Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System and method for managing data privacy

a data privacy and management system technology, applied in the field of systems and methods for managing data privacy, can solve the problems of exposing the enterprise to significant liability, and affecting the success or profitability of the enterpris

Inactive Publication Date: 2007-12-06
JPMORGAN CHASE BANK NA
View PDF102 Cites 311 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

"The present invention is a system and method for managing and monitoring the protection of employees' and customers' private data. It provides a decision engine for assessing risks associated with data privacy policies and procedures. The system eliminates redundant systems and functions related to data privacy assessment within each of the lines of business (LOBs) of an institution. It uses automated questionnaires that require responses from the manager responsible for the data, and identifies areas of risk through final resolution or acceptance of the risk. The system identifies and tracks outstanding issues related to data privacy protection. It assigns access levels based on seniority or management status, and provides a secure review of risk exposure and compliance. The system generates reports to inform persons or groups about their compliance status. It allows shared best practices and corrective action plans, and provides a mechanism for risk acknowledgement communicated to other members of a hierarchy. Overall, the system provides immediate compliance verification, a calendar of events, and a mechanism for managing data privacy risks in any hierarchical organization."

Problems solved by technology

For example, a given manager of a department may be required to establish the level of risk associated with the operation of a particular computer system (e.g., the risk of losing use of such a computer system for some period of time).
The impact of evaluating the risk for a given enterprise can have serious consequences with regard to the success or profitability of the enterprise.
If the enterprise has established procedures that are designed to protect the enterprise from liability, or otherwise assure that levels of risk within the enterprise are minimized, the enterprise can be exposed to liability if the procedures are not properly followed.
Failure to follow these policies, procedures and laws can expose the enterprise to significant liability.
In typical enterprises, the analysis, statuses and reporting to upper management of the procedures with respect to data privacy are often haphazard and inconsistent.
For example, some managers may find the requirement of filling out forms and answering questionnaires to be an inefficient use of time, and fail to effectively complete risk assessments.
Furthermore, most departments fail to evaluate the external dependencies that it has, and the impact on its ability to perform its functions should those external entities fail to protect the employees and customer's data.
Where tools for the risk assessments with respect to data privacy do exist, they tend to be form intensive, and inconsistent between various enterprise locations.
It is difficult to track and maintain the data that can be obtained from forms related to assessment of data privacy risk, and even more difficult to take an enterprise view of such risk, which is absolutely required for effectively managing the liability of the enterprise.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for managing data privacy
  • System and method for managing data privacy
  • System and method for managing data privacy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The system 10 of the present invention is illustrated in FIG. 1. As illustrated, system 10 is implemented using a distributed client / server architecture. The clients 15 (one illustrated) are distributed throughout the enterprise (corporation), while the servers 20 are centrally located with redundancies (not illustrated). This infrastructure consists of one application server 25 communicating with application database 35, and one database server 30 communicating with database 40. In a preferred embodiment, the application server 25 is running BEA WebLogic 5.1 that comprises middleware between the front-end web application and the application database 35. In this preferred embodiment, database server 30 is running Oracle 8.16 Server and database 40 is an Oracle database.

[0031] In the preferred embodiment, client 15 is a web based browser application. This application 15 preferably uses browsers that support Java applets and JavaScript such as Netscape 4.x or Internet Explorer...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A system and method for assessing the risk associated with the protection of data privacy by software application. A decision engine is provided to assess monitor and manage key issues around the risk management of data privacy. The system creates a core repository that manages, monitors and measures the data privacy assessments of applications across an institution (e.g., a corporation). The system and method employs automated questionnaires that require responses from the user (preferably the manager responsible for the application). The responses are tracked in order to evaluate the progress of the assessment and the status of the applications with respect to compliance with the enterprise's data privacy policies and procedures as well as the regulations and laws of the jurisdictions in which the application is operated. Once a questionnaire has been completed, the application is given ratings both with respect to the data privacy impact of the application and the application's compliance with the data privacy requirements. If a risk exists, a plan for reducing the risk or bringing the application into compliance can be formulated, and progress towards compliance can be tracked. Alternatively, an identified exposure to risk can be acknowledged through the system, which requires sign off by various higher level managers and administrators.

Description

CROSS REFERENCE TO RELATED APPLICATIONS [0001] This application claims priority to U.S. Provisional Application No. 60 / 411,370, filed on Sep. 17, 2002 the entirety of which is incorporated herein by reference.FIELD OF THE INVENTION [0002] The present invention generally relates to systems and methods for managing data privacy, and more particularly to systems and methods for managing the risk associated with compliance with applicable laws corporate policy with respect to the collection, use and storage of an individual's data. BACKGROUND OF THE INVENTION [0003] Risk management relates to procedures for assessing and managing risk that are established by the enterprise, with accompanying directives by management to comply with the procedures. For example, a given manager of a department may be required to establish the level of risk associated with the operation of a particular computer system (e.g., the risk of losing use of such a computer system for some period of time). This man...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): G06F1/24G06Q10/10
CPCG06Q10/10
Inventor BRESLIN, JODIBORGIA, EVELYNDE GOTTAL, GRAHAM
Owner JPMORGAN CHASE BANK NA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products