Privacy management systems and methods
First Claim
Patent Images
1. A computer-implemented data processing method for prioritizing data breach response activities, the method comprising:
- generating, by one or more computer processors, a data breach information interface soliciting a first affected jurisdiction, a second affected jurisdiction, and data breach information;
presenting, by the one or more computer processors, the data breach information interface to a user;
receiving, by the one or more computer processors from the user via the data breach information interface, an indication of the first affected jurisdiction, an indication of the second affected jurisdiction, and the data breach information;
determining, by the one or more computer processors based on the first affected jurisdiction and the data breach information, a first reporting failure penalty for the first affected jurisdiction;
determining, by the one or more computer processors based on the first affected jurisdiction and the data breach information, a first reporting deadline for the first affected jurisdiction;
determining, by the one or more computer processors based on the first reporting failure penalty and the first reporting deadline, a first reporting score for the first affected jurisdiction;
determining, by the one or more computer processors based on the second affected jurisdiction and the data breach information, a second reporting failure penalty for the second affected jurisdiction;
determining, by the one or more computer processors based on the second affected jurisdiction and the data breach information, a second reporting deadline for the second affected jurisdiction;
determining, by the one or more computer processors based on the second reporting failure penalty and the second reporting deadline, a second reporting score for the second affected jurisdiction;
determining, by the one or more computer processors, that the first reporting score is greater than the second reporting score;
generating, by the one or more computer processors, a data breach response interface comprising a checklist, the checklist comprising a first checklist item associated with the first affected jurisdiction and a second checklist item associated with the second affected jurisdiction, wherein, based on determining that the first reporting score is greater than the second reporting score, the first checklist item is presented earlier in the checklist than the second checklist item;
presenting, by the one or more computer processors to the user, the data breach response interface;
detecting, by the one or more computer processors, an activation by the user of the first checklist item; and
storing, in a memory by the one or more computer processors, an indication of completion of the first checklist item.
3 Assignments
0 Petitions
Accused Products
Abstract
Data processing systems and methods, according to various embodiments, are adapted for mapping various questions regarding a data breach from a master questionnaire to a plurality of territory-specific data breach disclosure questionnaires. The answers to the questions in the master questionnaire are used to populate the territory-specific data breach disclosure questionnaires and determine whether disclosure is required in territory. The system can automatically notify the appropriate regulatory bodies for each territory where it is determined that data breach disclosure is required.
1102 Citations
20 Claims
-
1. A computer-implemented data processing method for prioritizing data breach response activities, the method comprising:
-
generating, by one or more computer processors, a data breach information interface soliciting a first affected jurisdiction, a second affected jurisdiction, and data breach information; presenting, by the one or more computer processors, the data breach information interface to a user; receiving, by the one or more computer processors from the user via the data breach information interface, an indication of the first affected jurisdiction, an indication of the second affected jurisdiction, and the data breach information; determining, by the one or more computer processors based on the first affected jurisdiction and the data breach information, a first reporting failure penalty for the first affected jurisdiction; determining, by the one or more computer processors based on the first affected jurisdiction and the data breach information, a first reporting deadline for the first affected jurisdiction; determining, by the one or more computer processors based on the first reporting failure penalty and the first reporting deadline, a first reporting score for the first affected jurisdiction; determining, by the one or more computer processors based on the second affected jurisdiction and the data breach information, a second reporting failure penalty for the second affected jurisdiction; determining, by the one or more computer processors based on the second affected jurisdiction and the data breach information, a second reporting deadline for the second affected jurisdiction; determining, by the one or more computer processors based on the second reporting failure penalty and the second reporting deadline, a second reporting score for the second affected jurisdiction; determining, by the one or more computer processors, that the first reporting score is greater than the second reporting score; generating, by the one or more computer processors, a data breach response interface comprising a checklist, the checklist comprising a first checklist item associated with the first affected jurisdiction and a second checklist item associated with the second affected jurisdiction, wherein, based on determining that the first reporting score is greater than the second reporting score, the first checklist item is presented earlier in the checklist than the second checklist item; presenting, by the one or more computer processors to the user, the data breach response interface; detecting, by the one or more computer processors, an activation by the user of the first checklist item; and storing, in a memory by the one or more computer processors, an indication of completion of the first checklist item. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented data processing method for prioritizing data breach response activities, the method comprising:
-
generating, by one or more computer processors, a data breach information interface soliciting a first affected jurisdiction, a second affected jurisdiction, and data breach information; presenting, by the one or more computer processors, the data breach information interface to a user; receiving, by the one or more computer processors from the user via the data breach information interface, an indication of the first affected jurisdiction, an indication of the second affected jurisdiction, and the data breach information; determining, by the one or more computer processors based on the first affected jurisdiction and the data breach information, first reporting requirements for the first affected jurisdiction; determining, by the one or more computer processors based on the first affected jurisdiction and the data breach information, first enforcement characteristics for the first affected jurisdiction; determining, by the one or more computer processors based on the first reporting requirements and the first enforcement characteristics, a first reporting score for the first affected jurisdiction; determining, by the one or more computer processors based on the second affected jurisdiction and the data breach information, second reporting requirements for the second affected jurisdiction; determining, by the one or more computer processors based on the second affected jurisdiction and the data breach information, second enforcement characteristics for the second affected jurisdiction; determining, by the one or more computer processors based on the second reporting requirements and the second enforcement characteristics, a second reporting score for the second affected jurisdiction; assigning, by the one or more computer processors based on the first reporting score, a first visual indicator to the first affected jurisdiction; assigning, by the one or more computer processors based on the second reporting score, a second visual indicator to the second affected jurisdiction; generating, by the one or more computer processors, a data breach response map, the data breach response map comprising the first visual indicator and the second visual indicator; presenting, by the one or more computer processors to the user, the data breach response map; detecting, by the one or more computer processors via the data breach response map, a selection by the user of the first visual indicator; responsive to detecting the selection of the first visual indicator, generating, by the one or more computer processors, a first graphical listing of the first reporting requirements; and presenting, by the one or more computer processors to the user, the first graphical listing of the first reporting requirements. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A data breach response prioritization system comprising:
-
one or more processors; and computer memory, wherein the data breach response prioritization system is configured for; generating a data breach information interface soliciting a first affected jurisdiction, a second affected jurisdiction, and data breach information; presenting the data breach information interface to a user; receiving, from the user via the data breach information interface, an indication of the first affected jurisdiction, an indication of the second affected jurisdiction, and the data breach information; determining, based on the first affected jurisdiction and the data breach information, a first plurality of data breach response requirements for the first affected jurisdiction, a first reporting deadline for the first affected jurisdiction, and a first reporting failure penalty for the first affected jurisdiction; determining, based on the second affected jurisdiction and the data breach information, a second plurality of data breach response requirements for the second affected jurisdiction, a second reporting deadline for the second affected jurisdiction, and a second reporting failure penalty for the second affected jurisdiction; determining a first reporting score for the first affected jurisdiction based on the first plurality of data breach response requirements, the first reporting deadline, and the first reporting failure penalty; determining a second reporting score for the second affected jurisdiction based on the second plurality of data breach response requirements, the second reporting deadline, and the second reporting failure penalty; assigning a first color to the first affected jurisdiction based on the first reporting score; assigning a second color to the second affected jurisdiction based on the second reporting score; generating a data breach response map comprising a first visual representation of the first affected jurisdiction in the first color and a second visual representation of the second affected jurisdiction in the second color; presenting the data breach response map to the user; detecting a selection of the first visual representation of the first affected jurisdiction by the user; responsive to detecting the selection of the first visual representation of the first affected jurisdiction, generating a first graphical listing of the first plurality of data breach response requirements; and presenting the first graphical listing of the first plurality of data breach response requirements to the user. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification