Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
First Claim
Patent Images
1. A computer-implemented data processing method for identifying and automatically determining a response to one or more potential risk triggers based on a data model, the method comprising:
- identifying, by one or more processors, one or more potential risk triggers for an entity;
assessing and analyzing, by one or more processors, the one or more potential risk triggers to determine a relevance of a risk posed to the entity by the one or more potential risk triggers, wherein determining the relevance of the risk comprises;
identifying one or more particular previous risk triggers experienced by the entity; and
identifying one or more particular similar risk triggers from the one or more particular previous risk triggers, the one or more particular similar risk triggers being similar to the one or more potential risk triggers; and
determining the relevance of the risk posed by the one or more potential risk triggers based at least in part on a previously determined relevance of the one or more particular similar risk triggers;
identifying, by one or more processors using one or more data modeling techniques, one or more data assets associated with the entity that may be affected by the one or more potential risk triggers, wherein identifying the one or more data assets that may be affected by the one or more potential risk triggers comprises;
scanning a respective digital inventory for each of the one or more data assets, each respective digital inventory comprising one or more inventory attributes, andanalyzing each respective digital inventory to determine one or more inventory attributes that may be affected by the one or more potential risk triggers;
determining, by one or more processors, based at least in part on the one or more identified data assets and the relevance of the risk posed to the entity by the one or more potential risk triggers, whether to take one or more actions in response to the one or more potential risk triggers; and
in response to determining to take the one or more actions;
determining, by one or more processors, the one or more actions based at least in part on one or more previously determined actions taken in response to the one or more similar risk triggers; and
taking, by one or more processors, the one or more actions, wherein the one or more actions comprise one or more actions selected from the group consisting of;
modifying, by one or more processors, at least one piece of data stored by the one or more data assets; and
quarantining, by one or more processors, the at least one piece of data stored by the one or more data assets.
2 Assignments
0 Petitions
Accused Products
Abstract
In various embodiments, a system may be configured to substantially automatically determine whether to take one or more actions in response to one or more identified risk triggers (e.g., data breaches, regulation change, etc.). The system may, for example: (1) compare the potential risk trigger to one or more previous risks triggers experienced by the particular entity at a previous time; (2) identify a similar previous risk trigger (e.g., one or more previous risk triggers related to a similar change in regulation, breach of data, type of issue identified, etc.); (3) determine the relevance of the current risk trigger based at least in part on a determined relevance of the previous risk trigger; and (4) determine whether to take one or more actions to the current risk trigger based at least in part on one or more determined actions to take in response to the previous, similar risk trigger.
674 Citations
18 Claims
-
1. A computer-implemented data processing method for identifying and automatically determining a response to one or more potential risk triggers based on a data model, the method comprising:
-
identifying, by one or more processors, one or more potential risk triggers for an entity; assessing and analyzing, by one or more processors, the one or more potential risk triggers to determine a relevance of a risk posed to the entity by the one or more potential risk triggers, wherein determining the relevance of the risk comprises; identifying one or more particular previous risk triggers experienced by the entity; and identifying one or more particular similar risk triggers from the one or more particular previous risk triggers, the one or more particular similar risk triggers being similar to the one or more potential risk triggers; and determining the relevance of the risk posed by the one or more potential risk triggers based at least in part on a previously determined relevance of the one or more particular similar risk triggers; identifying, by one or more processors using one or more data modeling techniques, one or more data assets associated with the entity that may be affected by the one or more potential risk triggers, wherein identifying the one or more data assets that may be affected by the one or more potential risk triggers comprises; scanning a respective digital inventory for each of the one or more data assets, each respective digital inventory comprising one or more inventory attributes, and analyzing each respective digital inventory to determine one or more inventory attributes that may be affected by the one or more potential risk triggers; determining, by one or more processors, based at least in part on the one or more identified data assets and the relevance of the risk posed to the entity by the one or more potential risk triggers, whether to take one or more actions in response to the one or more potential risk triggers; and in response to determining to take the one or more actions; determining, by one or more processors, the one or more actions based at least in part on one or more previously determined actions taken in response to the one or more similar risk triggers; and taking, by one or more processors, the one or more actions, wherein the one or more actions comprise one or more actions selected from the group consisting of; modifying, by one or more processors, at least one piece of data stored by the one or more data assets; and quarantining, by one or more processors, the at least one piece of data stored by the one or more data assets. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented data processing method for identifying and automatically determining a response to one or more potential risk triggers based on a data model, the method comprising:
-
identifying, by one or more processors, one or more potential risk triggers for an entity; assessing and analyzing, by one or more processors, the one or more potential risk triggers to determine a relevance of a risk posed to the entity by the one or more potential risk triggers, wherein determining the relevance of the risk comprises; identifying one or more similarly situated entitles to the entity; receiving risk remediation data for the one or more similarly situated entities, the risk remediation data comprising one or more previous risk triggers experienced by the one or more similarly situated entities and a relevance of each of the one or more previous risk triggers determined by the one or more similarly situated entities; identifying one or more similar risk triggers from one or more previous risk triggers experienced by the one or more similarly situated entities, the one or more similar risk triggers being similar to the one or more potential risk triggers; and determining the relevance of the risk posed by the one or more potential risk triggers based at least in part on the risk remediation data; identifying, by one or more processors using one or more data modeling techniques, one or more data assets associated with the entity that may be affected by the one or more potential risk triggers, wherein identifying the one or more data assets that may be affected by the one or more potential risk triggers comprises; scanning a respective digital inventory for each of the one or more data assets, each respective digital inventory comprising one or more inventory attributes, and analyzing each respective digital inventory to determine one or more inventory attributes that may be affected by the one or more potential risk triggers; determining, by one or more processors, based at least in part on the one or more identified data assets and the relevance of the risk posed to the entity by the one or more potential risk triggers, whether to take one or more actions in response to the one or more potential risk triggers; and in response to determining to take the one or more actions; determining, by one or more processors, the one or more actions based at least in part on the risk remediation data; and taking, by one or more processors, the one or more actions, wherein the one or more actions comprise one or more actions selected from the group consisting of; modifying, by one or more processors, at least one piece of data stored by the one or more data assets; and quarantining, by one or more processors, the at least one piece of data stored by the one or more data assets. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeOneTrust LLC
-
Original AssigneeOneTrust LLC
-
InventorsBarday, Kabir A., Karanjkar, Mihir S., Finch, Steven W., Browne, Ken A., Heard, Nathan W., Patel, Aakash H., Sabourin, Jason L., Daniel, Richard L., Patton-Kuhl, Dylan D., Jones, Kevin, Brannon, Jonathan Blake
-
Primary Examiner(s)Alata, Ayoub
-
Application NumberUS16/403,358Publication NumberTime in Patent Office228 DaysField of SearchUS Class CurrentCPC Class CodesG06F 15/76 Architectures of general pu...G06F 16/95 Retrieval from the webG06F 21/552 involving long-term monitor...G06F 21/577 Assessing vulnerabilities a...G06F 21/6245 Protecting personal data, e...G06Q 10/0635 Risk analysis of enterprise...G06Q 10/067 Enterprise or organisation ...
