Data processing systems for processing data subject access requests
First Claim
1. A data subject access request processing system comprising:
- one or more data subject access request management servers;
a plurality of local storage nodes, each of the plurality of local storage nodes being physically located in a distinct geographic location;
one or more processors; and
memory, wherein the one or more processors are configured for;
receiving, from a remote computing device, at the one or more data subject access request management servers, a data subject access request for a data subject, the request comprising one or more request parameters;
identifying, based at least in part on the data subject access request, a particular local storage node of the plurality of local storage nodes;
routing the data subject access request from the one or more data subject access request management servers to the particular local storage node;
processing the request at the particular local storage node by identifying one or more pieces of personal data associated with the data subject, the one or more pieces of personal data being stored in one or more data repositories associated with a particular organization; and
taking one or more actions based at least in part on the data subject access request, the one or more actions including one or more actions related to the one or more pieces of personal data;
wherein taking the one or more actions comprises executing one or more steps related to the one or more actions at the particular local storage node.
2 Assignments
0 Petitions
Accused Products
Abstract
In particular embodiments, a data subject request processing system may be configured to utilize one or more local storage nodes in order to process a data subject access request on behalf of a data subject. In particular embodiments, the one or more local storage nodes may be local to the data subject making the request (e.g., in the same country as the data subject, in the same jurisdiction, in the same geographic area, etc.). The system may, for example, be configured to: (1) receive a data subject access request from a data subject (e.g., via a web form); (2) identify a suitable local storage node based at least in part on the request and/or the data subject; (3) route the data subject access request to the identified local storage node; and (4) process the data subject access request at the identified local storage node.
513 Citations
19 Claims
-
1. A data subject access request processing system comprising:
-
one or more data subject access request management servers; a plurality of local storage nodes, each of the plurality of local storage nodes being physically located in a distinct geographic location; one or more processors; and memory, wherein the one or more processors are configured for; receiving, from a remote computing device, at the one or more data subject access request management servers, a data subject access request for a data subject, the request comprising one or more request parameters; identifying, based at least in part on the data subject access request, a particular local storage node of the plurality of local storage nodes; routing the data subject access request from the one or more data subject access request management servers to the particular local storage node; processing the request at the particular local storage node by identifying one or more pieces of personal data associated with the data subject, the one or more pieces of personal data being stored in one or more data repositories associated with a particular organization; and taking one or more actions based at least in part on the data subject access request, the one or more actions including one or more actions related to the one or more pieces of personal data; wherein taking the one or more actions comprises executing one or more steps related to the one or more actions at the particular local storage node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented data processing method for processing a data subject within a data system in order to fulfill a data subject access request, the method comprising:
-
receiving, by one or more processors, from a data subject, a data subject access request; identifying, based at least in part on the data subject access request, a particular local storage node of a plurality of local storage nodes; routing the data subject access request to the particular local storage node; processing the data subject access request at the local storage node by identifying the one or more pieces of personal data associated with the data subject, wherein identifying the one or more pieces of personal data associated with the data subject comprises scanning one or more data inventories stored within a data system for the one or more pieces of personal data; in response to identifying the one or more pieces of personal data, at least temporarily storing the one or more pieces of personal data at the local storage node; and executing one or more steps related to providing access, to the data subject, to the one or more pieces of data at the local storage node. - View Dependent Claims (10, 11, 12)
-
-
13. A computer-implemented data processing method for identifying one or more pieces of personal data associated with a data subject within a data system in order to fulfill a data subject access request, the method comprising:
-
receiving, by one or more processors, from a data subject, a data subject access request; determining, by one or more processors, based on the data subject access request, a location of the request; routing, by one or more processors, the data subject access request to one or more local storage nodes based at least in part on the location of the request; and processing, by one or more processors at the one or more local storage nodes, the data subject access request by identifying the one or more pieces of personal data associated with the data subject, wherein; identifying the one or more pieces of personal data associated with the data subject comprises accessing one or more data models defining a location of one or more data inventories stored within the data system for the one or more pieces of personal data; and in response to identifying the one or more pieces of personal data, taking one or more actions selected from the group consisting of; deleting the one or more pieces of personal data from the data system; modifying at least one of the one or more pieces of personal data and storing the modified at least one of the one or more pieces of personal data in the data system; and generating a report comprising the one or more pieces of personal data and providing the report to the data subject, wherein taking the one or more actions comprises executing one or more steps related to the one or more actions at the one or more local storage nodes. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification