer applications related to one or more the services provided to the regional server by the recipient computer; and
      
      a logical abstraction point between the set of computer applications and the central computer.
  - 9. The system recited in claim 1 wherein each of the first jurisdiction and the second jurisdiction are one of a governmental jurisdiction and a synthetic jurisdiction.
  - 10. The system recited in claim 1 further comprising treatment rules for the treatment of personally identifiable information attribute values that control an allowable use of data defined by the treatment rules and how data should be masked during one or more time periods defined by the treatment rules when approvals and other actions must occur.
  - 11. The system recited in claim 1 further comprising administrative rules for supporting creation, specification and management of personally identifiable information attributes with attribute values supporting creation, retrieval, updating, deletion and movement of jurisdictions.

12. A network for managing personally identifiable information exchanged between computer systems in jurisdictions having different rules regarding handling personally identifiable information comprising:
- a plurality of regional servers residing in a plurality of respective jurisdictions with each regional server comprising;
  
  a first set of jurisdictional rules that define personally identifiable information for the respective jurisdiction;
  
  a first computer application that inputs data, that applies the first set of jurisdictional rules to the data and that outputs a first data set that is personally identifiable information and a second data set that is not personally identifiable information;
  
  a first data repository in communication with the first computer application that stores data that have been input but that have not had the first set of jurisdictional rules applied;
  
  a second data repository in communication with the first computer application that stores the first data set;
  
  a first set of masking rules for masking the first data set; and
  
  a second computer application in communication with the first computer application that interprets and applies the first set of masking rules to obfuscate the first data set;
  
  a recipient computer located in one of the plurality of jurisdictions that inputs data conforming to the respective set of jurisdictional rules that define personally identifiable information for the respective jurisdiction; and
  
  a central computer in communication with the plurality of regional servers and the recipient computer comprising;
  
  a rules interpreter that inputs the first data set, that applies the set of jurisdictional rules for the recipient computer to the first data set and that outputs a third data set of personally identifiable information conforming to the set of jurisdictional rules for the recipient computer;
  
  a second set of masking rules for masking the third data set;
  
  a third computer application in communication with the rules interpreter that applies the second set of masking rules to obfuscate the third data set;
  
  a fourth computer application that receives the first data set from the regional server and routes it to the rules interpreter and that receives the third data set from the third computer application and routes the third data set to the recipient computer; and
  
  one or more administrative rules for supporting creation, specification and management of personally identifiable information attributes with attribute values.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The network recited in claim 12 further comprising:
    - a user interface in each regional server in communication with the first computer application for user data input and data editing;
      
      an email facility in each regional server in communication with the first computer application wherein all email communication is within a jurisdiction;
      
      a firewall in each regional server to control all incoming and outgoing data; and
      
      a web service engine and web application hosting in each regional server.
  - 14. The network recited in claim 12 further comprising:
    - a third-party cloud based customer relationship management software customer experience suite located in the jurisdiction with the recipient computer; and
      
      a fifth computer application in the central computer in communication with the rules interpreter and the third-party cloud based customer relationship management software customer experience suite that applies the set of masking rules used in the jurisdiction with the recipient computer to obfuscate the third data set.
  - 15. The network recited in claim 12 wherein the recipient computer further comprises:
    - a customer management system user interface;
      
      a set of computer applications related to one or more services provided to the regional servers by the recipient computer; and
      
      a logical abstraction point between the set of computer applications and the central computer.
  - 16. The network recited in claim 12 wherein each of the jurisdictions is one of a governmental jurisdiction and a synthetic jurisdiction.
  - 17. The system recited in claim 12 further comprising operational tools that use a ticket pattern to allow actions in the system including authentication, authorization, acceptance of terms and conditions, requirements and opt-in acceptance.

18. A method for distributing personally identifiable information comprising:
- providing a regional server located in a first jurisdiction comprising;
  
  defining personally identifiable information for the first jurisdiction with a first set of jurisdictional rules;
  
  executing a first computer application to input data, to apply the first set of jurisdictional rules to the data and to output a first data set that is personally identifiable information and a second data set that is not personally identifiable information;
  
  providing a first data repository in communication with the first computer application that stores data that have been input but that have not had the first set of jurisdictional rules applied;
  
  providing a second data repository in communication with the first computer application that stores the first data set;
  
  defining a first set of masking rules for masking the first data set; and
  
  executing a second computer application in communication with the first computer application that interprets and applies the first set of masking rules to obfuscate the first data set;
  
  providing a recipient computer located in a second jurisdiction that inputs data conforming to a second set of jurisdictional rules that define personally identifiable information for the second jurisdiction; and
  
  providing a central computer in communication with the regional server and the recipient computer comprising;
  
  executing a rules interpreter to input the first data set, to apply the second set of jurisdictional rules to the first data set and to outputs a third data set of personally identifiable information conforming to the second set of jurisdictional rules;
  
  defining a second set of masking rules for masking the third data set;
  
  executing a third computer application in communication with the rules interpreter that applies the second set of masking rules to obfuscate the third data set;
  
  executing a fourth computer application that receives the first data set from the regional server and routes it to the rules interpreter and that receives the third data set from the third computer application and routes the third data set to the recipient computer; and
  
  one or more treatment rules for the treatment of personally identifiable information attribute values that control an allowable use of data defined by the treatment rules and how data should be masked.
- View Dependent Claims (19, 20)
- - 19. The method recited in claim 18 further comprising:
    - providing a third-party cloud based customer relationship management software customer experience suite located in the jurisdiction with the recipient computer; and
      
      executing a fifth computer application in the central computer in communication with the rules interpreter and the third-party cloud based customer relationship management software customer experience suite.
  - 20. The system recited in claim 18 further comprising operational tools that use a ticket pattern to allow actions in the system including authentication, authorization, acceptance of terms and conditions, requirements and opt-in acceptance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wizards of The Coast LLC (Hasbro Inc.)
Original Assignee
Wizards of The Coast LLC (Hasbro Inc.)
Inventors
Blackwell, Simon, Kvamme, Paul M, Goolsbey, Arron, Mitchell, Nicholas
Primary Examiner(s)
Schwartz, Darren B

Application Number

US14/274,069
Time in Patent Office

676 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/14   against software analysis o...

G06Q 50/265   Personal security, identity...

H04L 63/02   for separating internal fro...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0407   wherein the identity of one...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 67/306   User profiles

Distributed customer data management network handling personally identifiable information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

70 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Distributed customer data management network handling personally identifiable information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others