SYSTEMS AND METHODS FOR DE-IDENTIFICATION OF PERSONAL DATA

US 20100042583A1
Filed: 08/13/2008
Published: 02/18/2010
Est. Priority Date: 08/13/2008
Status: Active Grant

First Claim

Patent Images

1. A data de-identification system, comprising:

an original data source;

a processor coupled to the original data source; and

a storage device in communication with said processor and storing instructions adapted to be executed by said processor to;

retrieve original data from the original data source;

automatically search the original data for potential personal information;

select an obfuscation method from a plurality of potential obfuscation methods; and

automatically replace the potential personal information in the original data with fictional data in accordance with the selected obfuscation method.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to some embodiments, original data is retrieved from an original data source. The original data may be automatically searched for potential personal information, such as a person'"'"'s name, address, or Social Security number. An obfuscation method may be selected from a plurality of potential obfuscation methods. The potential personal information in the original data may then be automatically replaced with fictional data in accordance with the selected obfuscation method.

133 Citations

24 Claims

1. A data de-identification system, comprising:
- an original data source;
  
  a processor coupled to the original data source; and
  
  a storage device in communication with said processor and storing instructions adapted to be executed by said processor to;
  
  retrieve original data from the original data source;
  
  automatically search the original data for potential personal information;
  
  select an obfuscation method from a plurality of potential obfuscation methods; and
  
  automatically replace the potential personal information in the original data with fictional data in accordance with the selected obfuscation method.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The data de-identification system of claim 1, wherein the potential personal information includes a first element of a first data type and a second element of a second data type, different than the first data type, and further wherein a first obfuscation method is automatically selected for the first element based on the first data type and a second obfuscation method, different than the first method, is automatically selected for the second element based on the second data type.
  - 3. The data de-identification system of claim 1, wherein the potential personal information includes at least one of:
    - (i) potential personally identifiable information, or (ii) potential personal health information.
  - 4. The data de-identification system of claim 1, wherein the potential personal information is associated with at least one of:
    - (i) a name, (ii) a Social Security number, (iii) an address, (iv) a date of birth or death, (v) a telephone number, (vi) medical information, (vii) a credit card number, (viii) financial account information, (ix) a policy number, (x) a drivers license number, (xi) a passport number, (xii) employment information, (xiii) a user name or password, (xiv) income information, (xv) credit information, (xvi) a mother'"'"'s maiden name, (xvii) a vehicle identifier, (xviii) a medical device identifier, (xix) criminal history information, (xx) an email address, (xxi) map information, or (xxii) survey information.
  - 5. The data de-identification system of claim 1, wherein said automatic searching is associated with at least one of:
    - (i) a character search at the beginning of a field, (ii) a character search within a field, (iii) a field length, (iv) a field pattern, (v) user mapping information received via a graphical user interface, or (vi) historical search results associated with other data sources.
  - 6. The data de-identification system of claim 1, wherein the original data is associated with a database and said automatic searching includes identifying elements based on at least one of:
    - (i) schema information, (ii) table information, or (iii) column information.
  - 7. The data de-identification system of claim 1, wherein the original data is associated with a data store and said automatic searching includes creating an inventory of elements by extracting information based on at least one of:
    - (i) metadata, or (ii) summary data of the data store.
  - 8. The data de-identification system of claim 1, wherein said automatic replacement comprises creating scripts to be used during a database refresh process.
  - 9. The data de-identification system of claim 1, wherein the plurality of potential obfuscation methods includes at least one of:
    - (i) random assignment, (ii) concatenation, (iii) truncation, (iv) uniform replacement, or (v) substitution of a value from a reference table.
  - 10. The data de-identification system of claim 1, wherein said instructions are further adapted to be executed by said processor to:
    - store information about the selected obfuscation methods and automatic replacement in connection with the original data;
      
      retrieve updated original data from the data source; and
      
      automatically replace potential personal information in the updated original data with fictional data in accordance with the stored information about the selected obfuscation methods and automatic replacement.
  - 11. The data de-identification system of claim 1, wherein said instructions are further adapted to be executed by said processor to:
    - receive a user preference from a user via a graphical user interface, wherein said automatic replacement is performed in accordance with the user preference.
  - 12. The data de-identification system of claim 1, wherein said instructions are further adapted to be executed by said processor to:
    - evaluate an obfuscation rule, wherein said automatic replacement is performed in accordance with a result of the evaluation.
  - 13. The data de-identification system of claim 1, wherein said instructions are further adapted to be executed by said processor to:
    - retrieve supplemental data from a supplemental data source; and
      
      automatically replace potential personal information in the supplemental data with fictional data, wherein if a first value in the original data was replaced with a second value, then that same first value in the supplemental data would also be replaced with that same second value.
  - 14. The data de-identification system of claim 1, further comprising:
    - a communication device, coupled to the processor, to transmit information via a communication network, wherein said instructions are further adapted to be executed by said processor to;
      
      transmit information associated with the original data, where the potential personal information has been replaced with the fictional data, to a remote device via the communication device.

15. A computer-implemented method, comprising:
- receiving original data from a data source;
  
  automatically creating an inventory of elements in the original data;
  
  searching the elements in the inventory for potential personal information;
  
  selecting an obfuscation method from a plurality of potential obfuscation methods; and
  
  automatically replacing the potential personal information in the original data with fictional data in accordance with the selected obfuscation method.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
- - 16. The computer-implemented method of claim 15, wherein the potential personal information includes at least one of:
    - (i) potential personally identifiable information, or (ii) potential personal health information.
  - 17. The computer-implemented method of claim 15, wherein the potential personal information is associated with at least one of:
    - (i) a name, (ii) a Social Security number, (iii) an address, (iv) a date of birth or death, (v) a telephone number, (vi) medical information, (vii) a credit card number, (viii) financial account information, (ix) a policy number, (x) a drivers license number, (xi) a passport number, (xii) employment information, (xiii) a user name or password, (xiv) income information, (xv) credit information, (xvi) a mother'"'"'s maiden name, (xvii) a vehicle identifier, (xviii) a medical device identifier, (xix) criminal history information, (xx) an email address, (xxi) map information, or (xxii) survey information.
  - 18. The computer-implemented method of claim 15, wherein said creating or searching is associated with at least one of:
    - (i) a character search at the beginning of a field, (ii) a character search within a field, (iii) a field length, (iv) a field pattern, (v) user mapping information received via a graphical user interface, or (vi) historical search results associated with other data sources.
  - 19. The computer-implemented method of claim 15, wherein the original data is associated with a database and said creating or searching includes identifying elements based on at least one of:
    - (i) schema information, (ii) table information, or (iii) column information.
  - 20. The computer-implemented method of claim 15, wherein the original data is associated with a data store and said creating or searching includes creating an inventory of elements by extracting information based on at least one of:
    - (i) metadata, or (ii) summary data of the data store.
  - 21. The computer-implemented method of claim 15, wherein said automatic replacement comprises creating scripts to be used during a database refresh process.
  - 22. The computer-implemented method of claim 15, wherein the plurality of potential obfuscation methods includes at least one of:
    - (i) random assignment, (ii) concatenation, (iii) truncation, (iv) uniform replacement, or (v) substitution of a value from a reference table.
  - 23. The computer-implemented method of claim 22, further comprising:
    - retrieving supplemental data from a supplemental data source; and
      
      automatically replacing potential personal information in the supplemental data with fictional data, wherein if a first value in the original data was replaced with a second value, then that same first value in the supplemental data would also be replaced with that same second value.

24. A computer-readable medium storing instructions adapted to be executed by a processor to perform a data de-identification method, said method comprising:
- receiving original data from memory;
  
  analyzing metadata data associated with the original data to create an inventory of elements in the original data;
  
  searching elements in the inventory for potential personal information based on at least one character matching rule;
  
  evaluating an obfuscation rule;
  
  automatically creating scripts to be used during a database refresh process to replace the potential personal information in the original data with fictional data in accordance with (i) a result of said evaluation and (ii) an obfuscation method selected from a set of potential obfuscation methods;
  
  transforming the original data by executing the automatically created scripts; and
  
  transmitting the transformed original data to a remote device via a communication network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hartford Fire Insurance Company (The Hartford Financial Services Group, Inc.)
Original Assignee
Hartford Fire Insurance Company (The Hartford Financial Services Group, Inc.)
Inventors
Siragusa, Robert M., Gervais, Thomas J., Sundaram, Prasanna V., Knighton, Joan L.

Granted Patent

US 8,069,053 B2
Time in Patent Office

Days
Field of Search
US Class Current

N/A
CPC Class Codes

G06F 21/6254 by anonymising data, e.g. d...

G06Q 40/08 Insurance

SYSTEMS AND METHODS FOR DE-IDENTIFICATION OF PERSONAL DATA

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

133 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR DE-IDENTIFICATION OF PERSONAL DATA

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

133 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links