A system and a method for data protection assessment using threat modeling and adaptive optimization

The system addresses the limitations of manual data protection assessments by using threat modeling and adaptive optimization to automate vulnerability identification and regulatory compliance, ensuring efficient and consistent data protection across complex data flows.

WO2026133069A1PCT designated stage Publication Date: 2026-06-25PRIVASAPIEN TECH PTE LTD

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
PRIVASAPIEN TECH PTE LTD
Filing Date
2025-12-15
Publication Date
2026-06-25

AI Technical Summary

Technical Problem

Existing data protection systems rely heavily on manual, time-consuming, and subjective evaluations by Data Protection Officers (DPOs, leading to scalability issues, inconsistent documentation, and a lack of automated guarantees for compliance confidence and risk evaluation accuracy, especially in large organizations with complex data flows.

Method used

A system using threat modeling and adaptive optimization, employing deep learning and adversarial analysis to automatically identify vulnerabilities, document data access requests, and generate context-aware regulatory recommendations, reducing human dependency and enhancing repeatability and auditability.

Benefits of technology

The system provides a mathematically grounded, technically robust mechanism for proactive risk detection, ensuring traceable and compliant data handling with automated threat modeling and adaptive optimization, minimizing compliance errors and enhancing scalability.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure IB2025062862_25062026_PF_FP_ABST
    Figure IB2025062862_25062026_PF_FP_ABST
Patent Text Reader

Abstract

A system and a method for data protection assessment using threat modelling and adaptive optimization is disclosed. The system (100) comprising a processor (105) and memory (110) with instructions to receive a data access request (345) from entities (120) via authenticated digital interface (125) including structured and unstructured data categories (350), metadata parameters (355), initiating contextual analysis to establish baseline compliance parameters (360). The system analyses data category and metadata using adaptive classification logic and correlation metrics across stored data lineage, distinguishing privacy -critical from non- sensitive data. Threat modelling (130) evaluates correlations among privacy attributes (365), metadata, operational parameters, and regulatory requirements to identify vulnerabilities (375) and exposure points. A composite risk index (135) is derived, forming a structured risk profile (140) with quantified scores (380). Compliance recommendations (150) are generated, safeguard parameters (155) are derived, authorization validated by a compliance authority (160), and a compliance trace (388) is recorded.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] A SYSTEM AND A METHOD FOR DATA PROTECTION ASSESSMENT USING THREAT MODELING AND ADAPTIVE OPTIMIZATION

[0002] EARLIEST PRIORITY DATE:

[0003] This Application claims priority from a provisional patent application filed in India having Patent Application No. 202441101480, filed on December 20, 2024, and titled “A SYSTEM AND A METHOD FOR THREAT MODELING AUGMENTED DATA PROTECTION IMPACT ASSESSMENT”.

[0004] FIELD OF INVENTION

[0005] Embodiments of the present disclosure relate to the field of a data privacy associated with system and architecture for ensuring data privacy, security, and regulatory compliance in a digital information environment and more particularly a system and a method for data protection assessment using threat modelling and adaptive optimization.

[0006] BACKGROUND

[0007] Data privacy refers to the protection of personal information from unauthorized access, misuse, or exposure, ensuring that individuals can maintain a control over how their data is collected, processed, and shared. The data privacy has evolved in response to the increasing digitalization of services, rising cyber risks, and global awareness of individual rights. A plurality of modern privacy regulations were introduced to safeguard personal information, prevent fraud and identity theft, and build user trust by mandating responsible data-handling practices. These regulations operate through defined legal frameworks, consent requirements, data- processing limitations, and accountability mechanisms that govern applications across industries including but not limited to a finance, healthcare, digital services, and telecommunications. Typically, existing mechanisms and systems for ensuring compliance with privacy regulations typically involve structured workflows for data-flow evaluation, documented risk assessments, approval pathways, and periodic audits. The organizations appoint Data Protection Officers (DPOs) to evaluate business requirements, determine regulatory obligations, and verify whether proposed data flows align with applicable privacy standards. Additionally, many enterprises rely on established compliance frameworks, governance tools, and policy-driven platforms adapted to track data-processing activities, maintain records of decisions, and help demonstrate adherence to privacy rules. These mechanisms enable the organizations to operate in a controlled, transparent, and traceable manner while safeguarding personal information.

[0008] Despite significant advancement and technical upgradations in the data privacy system and mechanism, the existing systems and current practices still exhibit significant limitations. Firstly, much of the analysis performed by DPOs such as identifying inherent risks in a requested data flow, interpreting regulatory requirements, or reviewing contextual business needs is surely a manual, timeconsuming, and dependent on individual expertise. Additionally, manual evaluation restricts scalability in large organizations where thousands of data flows may need review. Although DPOs aim to ensure that approved data flows remain verifiably compliant, repeatable, and auditable, the manual nature of the process makes consistency difficult to maintain across diverse operational scenario.

[0009] Furthermore, existing mechanisms do not inherently provide mathematical or automated guarantees regarding compliance confidence, risk evaluation accuracy, or long-term auditability. Moreover, the manual assessments are susceptible to oversight, subjective interpretation, and inconsistent documentation, limiting the ability to generate repeatable results or defensible compliance proofs. As regulations continue to evolve globally and data-processing requirements grow increasingly complex, the absence of scalable and verifiable mechanisms creates operational bottlenecks and heightens the probability of privacy risks. Hence, there is a need for an improved a system and a method for data protection assessment using threat modelling and adaptive optimization which addresses the aforementioned issue(s).

[0010] OBJECTIVES OF THE INVENTION

[0011] The primary objective of the invention is to provide a system adapted to perform a threat-modelling-driven data protection impact assessment using deep learning and adversarial analysis. The system aims to automatically identify vulnerabilities within proposed approvals and data flows, thereby offering a mathematically grounded and technically robust mechanism for safeguarding personal information. This enables a proactive risk detection rather than relying on manual, subjective evaluations.

[0012] Another objective of the invention is to establish an automated and transparent mechanism for capturing, organizing, and validating data access requirements. The system is adapted to systematically document data access requests and corresponding business needs, ensuring that the underlying data usage remains traceable and compliant. This creates a standardized foundation for evaluating regulatory and operational obligations for each requested data flow.

[0013] Yet another objective of the invention is to generate an automated, context-aware regulatory and technical recommendations that align each data access request with applicable privacy requirements. The system is adapted to analyse regulatory obligations, propose tailored compliance actions, and deliver an actionable technical safeguards. This automation reduces human dependency, minimizes compliance errors, and enhances the repeatability and auditability of decisions.

[0014] Yet another objective of the invention is to incorporate a compliance authority oversight and approval workflows in a streamlined, optimization-driven manner. The system is adapted to refine automated recommendations through a human in loop optimization review. Additionally, the system manages consent-related obligations and standardize risk-mitigated data flows across the organization. By integrating these functionalities into a unified framework, the system offers a disruptive technical solution that automates risk assessment, strengthens data protection, and ensures verifiable compliance at scale.

[0015] SUMMARY

[0016] In accordance with an embodiment of the present disclosure, a system for data protection assessment using threat modelling and adaptive optimization is disclosed. The system includes a processor, a memory coupled to the processor, wherein the memory includes instructions that when executed by the processor cause the processor to receive a data access request from one or more entity via an authenticated digital interface including a plurality of structured and unstructured data categories, metadata parameters, operational intent, and justification criteria, thereby initiating a contextual analysis of an associated data access operation to establish a plurality of baseline compliance parameters. Additionally, the processor is caused to analyse the data access request for each of a received data category and a corresponding metadata parameters by applying an adaptive classification logic and a plurality of correlation metrics across a stored data lineage information, thereby distinguishing a privacy-critical information from a non-sensitive operational data. Furthermore, the processor is caused to simulate a threat modelling on the data access request by evaluating a correlation among a plurality of privacy attributes, metadata parameters, operational parameters, and applicable regulatory and policy requirements. Moreover, the processor is caused to generate an analysed data access request and identify a plurality of potential vulnerabilities and exposure points associated with a data access operation. Moreover, the processor is caused to derive a composite risk index corresponding to the analysed data access request based on the results of the threat modelling, thereby determining an inherent exposure, sensitivity, and compliance impact of the analysed data access request. Moreover, the processor is caused to establish a structured risk profile corresponding to the composite risk index, wherein the structured risk profile includes quantified score adapted to indicate at least one of a sensitivity, exposure probability, and regulatory criticality across the analysed data access request. Moreover, the processor is caused to populate an assessment interface corresponding to the analysed data access request using the structured risk profile, wherein the assessment interface includes at least one assessment parameter, and associate each assessment parameter with a quantified score, thereby embedding a privacy threat modelling-based risk scoring within a data protection impact assessment and enable a guided and a semi-automated compliance evaluation. Moreover, the processor is caused to determine a compliance recommendation by correlating the composite risk index and the assessment interface with a stored regulatory framework and an organizational policy dataset, thereby achieving conformance of the analysed data access request with a plurality of mandatory regulatory and organizational data protection requirements. Moreover, the processor is caused to derive a plurality of safeguard parameters based on the compliance recommendation, wherein the plurality of safeguard parameters includes at least one of an access control rule, encryption configuration, anonymization procedure, and a data isolation directive to mitigate the plurality of potential vulnerabilities. Moreover, the processor is caused to facilitate a validation and authorization by a compliance authority to verify the compliance recommendation and the plurality of safeguard parameters, thereby perform at least one of an authorize, a modify, and reject a proposed data access request based on a contextual justification. Moreover, the processor is caused to record a compliance trace of a validated approval decision by writing final disposition metadata into a compliance registry linked to a plurality of risk indicators and the threat model, thereby maintaining an end-to-end traceability of a data access authorization.

[0017] In accordance with an embodiment of the present disclosure, a method for data protection assessment using threat modelling and adaptive optimization is disclosed. The method includes receiving, by one or more entity, a data access request via an authenticated digital interface including a plurality of structured and unstructured data categories, metadata parameters, operational intent, and justification criteria, thereby initiating a contextual analysis of an associated data access operation to establish a plurality of baseline compliance parameters. Additionally, the method includes analysing, by applying an adaptive classification logic and a plurality of correlation metrics across a stored data lineage information, the data access request for each of a received data category and a corresponding metadata parameters, thereby distinguishing a privacy -critical information from a non-sensitive operational data. Furthermore, the method includes simulating, by evaluating a correlation among a plurality of constraints, a threat modelling on the data access request, wherein the constraint includes at least one of a privacy attribute, metadata parameters, operational parameters, applicable regulatory and policy requirements. Moreover, the method includes generating, by identifying a plurality of potential vulnerabilities and exposure points associated with a data access operation, an analysed data access request. Moreover, the method includes deriving, based on the results of the threat modelling, a composite risk index corresponding to the analysed data access request, thereby determining an inherent exposure, sensitivity, and compliance impact of the analysed data access request. Moreover, the method includes establishing, a structured risk profile corresponding to the composite risk index, wherein the structured risk profile includes quantified score adapted to indicate at least one of a sensitivity, exposure probability, and regulatory criticality across the analysed data access request. Moreover, the method includes populating, by utilizing the structured risk profile, an assessment interface corresponding to the analysed data access request , wherein the assessment interface includes at least one assessment parameter, and associate each assessment parameter with a quantified score, thereby embedding a privacy threat modellingbased risk scoring within a data protection impact assessment and enable a guided and a semi-automated compliance evaluation. Moreover, the method includes determining, by correlating the composite risk index and the assessment interface, a compliance recommendation with a stored regulatory framework and an organizational policy dataset, thereby achieving conformance of the analysed data access request with a plurality of mandatory regulatory and organizational data protection requirements. Moreover, the method includes deriving, in response to the compliance recommendation a plurality of safeguard parameters, wherein the plurality of safeguard parameters includes at least one of an access control rule, encryption configuration, anonymization procedure, and a data isolation directive to mitigate the plurality of potential vulnerabilities. Moreover, the method includes facilitating, by a compliance authority, a validation and authorization to verify the compliance recommendation and the plurality of safeguard parameters, thereby performing at least one of an authorize, a modify, and reject a proposed data access request based on a contextual justification. Moreover, the method includes recording, by writing final disposition metadata into a compliance registry, a compliance trace of a validated approval decision, wherein the compliance registry is linked to a plurality of risk indicators and the threat model, thereby maintaining an end-to-end traceability of a data access authorization.

[0018] To further clarify the advantages and features of the present disclosure, a more particular description of the disclosure will follow by reference to specific embodiments thereof, which are illustrated in the appended figures. It is to be appreciated that these figures depict only typical embodiments of the disclosure and are therefore not to be considered limiting in scope. The disclosure will be described and explained with additional specificity and detail with the appended figures.

[0019] BRIEF DESCRIPTION OF THE DRAWINGS

[0020] The disclosure will be described and explained with additional specificity and detail with the accompanying figures in which:

[0021] FIG. 1 illustrates a network environment for a system for data protection assessment using threat modelling and adaptive optimization in accordance with an embodiment of the present disclosure;

[0022] FIG. 2 illustrates a schematic diagram of a user device of FIG. 1, in accordance with an example implementation of the present subject matter; FIG. 3 illustrates a schematic diagram of the system for data protection assessment using threat modelling and adaptive optimization of FIG. 1, in accordance with an embodiment of the present disclosure;

[0023] FIG. 4 (a) is a flow chart representing the steps involved in a method for data protection assessment using threat modelling and adaptive optimization in accordance with an embodiment of the present disclosure; and

[0024] FIG. 4 (b) illustrates continued steps of the method of FIG. 4 (a) in accordance with an embodiment of the present disclosure.

[0025] Further, those skilled in the art will appreciate that elements in the figures are illustrated for simplicity and may not have necessarily been drawn to scale. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the figures by conventional symbols, and the figures may show only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the figures with details that will be readily apparent to those skilled in the art having the benefit of the description herein.

[0026] DETAILED DESCRIPTION

[0027] For the purpose of promoting an understanding of the principles of the disclosure, reference will now be made to the embodiment illustrated in the figures and specific language will be used to describe them. It will nevertheless be understood that no limitation of the scope of the disclosure is thereby intended. Such alterations and further modifications in the illustrated system, and such further applications of the principles of the disclosure as would normally occur to those skilled in the art are to be construed as being within the scope of the present disclosure.

[0028] The terms “comprises”, “comprising”, or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a process or method that comprises a list of steps does not include only those steps but may include other steps not expressly listed or inherent to such a process or method. Similarly, one or more devices or subsystems or elements or structures or components preceded by "comprises... a" does not, without more constraints, preclude the existence of other devices, sub-systems, elements, structures, components, additional devices, additional sub-systems, additional elements, additional structures or additional components. Appearances of the phrase "in an embodiment", "in another embodiment" and similar language throughout this specification may, but not necessarily do, all refer to the same embodiment.

[0029] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by those skilled in the art to which this disclosure belongs. The system, methods, and examples provided herein are only illustrative and not intended to be limiting.

[0030] In the following specification and the claims, reference will be made to a number of terms, which shall be defined to have the following meanings. The singular forms “a”, “an”, and “the” include plural references unless the context clearly dictates otherwise.

[0031] A system for data protection assessment using threat modelling and adaptive optimization is disclosed. The system includes a processor, a memory coupled to the processor, wherein the memory includes instructions that when executed by the processor cause the processor to receive a data access request from one or more entity via an authenticated digital interface including a plurality of structured and unstructured data categories, metadata parameters, operational intent, and justification criteria, thereby initiating a contextual analysis of an associated data access operation to establish a plurality of baseline compliance parameters. Additionally, the processor is caused to analyse the data access request for each of a received data category and a corresponding metadata parameters by applying an adaptive classification logic and a plurality of correlation metrics across a stored data lineage information, thereby distinguishing a privacy-critical information from a non-sensitive operational data. Furthermore, the processor is caused to simulate a threat modelling on the data access request by evaluating a correlation among a plurality of privacy attributes, metadata parameters, operational parameters, and applicable regulatory and policy requirements. Moreover, the processor is caused to generate an analysed data access request and identify a plurality of potential vulnerabilities and exposure points associated with a data access operation. Moreover, the processor is caused to derive a composite risk index corresponding to the analysed data access request based on the results of the threat modelling, thereby determining an inherent exposure, sensitivity, and compliance impact of the analysed data access request. Moreover, the processor is caused to establish a structured risk profile corresponding to the composite risk index, wherein the structured risk profile includes quantified score adapted to indicate at least one of a sensitivity, exposure probability, and regulatory criticality across the analysed data access request. Moreover, the processor is caused to populate an assessment interface corresponding to the analysed data access request using the structured risk profile, wherein the assessment interface includes at least one assessment parameter, and associate each assessment parameter with a quantified score, thereby embedding a privacy threat modelling-based risk scoring within a data protection impact assessment and enable a guided and a semi-automated compliance evaluation. Moreover, the processor is caused to determine a compliance recommendation by correlating the composite risk index and the assessment interface with a stored regulatory framework and an organizational policy dataset, thereby achieving conformance of the analysed data access request with a plurality of mandatory regulatory and organizational data protection requirements. Moreover, the processor is caused to derive a plurality of safeguard parameters based on the compliance recommendation, wherein the plurality of safeguard parameters includes at least one of an access control rule, encryption configuration, anonymization procedure, and a data isolation directive to mitigate the plurality of potential vulnerabilities. Moreover, the processor is caused to facilitate a validation and authorization by a compliance authority to verify the compliance recommendation and the plurality of safeguard parameters, thereby perform at least one of an authorize, a modify, and reject a proposed data access request based on a contextual justification. Moreover, the processor is caused to record a compliance trace of a validated approval decision by writing final disposition metadata into a compliance registry linked to a plurality of risk indicators and the threat model, thereby maintaining an end-to-end traceability of a data access authorization.

[0032] FIG. 1 illustrates a network environment for a system for data protection assessment using threat modelling and adaptive optimization in accordance with an embodiment of the present disclosure.

[0033] Referring to FIG. 1, a one or more entity (120) operates as an interaction point within the system (100) and can interchangeably function as a user (120) without altering the structural scope. The one or more entity (120) is characterized as an identifiable, authenticated participant capable of initiating or responding to data- flow-related interactions at a system (100) level, irrespective of whether it is embodied as an individual, service, or organizational node. Correspondingly, an authenticated digital interface (125) serves as the system’s (100) access medium and can interchangeably be utilized as a user device (125), representing any trusted computational interface through which the entity communicates with the system (100). The authenticated digital interface (125) is characterized by its ability to securely transmit requests, display system-generated outputs, and maintain authentication integrity across interactions. In the broader scope, these interchangeable mappings allow the system (100) to flexibly support varying types of entities and digital interfaces while maintaining consistent flow validation, compliance verification, and auditability requirements. Further, the user (120) may access the system (100) over a network (115). Examples of the user device (125) includes, but is not limited to, a mobile phone, desktop computer, portable digital assistant (PDA), smart phone, tablet, ultra-book, netbook, laptop, multi -processor system, microprocessor-based or programmable consumer electronic system, or any other communication device that the user (120) may use. It will be appreciated that the system (100) may be presented to the user (120) on a corresponding user device (125) as a web application accessed through a browser, through a software application on the user device (125), or, particularly for smartphones, through a mobile application installed at the smartphone. It will be appreciated that, within the context of the disclosure herein, web application refers to a utility implemented on a networked computing system accessible by user device (125) over the Internet (e.g. through browsers) wherein the bulk of the processing takes place at the networked computing system, mobile applications refer to applications installed on smartphones that may communicate with a networked computing system, and a “software” application refers generally to applications other than web browsers installed on other types of user device (125) that may communicate with a networked computing system over the network (115).

[0034] The network (115) may be a single communication network or a combination of multiple communication networks and may use a variety of different communication protocols. The network (115) may be a wireless network, a wired network, or a combination thereof. Examples of the network (115) includes, but is not limited to, Global System for Mobile Communication (GSM) network, Universal Mobile Telecommunications System (UMTS) network, Personal Communications Service (PCS) network, Time Division Multiple Access TDMA) network, Code Division Multiple Access (CDMA) network, Next Generation Network (NON), Public Switched Telephone Network (PSTN). Depending on the technology, the network (115) may include various network entities, such as gateways and routers, however, such details have been omitted for the sake of brevity of the present description.

[0035] The system (100) may have a homepage that is presented to the user (120) including the one or more entity, accessing a top-level web address for web applications presented to the user (120) in a browser or a welcome screen for software and mobile applications. The homepage is adapted to serve as the primary data dashboard and presents users (120) with an interactive interface for bias detection and reflective evaluation using adaptive simulated interactions. The users (120) navigate this interface to upload datasets, customize views, and extract meaningful insights efficiently. The homepage may include links to a user log-in interface or general information about the system (100). It will be appreciated that the presentation of a homepage may not be necessary, for example, the one or more entity (120) may bypass initial interaction layers and directly initiate the permitted compliance-related operations assigned to its classification. In such cases, the one or more entity (120) can access authorized modules and trigger system-defined evaluation processes without navigating intermediate steps. This enables streamlined execution of assigned functions while remaining within authenticated operational boundaries.

[0036] A new or unregistered user (120), including the one or more entity (120) can access the user log-in interface, fill out the log-in information corresponding to the user's account, and indicate that the user (120) wishes to sign in. It will be appreciated that any conventional registration and log-in techniques for web applications, software application, and mobile applications may be used, whichever is appropriate for the user (120). While registering the user (120) may be prompted to provide username and corresponding user credentials, not limited to, password, geographical location, and contact information and upon receipt of the foregoing information, a corresponding user-profile may be created and stored on a respective database (395, fig 3) of the system (100).

[0037] Additionally, the network (115) environment includes a threat modelling (130) adapted to represent a system-level analytical construct configured to systematically identify potential vulnerabilities associated with requested data flows. It operates through predefined evaluative parameters that map exposure points without executing actual user-specific actions. Its characteristics include rule-driven analysis, scenario classification, and alignment with the one or more entity (120) inputs routed through the authenticated digital interface (125) where required. Furthermore, the network (115) environment includes a composite risk index (135). The composite risk index (135) is a generated numerical or categorical indicator representing aggregated risk derived from multiple evaluative dimensions. It functions as a synthesized risk output rather than a functional module, providing a consolidated representation of threat likelihood and impact. It is characterized by its weighted computation model and its ability to reflect system-wide risk posture based on processed the one or more entity (120) as well an individual user data requests.

[0038] Moreover, the network (115) environment includes a structured risk profile (140), wherein the structured risk profile (140) is a machine-readable representation of risk attributes associated with a specific data-flow request. It works as an organized data artifact composed of categorized risk elements and hierarchical descriptors. Its characteristics include consistency, repeatability, and traceability, ensuring that the one or more entity (120)-initiated assessments can be uniformly interpreted across the system (100).

[0039] Moreover, the network (115) environment includes an assessment interface (145), a controlled system (100) interaction layer through which analytical inputs and outputs are exchanged. It is characterized by secure input validation, structured presentation of assessment outcomes, and compatibility with the authenticated digital interface (125). Rather than performing operations, it serves as a technical conduit linking system modules to the one or more entity (120) data requests.

[0040] Moreover, the network (115) environment includes a compliance recommendation (150) framework. The compliance recommendation (150) is a generated advisory output indicating whether a data-flow request aligns with applicable privacy or regulatory constraints. Its characteristics include but not limited to a rule-encoded derivation, deterministic output generation, and consistency in reflecting assessed risk conditions. It acts as a structured guidance artifact without executing enforcement functions. Moreover, the network (115) environment includes a plurality of safeguard parameters (155) adapted to represent a set of predefined technical conditions or thresholds that outline required protections for specific categories of data flows. They operate as reference constraints rather than active controls and are characterized by their specificity, adaptability, and integration with evaluated risk outcomes. These safeguard parameters (155) help contextualize the system’s (100) interpretation of acceptable protections.

[0041] Moreover, the network (115) environment includes a compliance authority (160). The compliance authority (160) is an oversight component that defines or validates the regulatory rules and standards embedded within system logic. It is characterized by its authoritative rule base, audit alignment capability, and supervisory influence over system output. It includes and interfaces a human in loop optimization and an in-person validation including but not limited to a Data Protection Officer (DPO) as a nodal entity. It interacts indirectly with the one or more entity (120) data access request decisions by ensuring that all derived profiles and recommendations align with prescribed regulation.

[0042] Moreover, the network (115) environment includes a structured data set (165), adapted to work as an organized digital representation of all relevant assessment inputs, intermediate results, and generated outputs. It is characterized by its standardized schema, auditability, and ability to support repeatable and verifiable computations across the system (100). This structured data set (165) enables consistent interpretation of the entity (120)-initiated requests and facilitates transparent decision trails within the system (100).

[0043] In accordance with an embodiment of the present disclosure, a system for data protection assessment using threat modelling and adaptive optimization is disclosed. The system (100) includes a processor (105, fig 2), a memory (110, fig 2) coupled to the processor (105, fig 2), wherein the memory (110, fig 2) includes instructions that when executed by the processor (105, fig 2) cause the processor (105, fig 2) to receive a data access request (345, fig 3) from one or more entity (120) via an authenticated digital interface (125) comprising a plurality of structured and unstructured data categories (350, fig 3), metadata parameters (355, fig 3), operational intent, and justification criteria, thereby initiating a contextual analysis of an associated data access operation to establish a plurality of baseline compliance parameters (360, fig 3). Additionally, the processor (105, fig 2) is caused to analyse the data access request (345, fig 3) for each of a received data category and a corresponding metadata parameters (355, fig 3) by applying an adaptive classification logic and a plurality of correlation metrics across a stored data lineage information, thereby distinguishing a privacy-critical information from a non-sensitive operational data. Furthermore, the processor (105, fig 2) is caused to simulate a threat modelling (130) on the data access request (345, fig 3) by evaluating a correlation among a plurality of privacy attributes (365, fig 3) , metadata parameters (355, fig 3), operational parameters, and applicable regulatory and policy requirements. Moreover, the processor (105, fig 2) is caused to generate an analysed data access request (370, fig 3) and identify a plurality of potential vulnerabilities (375, fig 3) and exposure points associated with a data access operation. Moreover, the processor (105, fig 2) is caused to derive a composite risk index (135) corresponding to the analysed data access request (370) based on the results of the threat modelling (130), thereby determining an inherent exposure, sensitivity, and compliance impact of the analysed data access request (370). Moreover, the processor (105, fig 2) is caused to establish the structured risk profile (140) corresponding to the composite risk index (135), wherein the structured risk profile (140) comprises quantified score (380, fig 3) adapted to indicate at least one of a sensitivity, exposure probability, and regulatory criticality across the analysed data access request. Moreover, the processor (105, fig 2) is caused to populate an assessment interface (145) corresponding to the analysed data access request (370, fig 3) using the structured risk profile (140), wherein the assessment interface (145) comprises at least one assessment parameter, and associate each assessment parameter with a quantified score (380, fig 3), thereby embedding a privacy threat modelling-based risk scoring (385, fig 3) within a data protection impact assessment (387, fig 3) and enable a guided and a semi-automated compliance evaluation. Moreover, the processor (105, fig 2) is caused to determine a compliance recommendation (150) by correlating the composite risk index (135) and the assessment interface (145) with a stored regulatory framework and an organizational policy dataset, thereby achieving conformance of the analysed data access request (370, fig 3) with a plurality of mandatory regulatory and organizational data protection requirements. Moreover, the processor (105, fig 2) is caused to derive a plurality of safeguard parameters (155) based on the compliance recommendation (150), wherein the plurality of safeguard parameters (155) comprise at least one of an access control rule, encryption configuration, anonymization procedure, and a data isolation directive to mitigate the plurality of potential vulnerabilities (375, fig 3). Moreover, the processor (105, fig 2) is caused to facilitate a validation and authorization by a compliance authority (160) to verify the compliance recommendation (150) and the plurality of safeguard parameters (155), thereby perform at least one of an authorize, a modify, and reject a proposed data access request (345, fig 3) based on a contextual justification. Moreover, the processor (105, fig 2) is caused to record a compliance trace (388, fig 3) of a validated approval decision by writing final disposition metadata into a compliance registry linked to a plurality of risk indicators and the threat model, thereby maintaining an end-to-end traceability of a data access authorization.

[0044] It may be noted that the foregoing system (100) is an exemplary system and may be implemented as computer executable instructions in any computing or processing environment, including in digital electronic circuitry or in computer hardware, firmware, device driver, or software. As such, the system (100) is not limited to any specific hardware or software configuration.

[0045] FIG.2 illustrates a schematic diagram of a user device (125) of FIG. 1, in accordance with an example implementation of the present subject matter, wherein the user device (125) as here in the proposed invention relates to the authenticated digital interface (125). Referring to FIG. 2, the user device (125) may comprise a processor(s) (105), a memory(s) (110) coupled to and accessible by the processor(s) (105), and an interface (215) coupled to the memory(s) (110). The user device (125) disclosed herein may be same as the authenticated digital interface (125) described in FIG. 1. The functions of various elements shown in the figs., including any functional blocks labelled as "processor(s) (105)", may be provided through the use of dedicated hardware as well as hardware capable of executing instructions. When provided by a processor (105), the functions may be provided by a single dedicated processor, by a single shared processor, or by a plurality of individual processors, some of which may be shared. Moreover, explicit use of the term "processor (105)" would not be construed to refer exclusively to hardware capable of executing instructions, and may implicitly comprise, without limitation, digital signal processor (DSP) hardware, network processor, application specific integrated circuit (ASIC), field programmable gate array (FPGA). Other hardware, standard and / or custom, may also be coupled to the processor(s) (105). The user device (125) may further include a display (205) in addition to other components such as, but not limited to, keyboard, sensors, logic circuits etc. Further, the user device (125) may include data (210) which may include data (210) including data access request (345, fig 3), structured and unstructured data categories (350, fig 3), metadata parameters (355, fig 3), baseline compliance parameters (360, fig 3), privacy attributes (365, fig 3), analysed data access request (370, fig 3), potential vulnerabilities (375, fig 3), quantified score (380, fig 3), privacy threat modelling based risk scoring (385, fig 3), data protection impact assessment (387, fig 3), compliance trace (388, fig 3) and predefined templates (390, fig 3) that may be stored in the database (395), utilized or generated during the operation of the user device (125).

[0046] The memory(s) (110) may be a computer-readable medium, examples of which comprise volatile memory (e.g., RAM), and / or non-volatile memory (e.g., Erasable Programmable read-only memory, i.e. EPROM, flash memory, etc.). The memory(s) (110) may be an external memory, or internal memory, such as a flash drive, a compact disk drive, an external hard disk drive, or the like. The user device (125) may further include an interface (215) that may allow the connection or coupling of the user device (125) with one or more other devices, through a wired (e.g., Local Area Network, i.e., LAN) connection or through a wireless connection (e.g., Bluetooth®, Wi-Fi), for example, for connecting to the system (100) shown in FIG. 1. The interface (215) may also enable intercommunication between different logical as well as hardware components of the user device (125).

[0047] FIG. 3 illustrates a schematic diagram of the system for data protection assessment using threat modelling and adaptive optimization of FIG. 1, in accordance with an embodiment of the present disclosure. Referring to FIG. 3, the system (100) include a processor(s) (105), a memory(s) (110) coupled to and accessible by the processor(s) (105), database (395) and a user interface (398) coupled to the memory(s) (110).

[0048] The system (100) disclosed herein is the same as the system (100) described in FIG.

[0049] 1. The functions of various elements shown in the figs., including any functional blocks labelled as "processor(s)", may be provided through the use of dedicated hardware as well as hardware capable of executing instructions. When provided by a processor, the functions may be provided by a single dedicated processor, by a single shared processor, or by a plurality of individual processors, some of which may be shared. Moreover, explicit use of the term "processor" would not be construed to refer exclusively to hardware capable of executing instructions, and may implicitly comprise, without limitation, digital signal processor (DSP) hardware, network processor, application specific integrated circuit (ASIC), field programmable gate array (FPGA). Other hardware, standard and / or custom, may also be coupled to the processor(s) (105). The system (100) may further include other components such as, but not limited to, keyboard, sensors, logic circuits, input / output interfaces etc. Further, the system (100) may include data (not shown) which may include data that may be stored, utilized or generated during the operation of the computer implemented system (100).

[0050] The memory(s) (110) may be a computer-readable medium, examples of which comprise volatile memory (e.g., RAM), and / or non-volatile memory (e.g., Erasable Programmable read-only memory, i.e. EPROM, flash memory, etc.). The memory(s) (110) may be an external memory, or internal memory, such as a flash drive, a compact disk drive, an external hard disk drive, or the like. The system (100) may further include the user interface (398) that may allow the connection or coupling of the system (100) with one or more other devices, through a wired (e.g., Local Area Network, i.e., LAN) connection or through a wireless connection (e.g., Bluetooth®, Wi-Fi)., for example, for connecting to the user device (125) including the one or more entity as shown in FIG. 1. The user interface (398) may also enable intercommunication between different logical as well as hardware components of the system (100).

[0051] The system (100) may be provided with a database (395) to store a plurality of data (210) including data access request (345), structured and unstructured data categories (350), metadata parameters (355), baseline compliance parameters (360), privacy attributes (365), analysed data access request (370), potential vulnerabilities (375), quantified score (380), privacy threat modelling based risk scoring (385), data protection impact assessment (387), compliance trace (388) and predefined templates (390). In an example implementation of the system (100) including one or more servers, the databases (395) may be local to the server or may be remote to the server. It may be noted that the data (210) in the databases (395) may be stored as a table or may be pre-stored as a mapping with the other. This application is not limited thereto.

[0052] The system (100) may include module(s). The module(s) may include a data access request collection module (305), a threat modelling module (310), a risk profiling module (315), a technical recommendation module (320), a safeguard derivation module (325) and an authorization and trace module (330). In one example, the module(s) may be implemented as a combination of hardware and firmware. In an example described herein, such combinations of hardware and firmware may be implemented in several different ways. For example, the firmware for module(s) may be processor (105) executable instructions stored on a non-transitory machine- readable storage medium and the hardware for the module(s) may include a processing resource (for example, implemented as either single processor or combination of multiple processors), to execute such instructions. Further, the hardware for the module(s) may include communication apparatuses, control circuitries involving electrical and electronics components, sensors, and interface devices, which may be in communication with each other for multi-directional communication there between.

[0053] The system (100) may further include engine(s). The engine(s) include a classification and correlation engine (335) and a risk computation engine (340). The engine(s) may be implemented as a combination of hardware and programming, for example, programmable instructions to implement a variety of functionalities of the engine(s). In examples described herein, such combinations of hardware and programming may be implemented in several different ways. For example, the programming for the engine(s) may be executable instructions. Such instructions may be stored on a non-transitory machine-readable storage medium which may be coupled either directly with the system or indirectly (for example, through networked means). In an example, the engine(s) may include a processing resource, for example, either a single processor (105) or a combination of multiple processors (105), to execute such instructions. In the present examples, the non-transitory machine-readable storage medium may store instructions that, when executed by the processing resource, implement engine(s). In other examples, the engine(s) may be implemented as electronic circuitry.

[0054] Further, the system (100) includes data (210). The data (210) may include data (210) that is either stored or generated as a result of functions implemented by the system (100). It may be further noted that information stored and available in data (210) may be utilized for performing various functions by the system (100). In an example, data (210) may include data access request (345), structured and unstructured data categories (350), metadata parameters (355), baseline compliance parameters (360), privacy attributes (365), analysed data access request (370), potential vulnerabilities (375), quantified score (380), privacy threat modelling based risk scoring (385), data protection impact assessment (387), compliance trace (388) and predefined templates (390). It may be noted that such examples of the various functions are only indicative. The present approaches may be applicable to other examples without deviating from the scope of the present subject matter.

