Personal information lifecycle integration and management system and method

The personal information lifecycle management system automates the lifecycle of personal data management, addressing compliance and privacy challenges by integrating consent and destruction processes, ensuring secure and compliant data handling.

WO2026121945A1PCT designated stage Publication Date: 2026-06-11PRIVACY-G INC

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
PRIVACY-G INC
Filing Date
2025-02-05
Publication Date
2026-06-11

Smart Images

  • Figure KR2025099264_11062026_PF_FP_ABST
    Figure KR2025099264_11062026_PF_FP_ABST
Patent Text Reader

Abstract

The present invention relates to a system and method for automating the lifecycle from collection to destruction of personal information and providing various functions for guaranteeing rights of an information subject who has provided the personal information. The system comprises: a consent information collection unit for receiving consent information for personal information collected from at least one personal information management system that holds and manages personal information; and a lifecycle management unit that stores and manages consent information for collection, use, and processing of personal information of a user, and performs a re-consent and personal information destruction task according to a set personal information processing policy, wherein personal information other than the consent information is not stored and managed.
Need to check novelty before this filing date? Find Prior Art

Description

Personal Information Lifecycle Integrated Management System and Method

[0001] The present invention relates to a system and method that automates the lifecycle from the collection to the destruction of personal information and provides various functions to guarantee the rights of data subjects who have provided personal information.

[0002]

[0003] With the acceleration of digital transformation, the collection, storage, and utilization of personal information have become essential elements of services, leading to an increasing emphasis on the importance of personal information protection. Personal information is a core asset for protecting individual privacy, guaranteeing rights, and building trust in a digital society. However, as various challenges surrounding the processing and protection of personal information emerge, measures to systematically manage and safeguard it are becoming essential.

[0004] First of all, the necessity of protecting personal information extends beyond mere legal compliance. Data breaches can result in serious privacy violations and economic losses for individuals, while damaging the credibility of institutions and businesses and causing massive financial damage. In this regard, the secure handling of personal information is essential for the sustainable development of individuals, organizations, and society as a whole.

[0005] With the proliferation of digital technology and the rapid increase in services and systems that require the essential use of personal information, it is becoming increasingly difficult to manage such information safely and effectively with limited personnel. In particular, while expertise and continuous management are essential to systematically identify and respond to the complex requirements arising from compliance with various regulations, such as the Personal Information Protection Act, many institutions and companies are struggling to respond quickly and accurately due to a lack of specialized personnel, thereby increasing the potential risk of personal information leakage incidents.

[0006] Meanwhile, personal information protection is emerging as a critical issue from the perspective of data subjects providing their personal information. Data subjects often find it difficult to independently verify the necessity and appropriateness of collection during the process of providing their personal information. Furthermore, there is a lack of systematic methods to confirm whether the provided personal information is being managed securely. This restricts data subjects' right to know and increases the likelihood of misuse or leakage of personal information. Therefore, it is essential to guarantee data subjects the means to constantly monitor and control their personal information.

[0007] Therefore, there is a need for an integrated and sustainable management plan that systematically manages all processes from the collection, utilization, storage, and destruction of personal information to ensure legal compliance, protect the rights of data subjects, and enable institutions and companies to efficiently manage risks.

[0008] The present invention aims to solve the above problems by collecting dispersed personal information and managing it integrally, automating the entire lifecycle from consent to use of personal information to renewal and destruction, and enabling the verification of the status of consent to use of personal information and the consent / withdrawal of information to secure the rights of data subjects.

[0009] A personal information lifecycle integrated management system according to one embodiment of the present invention comprises: a consent information collection unit that receives consent information regarding personal information collected from at least one personal information management system that holds and manages personal information; and a lifecycle management unit that stores and manages consent information regarding the collection, use, and processing of a user's personal information and performs re-consent and personal information destruction operations in accordance with a set personal information processing policy; and is characterized by not storing or managing personal information other than the consent information.

[0010] In addition, the lifecycle management unit may include a consent information processing unit that receives consent information regarding the collection and use of personal information from the personal information management system and registers or updates it.

[0011] In addition, the lifecycle management unit may include a re-consent processing unit that periodically identifies and extracts subjects for re-consent regarding personal information managed by the personal information management system in accordance with the personal information processing policy for each personal information management system, and provides an interface for re-consent to the subjects for re-consent.

[0012] In addition, the lifecycle management unit may include a destruction processing unit that periodically checks the personal information consent date and retention period to extract targets for destruction and transmits a destruction request for the targets to be destroyed to a personal information management system that manages personal information.

[0013] In addition, the destruction processing unit records destruction request information regarding the transmitted destruction request as a history, and can receive and record the destruction progress status to determine whether the deletion of personal information requested by the personal information management system was successfully performed.

[0014] In addition, the lifecycle management unit may include a usage notification unit that extracts the subjects of personal information usage notification based on conditions set according to requirements prescribed by law and provides the details of personal information usage to the subjects of notification.

[0015] In addition, it may further include a data subject request processing unit that provides details of consent information and consent history regarding collection and use at the request of a user who has consented to the provision of personal information.

[0016] In addition, the data subject request processing unit may receive a request from a user to withdraw consent for all or part of the personal information requested, change the consent information regarding the personal information for which withdrawal was requested, and request the personal information management system managing the personal information to destroy the personal information for which withdrawal was requested.

[0017] In addition, it may further include a consent form / processing policy drafting section that provides a user interface to allow the personal information manager to select items that must be included in the consent form according to legal requirements and settings displayed on said items, so that the personal information manager can easily draft a personal information processing policy and a consent form for collection / use, and automatically distributes the newly drafted or modified consent form to a designated personal information management system.

[0018] In addition, it may further include a status provision section that provides the status of personal information retention, consent status, and destruction status for each personal information system so that a personal information manager can check the status of personal information managed in at least one personal information management system.

[0019] In addition, the method for managing the personal information lifecycle in a personal information lifecycle integrated management system may include: a step of collecting consent information regarding the collection, use, and processing of personal information; a step of extracting subjects for notification of personal information utilization based on conditions set according to requirements prescribed by law and providing the notification subjects with details of personal information usage; a step of verifying the consent date and retention period of the consent information to extract subjects for re-consent and obtaining re-consent from the subjects for re-consent; and a step of destroying the stored personal information according to a user's request or a pre-set destruction condition.

[0020] Additionally, the step of collecting the consent information may include: receiving a request for the provision of a consent form for the collection / use of personal information from a personal information management system; providing the latest version of the consent form for the collection / use of personal information that is mapped to and managed by the requested personal information management system; receiving consent information collected regarding the consent form from the personal information management system; and storing the received consent information as metadata of the personal information stored in the personal information management system.

[0021] Additionally, the step of destroying the personal information may include: a step of extracting targets for destruction according to set conditions; a step of obtaining administrator approval for the targets for destruction; a step of transmitting a destruction request to a personal information management system that manages the personal information of the targets for destruction approved by the administrator; and a step of receiving a destruction result for the destruction request.

[0022] By managing the entire lifecycle of personal information from collection to destruction, it is possible to establish an integrated management system aligned with strengthening trends in personal information protection and reduce operational resources by automating personal information-related tasks.

[0023] In addition, data subjects can check the status of their personal information collection and withdraw their consent, thereby guaranteeing their right to decide on their personal information and ensuring the stability and security of their personal information.

[0024] FIG. 1 is an overall configuration diagram of a personal information lifecycle integrated management system according to one embodiment of the present invention.

[0025] FIG. 2 is a block diagram of the functions of a personal information lifecycle integrated management system according to one embodiment of the present invention.

[0026] FIG. 3 is an example drawing showing a consent form creation screen in a personal information lifecycle integrated management system according to one embodiment of the present invention.

[0027] FIG. 4 is an example drawing showing a consent form inquiry screen in a personal information lifecycle integrated management system according to one embodiment of the present invention.

[0028] FIG. 5 is a flowchart of a personal information lifecycle integrated management method according to one embodiment of the present invention.

[0029] FIG. 6 is a diagram showing the process of collecting consent information in a personal information lifecycle integrated management method according to one embodiment of the present invention.

[0030] FIG. 7 is a diagram illustrating the process of destroying consent information in a personal information lifecycle integrated management method according to one embodiment of the present invention.

[0031] Specific embodiments of the present invention will be described in detail below with reference to the drawings. However, the concept of the present invention is not limited to the presented embodiments. Those skilled in the art who understand the concept of the present invention may easily propose other inventions that are inferior or other embodiments included within the scope of the concept of the present invention by adding, changing, or deleting other components within the same scope of the concept, and such are also to be considered to be included within the scope of the concept of the present invention.

[0032] Furthermore, the terms described below are established considering their functions in the present invention; since these may vary depending on the inventor's intent or convention, their definitions should be based on the content throughout this specification. Additionally, if it is determined that a detailed description of known configurations or functions related to the present invention in this specification could obscure the essence of the invention, such detailed description will be omitted.

[0033]

[0034] Hereinafter, the Personal Information Lifecycle Integrated Management System (hereinafter referred to as the Personal Information Lifecycle Management System) will be described with reference to the drawings.

[0035] FIG. 1 is an overall configuration diagram of a personal information lifecycle management system (100) according to one embodiment of the present invention.

[0036] Referring to FIG. 1, the personal information lifecycle management system (100) can communicate with each other via a network with at least one personal information management system (200) that holds / manages personal information used at each service site in providing services to a company / institution, multiple user terminals (300) that are data subjects requesting consent to provide personal information, access to consent information, and withdrawal of consent, and multiple personal information manager terminals (400) that manage personal information stored in the personal information management system (200).

[0037] The term "network" as used in the present invention may refer to a core network integrated with a wired public network, a wireless mobile communication network, or the mobile internet, and may refer to a global open computer network structure that provides the TCP / IP protocol and various services existing at the upper layer, such as HTTP (Hyper Text Transfer Protocol), HTTPS (Hyper Text Transfer Protocol Secure), Telnet, FTP (File Transfer Protocol), etc.

[0038]

[0039] In the present invention, the personal information management system (200) is a system that collects, stores, and manages the personal information of users necessary for providing services, and may be a system that includes a database to which a personal information security policy is applied.

[0040] Personal information refers to information that can identify an individual, or information that, even if it cannot identify a specific individual on its own, can be easily combined with other information to identify an individual; it may include names, resident registration numbers, passport numbers, phone numbers, addresses, emails, etc., which are typically entered during membership registration.

[0041] In one embodiment of the present invention, the personal information management system (200) may be a system that manages user information used at the service site by mapping it 1:1 with the service site.

[0042]

[0043] In the present invention, the user terminal (300) is a terminal used by a data subject (user) who provides or withdraws the provision of personal information.

[0044] The user can check the status of personal information being collected, used, and processed through a web or app-type user interface provided to the user terminal (300), and can request withdrawal of consent for the personal information to which consent has been given.

[0045] In addition, you can apply to view and receive personal information to which you have consented.

[0046]

[0047] The personal information manager terminal (300) is a terminal used by a personal information manager or organization that manages the user's personal information.

[0048] The personal information manager can receive the status of collected personal information, consent status, and destruction status through a web or app-type user interface provided to the personal information manager terminal (300).

[0049] The personal information manager can check the status of personal information through an interface provided to the personal information manager terminal (300), check the request for viewing and withdrawal of personal information collection status requested by the user, and process approval / rejection.

[0050] In addition, it is possible to verify whether the destruction of personal information has been successfully carried out for the personal information targets requested by each personal information management system (200), and to process personal information tasks by checking the entire or individual history of consent, re-consent, and destruction of personal information.

[0051] In addition, a user interface with a template can be used to create a personal information processing policy and a consent form, and the created consent form can be configured to be automatically distributed to a specific personal information management system (200).

[0052]

[0053] The personal information lifecycle management system (100) performs the following functions in conjunction with the personal information management system (200), user terminal (300), and personal information manager terminal (400).

[0054] Consent information regarding personal information collected from multiple personal information management systems (200) is collected, stored, and managed.

[0055] Consent information may include a unique identifier capable of identifying the user during data exchange with the linked system, consent items, consent date, and consent period; however, the user's personal information is not stored or managed within the system. In other words, the personal information itself is not managed; instead, only the items of personal information to which the user has consented and the information necessary to manage the lifecycle of such personal information are generated and managed as meta-information.

[0056] In addition, if the user does not consent to the collection and use of personal information or withdraws consent, the legally appropriate time for the destruction of the personal information is determined, and the destruction is requested to the personal information management system (200) where the actual personal information is stored, and the result is monitored.

[0057] As a result, the lifecycle of distributed personal information can be automatically integrated and managed, enabling the efficient processing of vast amounts of personal information, preventing the loss of the timing for destruction to avoid unnecessary data accumulation, and ensuring compliance with legal standards.

[0058]

[0059] FIG. 2 is a block diagram of the functions of a personal information lifecycle management system (100) according to one embodiment of the present invention.

[0060] Referring to FIG. 2, the detailed functions of the personal information lifecycle management system (100) will be described.

[0061] The personal information lifecycle management system (100) is equipped with a consent information collection unit (110), a lifecycle management unit (120), a data subject request processing unit (130), a consent form / processing policy drafting unit (140), and a status provision unit (150).

[0062] The consent information collection unit (110) receives consent information regarding personal information collected from at least one personal information management system (200) that holds and manages personal information.

[0063] The consent information collection unit (110) may provide a dedicated API to receive and process various requests related to consent information of personal information from legacy systems and linked systems, and this may be based on a standard API of the authentication key (Token) exchange method.

[0064] The consent information collection unit (110) can collect not only consent information but also data necessary for managing the personal information lifecycle by linking with external systems through a standardized API.

[0065] For example, when personal information is collected through membership registration on a service site, the personal information management system (200) that manages the personal information of the service may request a personal information processing policy and a consent form from the personal information lifecycle management system (100) to obtain consent information regarding the collection and use of personal information.

[0066] The consent information collection unit (110) that receives this provides, in response to the received consent request, the latest version of the personal information consent form and processing policy that is mapped to and managed by the personal information management system that sent the request.

[0067] The consent form and processing policy include the items of personal information collected, used, and provided to third parties, the collection date, retention period, purpose, and third-party information, and allow the user to select consent or non-consent for each piece of personal information.

[0068] Consent forms and processing policies can be mapped and registered and managed by institution / company or by service sites provided by the said institution / company. Accordingly, when an external linked system including the personal information management system (200) requests a specific consent form and processing policy from the personal information lifecycle management system (100), it can be implemented to transmit identification information identifying the institution / company or service so that the corresponding consent form and processing policy can be retrieved and provided through the identification information.

[0069] The personal information management system (200) provides a consent form for the collection, use, and processing of personal information to the user during the membership registration process, and obtains personal information and consent information. The consent information, excluding personal information, among the obtained information is transmitted to the personal information lifecycle management system (100), and the consent information collection unit (110) receives this and transmits it to the lifecycle management unit (120).

[0070]

[0071] The Lifecycle Management Department (120) stores and manages consent information regarding the collection, use, and processing of users' personal information, and performs re-consent and personal information destruction operations in accordance with the established personal information processing policy.

[0072] More specifically, it includes a consent information processing unit (121) that receives and registers or updates consent information regarding the collection and use of personal information.

[0073] The consent information may include the collector / user, consent items, collection date, consent date, and retention period, and the information is stored as metadata for the actual personal information stored in the personal information management system (200).

[0074] If personal information of a new user is collected in the personal information management system (200) through a process such as membership registration, the consent information processing unit (121) generates consent information metadata for this.

[0075] If there are changes to the consent information, such as re-consent or partial withdrawal regarding the collection and use of personal information, the previously stored consent information is updated, and the history of the changes is recorded.

[0076]

[0077] The lifecycle management unit (120) includes a re-consent processing unit (122) that periodically checks and extracts the subjects of re-consent for personal information managed by the personal information management system (200) according to the personal information processing policy of the personal information management system (200), and provides an interface for re-consent to the re-consent subject user terminal (300).

[0078] The re-consent processing unit (122) can periodically extract subjects requiring re-consent based on the consent date and retention period of consent information through a batch process and send notifications and re-consent screen links to the relevant users so that they can obtain re-consent.

[0079] For example, since the current Personal Information Protection Act stipulates that re-consent must be obtained from users when the retention period of personal information exceeds two years, the retention period can be set to two years, and the re-consent process can be performed by extracting subjects for re-consent who have less than the set retention period remaining based on the collection date.

[0080] In addition, if items for collection and use are added, a re-consent process may be performed.

[0081] When a specific personal information management system (200) requests a re-consent process due to the addition of items for collection and use, the re-consent processing unit (122) can extract the re-consent target and provide a re-consent interface.

[0082] For example, by sending a URL link that leads to a screen for re-consent via the user's email, text message, or SNS notification, the user can access the re-consent interface through the provided URL link.

[0083] Once re-consent is completed by the user, the re-consent items and retention period are updated, and the re-consent history information is recorded and saved.

[0084]

[0085] The lifecycle management unit (120) includes a destruction processing unit (123) that periodically checks the consent date and retention period to identify targets for destruction and transmits a destruction request to the personal information management system (200) that manages personal information regarding the targets for destruction.

[0086] The destruction processing unit (123) periodically checks the pre-set destruction conditions through a batch process to extract the targets for destruction.

[0087] The items subject to destruction may be those that have exceeded the retention period based on the date of the user's final consent.

[0088] In addition, it may be a subject for which the purpose of collection has been achieved, such as when personal information is no longer needed due to reasons like service termination.

[0089] In addition, it may be an object for which the user has requested destruction. However, it is not limited to this, and the object of destruction may be determined according to legal standards.

[0090] Meanwhile, when extracting the items to be destroyed as described above, the actual destruction work can be carried out by applying a destruction grace period to the date last identified as a target for destruction.

[0091] The destruction processing unit (123) extracts the targets for destruction, transmits the extracted list of targets for destruction to the personal information management system (200) to request the destruction of the actual personal information stored therein, records the destruction request information as a history, and receives the destruction progress steps from the personal information management system (200) to monitor whether the deletion of the requested personal information has been successfully performed.

[0092] The destruction history may include the personal information management system holding the personal information, the date and time of destruction, the items destroyed, the reason for destruction, the method of destruction (automatic / manual), and supporting materials for destruction.

[0093]

[0094] The lifecycle management unit (120) includes a usage notification unit (124) that extracts the subjects of personal information usage notification based on conditions set according to the requirements set by law and provides the details of personal information usage to the subjects of notification.

[0095] The personal information lifecycle management system (100) provides an interface to set the recipients of the personal information usage history notification, the notification period, and the number of notifications for registered service sites, and periodically extracts the recipients of the notifications based on the conditions of the set period and number of notifications, and sends notifications regarding the personal information usage history through notification means such as email, SNS notifications, and text messages.

[0096]

[0097] Meanwhile, the personal information lifecycle management system (100) supports functions to manage the lifecycle of personal information and to guarantee the rights of the data subject providing the personal information.

[0098] To this end, the system further includes a data subject request processing unit (130) that provides a history of consent to collection and use at the user's request, provides a function to view personal information used with consent, and receives and processes a request to withdraw consent for the provision of all or part of the personal information requested by the user.

[0099] The data subject request processing unit (130) receives requests from the user regarding the status of consent to the collection and use of personal information and information provided to third parties in order to guarantee the substantive rights of the data subject providing personal information, and retrieves the relevant information and provides it to the user.

[0100] For example, a user can check the status of their consent to use of personal information through a web or app-based user interface provided by the personal information lifecycle management system (100). The status of consent to use of personal information may include information on the institution / company or service site where the personal information is used (service name, site address, etc.), personal information items, date of consent, and status of withdrawal of consent. Additionally, information on the status of provision to third parties may be provided, such as personal information items provided to third parties, provider, period of provision, purpose of provision, date of consent, and status of withdrawal of consent.

[0101] In addition, the personal information destruction operation can be performed upon receiving a request from a user to withdraw consent for all or part of the requested personal information.

[0102] The destruction operation includes changing the consent information for the personal information for which withdrawal was requested, and requesting the personal information management system (200) that manages the personal information to destroy the personal information for which withdrawal was requested.

[0103] For example, when the data subject request processing unit (130) receives a request from a user to withdraw consent to personal information, the consent information of the personal information can be changed to a withdrawn state, thereby allowing the destruction work to be carried out collectively according to a schedule set through the destruction processing unit (124).

[0104] In addition, after receiving a user's request to withdraw consent, destruction operations may be carried out only for targets that have undergone the approval process by the security manager.

[0105]

[0106] The consent form / processing policy drafting section (140) provides the essential content items that must be included in the consent form according to legal requirements in a template form so that the personal information manager can easily draft the personal information consent form and processing policy, and provides the optional items as a user interface so that the personal information manager can select them according to the purpose.

[0107] In addition, a function is provided to configure a distribution system so that the written or modified personal information consent form and processing policy can be automatically distributed to a specific personal information management system (200).

[0108] FIG. 3 is an example drawing showing a consent form creation screen in a personal information lifecycle integrated management system according to one embodiment of the present invention, and FIG. 4 is an example drawing showing a consent form inquiry screen in a personal information lifecycle integrated management system according to one embodiment of the present invention.

[0109] Referring to FIGS. 3 and 4, items that are mandatory to be included in the consent form, such as the title, purpose of collection and use, subject of collection, period of retention of personal information, right to refuse personal information and whether there is any disadvantage, and consent for those under the age of 14, are provided as a fixed template, and the screen is configured so that the personal information manager can select the content to be optionally included in each item, thereby providing a UI function to easily and quickly create the consent form.

[0110] In addition, it allows you to designate written consent forms for application to specific sites and provides a function to search and verify written and managed consent forms based on creation date, applicable site, application status, and management department.

[0111]

[0112] The status provider (150) provides the status of personal information held, consent status, and destruction status for each personal information system so that the personal information manager can check the status of personal information managed in at least one personal information management system (200).

[0113] The status provider (150) provides a status of personal information holdings including personal information holding items, number of holdings, whether entrusted, management department, collection path, consent form version, and processing policy version information for each personal information management system (200).

[0114] In addition, a third-party provision status is provided, including information such as the provider, purpose of provision, information provided, number of provision cases, provision period, management department, and expiration date of provision for each personal information management system (200).

[0115] In addition, the status of personal information consent and notification is provided, including the number of consents for each personal information management system (200), the number of cases subject to consent expiration within one month, the deadline for usage history notification, whether usage history notification was sent, whether a request for re-consent was sent, and the result of re-consent.

[0116] In addition, the destruction status is provided, including items subject to destruction, number of cases of destruction, destruction status, reason for destruction, method of destruction, and date and time of destruction (scheduled) for each personal information management system (200).

[0117]

[0118] Next, the hardware configuration of a personal information lifecycle management system (100) according to one embodiment of the present invention is described.

[0119] The hardware structure of the personal information lifecycle management system (100) is configured to include a central processing unit (1000), memory (2000), user interface (3000), database interface (4000), network interface (5000), web server (6000), etc.

[0120] The user interface (3000) provides input and output interfaces to the user by using a graphical user interface (GUI).

[0121] The database interface (4000) provides an interface between the database and the hardware structure.

[0122] The network interface (5000) provides a network connection between devices owned by the user.

[0123] The web server (6000) provides a means for users to access the hardware structure through a network. Most users can access the web server remotely and use the personal information lifecycle management system (100).

[0124] Each step of the configuration or method described above may be implemented as computer-readable code on a computer-readable recording medium or transmitted via a transmission medium. A computer-readable recording medium is a data storage device capable of storing data that can be read by a computer system.

[0125] Examples of computer-readable recording media include, but are not limited to, databases, ROM, RAM, CD-ROM, DVD, magnetic tape, floppy disk, and optical data storage devices. Transmission media may include carrier waves transmitted via the Internet or various types of communication channels. Additionally, computer-readable recording media may be distributed through networked computer systems so that computer-readable code is stored and executed in a distributed manner.

[0126] In addition, at least one component applied in the present invention may include or be implemented by a processor, such as a central processing unit (CPU) or a microprocessor, that performs a respective function, and two or more of said components may be combined into a single component to perform all operations or functions of the combined two or more components. Furthermore, a part of the at least one component applied in the present invention may be performed by another of these components. Additionally, communication between said components may be performed via a bus.

[0127]

[0128] FIG. 5 is a flowchart relating to a personal information lifecycle integrated management method according to an embodiment of the present invention, and

[0129] Referring to Fig. 5, the method for integrated management of the personal information lifecycle is described.

[0130] First, the personal information lifecycle management system (100) performs the step (S510) of collecting consent information regarding the collection, use, and processing of personal information.

[0131] In step S510, consent information regarding personal information is collected from multiple personal information management systems (200). The collection of consent information may be carried out individually through a membership registration process, or multiple consent information may be collected collectively through periodic operations.

[0132] The personal information management system (200) provides a consent process for the collection and use of personal information in a process where the collection of personal information of users is required, such as membership registration.

[0133] A detailed explanation of step S510 is provided with reference to Fig. 6.

[0134] FIG. 6 is a diagram showing the process of collecting consent information in a personal information lifecycle integrated management method according to one embodiment of the present invention.

[0135] Referring to FIG. 6, first, the personal information management system (200) requests a consent form and a personal information processing policy for the service from the personal information lifecycle management system (100), and the personal information lifecycle management system (100) provides the latest version of the consent form and personal information processing policy for the requested service.

[0136] At this time, the personal information management system (200) may request a consent form and a personal information processing policy in advance and store them in a local system, and then transmit version information of the consent form and personal information processing policy currently held to the personal information lifecycle management system (100) so that the consent form and personal information processing policy of the latest version may be received only if they are not the latest version.

[0137] A personal information management system (200) that receives a consent form and a personal information processing policy obtains personal information and consent information regarding said personal information from a user, stores the personal information in a database, and transmits said consent information to a personal information lifecycle management system (100). A lifecycle management system (100) that receives this stores the received consent information as metadata for the personal information stored in the personal information management system (200) and manages the lifecycle of the personal information.

[0138] Referring again to FIG. 5, after step S510, a step (S520) is performed to extract the subjects of personal information usage notification based on conditions set according to the requirements prescribed by law and provide the details of personal information usage to the subjects of notification.

[0139] For each registered service site, recipients of personal information usage notifications are extracted based on the recipients, notification period, and number of notifications, and notifications regarding personal information usage history are sent to user terminals via notification means such as email, SNS alerts, and text messages.

[0140] After step S520, the consent date and retention period of the consent information are verified to extract the subjects for re-consent, and a step (S530) of obtaining re-consent from the said subjects is performed.

[0141] After extracting subjects for re-consent based on the date of collection of personal information and the remaining retention period of less than the set date, an interface for re-consent is provided to the user terminal (300) to obtain consent for the currently held personal information and additionally collected personal information.

[0142] For example, by sending a URL link that leads to a screen for re-consent via the user's email, text message, or SNS notification, the user can access the re-consent interface through the provided URL link.

[0143] Once re-consent is completed by the user, the re-consent items and retention period are updated, and the re-consent history information is recorded and saved.

[0144] After step S530, a step (S540) of destroying stored personal information is performed according to a user's request or a pre-set destruction condition.

[0145] A detailed explanation of step S540 is provided with reference to Fig. 7.

[0146] FIG. 7 is a diagram illustrating the process of destroying consent information in a personal information lifecycle integrated management method according to one embodiment of the present invention.

[0147]

[0148] Referring to Fig. 7, the targets for destruction are first extracted according to the set conditions.

[0149] The conditions set at this time may include targets for which the retention period has expired based on the consent date, targets for which the purpose of collection has been achieved, and targets for which the user has requested destruction; destruction operations may be performed on cases that have passed a predetermined grace period for destruction after being classified as targets for destruction.

[0150] Once the items to be destroyed are determined, a step to obtain administrator approval for the said items to be destroyed can be performed. For the destruction of personal information, a notification or list may be provided so that the personal information manager is aware of the destruction operations, and a function may be provided to approve or reject each operation.

[0151] When the personal information manager approves the destruction, the personal information lifecycle management system (100) transmits a destruction request to the personal information management system (200) that manages the personal information subject to destruction.

[0152] The personal information management system (200) that receives this destroys the relevant personal information and transmits the result to the personal information lifecycle management system (100). After receiving the result of the destruction request, the personal information lifecycle management system (100) generates and stores a history including the date and time of destruction, items of destruction, reasons for destruction, method of destruction (automatic / manual), and evidence of destruction.

[0153] By automatically managing the lifecycle of such personal information from collection to destruction, it is possible to establish an integrated management system that aligns with strengthening trends in personal information protection, and to reduce operational resources by automating personal information-related tasks.

[0154]

[0155] Although the structure and features of the present invention have been described above based on embodiments according to the present invention, the present invention is not limited thereto. It is understood by those skilled in the art that various changes or modifications can be made within the spirit and scope of the present invention, and thus such changes or modifications fall within the scope of the appended claims.

[0156] By managing the entire lifecycle of personal information from collection to destruction, it is possible to establish an integrated management system aligned with strengthening trends in personal information protection and reduce operational resources by automating personal information-related tasks.

[0157] In addition, data subjects can check the status of their personal information collection and withdraw their consent, thereby guaranteeing their right to decide on their personal information and ensuring the stability and security of their personal information.

Claims

1. A consent information collection unit that receives consent information regarding personal information collected from at least one personal information management system that holds and manages personal information; It includes a lifecycle management unit that stores and manages consent information regarding the collection, use, and processing of users' personal information, and performs re-consent and personal information destruction tasks in accordance with the established personal information processing policy; Characterized by not storing or managing personal information other than the aforementioned consent information, Personal Information Lifecycle Integrated Management System.

2. In Paragraph 1, The above-mentioned lifecycle management department is, A consent information processing unit that receives consent information regarding the collection and use of personal information from the above-mentioned personal information management system and registers or updates it; comprising Personal Information Lifecycle Integrated Management System.

3. In Paragraph 1, The above-mentioned lifecycle management department is, A re-consent processing unit comprising: periodically verifying and extracting subjects for re-consent regarding personal information managed by the personal information management system in accordance with the personal information processing policy for each of the personal information management systems, and providing an interface for re-consent to the subjects for re-consent; Personal Information Lifecycle Integrated Management System.

4. In Paragraph 1, The above-mentioned lifecycle management department is, A destruction processing unit comprising: periodically checking the personal information consent date and retention period to extract targets for destruction, and transmitting a destruction request for the said targets to a personal information management system that manages personal information; Personal Information Lifecycle Integrated Management System.

5. In Paragraph 4, The above destruction processing unit is, Recording destruction request information regarding the transmitted destruction request as a history, and receiving and recording the destruction progress status to determine whether the deletion of personal information requested by the personal information management system was successfully performed, Personal Information Lifecycle Integrated Management System.

6. In Paragraph 1, The above-mentioned lifecycle management department is, A usage notification unit comprising: extracting subjects for notification of personal information usage based on conditions set in accordance with requirements prescribed by law, and providing the details of personal information usage to said subjects; Personal Information Lifecycle Integrated Management System.

7. In Paragraph 1, A data subject request processing unit that provides details of consent information and consent history for collection and use at the request of a user who has consented to the provision of personal information; further comprising Personal Information Lifecycle Integrated Management System.

8. In Paragraph 7, The above-mentioned data subject request processing unit is, Upon receiving a request from a user to withdraw consent for all or part of the requested personal information, changing the consent information for the personal information for which withdrawal was requested, and requesting the personal information management system managing the said personal information to destroy the personal information for which withdrawal was requested, Personal Information Lifecycle Integrated Management System.

9. In Paragraph 1, A consent form / processing policy drafting unit further comprising: providing a user interface that allows the personal information manager to select items to be included in the consent form and settings to be displayed on said items in accordance with legal requirements, so that the personal information manager can easily draft a personal information processing policy and a consent form for collection / use, and automatically distributing the newly drafted or modified consent form to a designated personal information management system. Personal Information Lifecycle Integrated Management System.

10. In Paragraph 1, A status provision unit further comprising: providing the status of personal information retention, consent status, and destruction status by personal information system so that a personal information manager can check the status of personal information managed in at least one personal information management system; Personal Information Lifecycle Integrated Management System.

11. In the method of integrated personal information lifecycle management performed in the integrated personal information lifecycle management system, Step of collecting consent information regarding the collection, use, and processing of personal information; A step of extracting subjects for notification of personal information usage based on conditions established in accordance with requirements prescribed by law, and providing the details of personal information usage to the said subjects; A step of verifying the consent date and retention period of the above consent information to extract subjects for re-consent, and obtaining re-consent from the said subjects for re-consent; and A step of destroying stored personal information according to a user's request or pre-set destruction conditions; including Integrated management method for personal information lifecycle.

12. In Paragraph 11, The step of collecting the above consent information is, Step of receiving a request for the provision of a consent form for the collection / use of personal information from the personal information management system; A step of providing the latest version of the personal information collection / use consent form, which is mapped to and managed by the requested personal information management system; A step of receiving consent information collected regarding the consent form from the above personal information management system; and A step of storing the received consent information as metadata of the personal information stored in the personal information management system; comprising Integrated management method for personal information lifecycle.

13. In Paragraph 11, The step of destroying the above personal information is, A step of extracting targets for destruction according to set conditions; A step of obtaining administrator approval for the above-mentioned destruction target; A step of transmitting a destruction request to a personal information management system that manages the personal information of the said destruction target for the destruction target approved by the administrator; and A step of receiving a destruction result for the above destruction request; comprising Integrated management method for personal information lifecycle.