[0055] In the present examples, the non-transitory machine-readable storage medium may store instructions that, when executed by the processing resource, implement the functionalities of modules(s). In such examples, the system (100) may include the machine-readable storage medium storing the instructions and the processing resource to execute the instructions. In other examples of the present subject matter, the machine-readable storage medium may be located at a different location but accessible to the system (100) and the processor(s) (105).

[0056] In operation, the data access request collection module (305) is configured to receive a data access request (345) from one or more entity (120) via an authenticated digital interface (125) comprising a plurality of structured and unstructured data categories (350), metadata parameters (355), operational intent, and justification criteria, thereby initiating a contextual analysis of an associated data access operation to establish a plurality of baseline compliance parameters (360). The system (100) initiates its operation by receiving the data access request (345), which represents a digitally submitted instruction seeking permission to view, retrieve, or process specific information, and may originate from one or more entity (120) including but not limited to an internal user, an external service, or an automated application workflow. This data access request (345) is transmitted through the authenticated digital interface (125), ensuring that only verified actors interact with the system (100), and is accompanied by structured data categories (350) like tabular records or indexed logs, and unstructured data categories (350) such as free-text reports, multimedia files, or sensor outputs relevant to the operational environment. Alongside these data types, the data access request (345) also includes metadata parameters (355), for example timestamps, user identifiers, file lineage attributes, or access-scope descriptors, which provide contextual markers enabling the system (100) to interpret the nature and sensitivity of the data being sought.

[0057] Using this combined input, the system (100) proceeds to infer the operational intent and justification criteria embedded within the data access request (345), enabling it to trigger a contextual analysis of the corresponding data access operation. Through this analysis, the system (100) formulates a plurality of baseline compliance parameters (360), such as permissible access duration, allowed data sensitivity class, required encryption state, or mandatory audit-logging thresholds, which collectively define an acceptable compliance envelope for the requested operation. These baseline compliance parameters serve as technical benchmarks against which the system (100) evaluates and governs subsequent data handling actions, ensuring that each operation adheres to predefined privacy, security, and regulatory constraints while maintaining consistent and traceable data-access behaviour across all interacting entities (120).

[0058] Additionally, in operation, the classification and correlation engine (335) is configured to analyse the data access request (345) for each of a received data category and a corresponding metadata parameters (355) by applying an adaptive classification logic and a plurality of correlation metrics across a stored data lineage information, thereby distinguishing a privacy-critical information from a nonsensitive operational data. The classification and correlation engine (335) processes the data access request (345) by evaluating each received data (210) category in conjunction with its corresponding metadata parameters (355), operating through an adaptive classification logic designed to adjust its decision rules based on contextual attributes and evolving data patterns. This adaptive logic may include rule-based filters, probabilistic classifiers, or semantic models that interpret the structure and purpose of the requested data (210). Alongside this, a plurality of correlation metrics is applied across stored data (210) lineage information, using dependency traces, relational mappings, and historical usage patterns to understand how the data (210) originated and how it flows within the system (100). These combined mechanisms allow the classification and correlation engine (335) to infer the sensitivity level of the requested elements more accurately. The resulting analysis sets the foundation for separating information that requires heightened privacy control from data (210) used merely for routine operational processing.

[0059] Additionally, the classification and correlation engine (335) is adapted to differentiate privacy-critical information including but not limited to a personal identifiers, health attributes, or behaviour-linked records from non-sensitive operational data, which may include aggregated statistics, anonymised logs, or general system performance indicators. This distinction is derived by correlating category-specific attributes with metadata cues like data origin, processing purpose, retention context, and applicable policies captured in the lineage records. The correlation metrics evaluate patterns such as identifiable links or policy -triggering characteristics that elevate an element’s privacy risk. Through this structured evaluation, the classification and correlation engine (335) ensures that contextually sensitive datasets are flagged for enhanced compliance handling while nonsensitive operational data proceeds through standard workflows. The integrated operation of classification logic and lineage-based correlation thereby enables precise, context-driven separation of data types within the system (100).

[0060] In one embodiment, the classification and correlation engine (335) comprises the structured dataset (165) adapted to update dynamically upon alteration of any received attribute to maintain synchronized analytical accuracy. The classification and correlation engine (335) incorporates the structured dataset (165) that is dynamically updated whenever any received privacy attribute (365) undergoes modification, allowing the system (100) to maintain synchronized analytical accuracy across the evolving data (210) context. This adaptive dataset (165) enables the classification and correlation engine (335) to consistently align its categorization and correlation outputs with the most recent operational inputs, ensuring that the relationship between data categories, metadata parameters, and lineage information remains technically reliable. The architecture further allows the structured dataset (165) to function interchangeably with a database (395), enabling either component to substitute the other for storing and retrieving analytical elements depending on implementation needs. Such mutual substitutability supports flexible deployment models while preserving the integrity of classification workflows. Through this configuration, the system (100) sustains high-fidelity analysis as data attributes change in real time, ensuring consistent technical coherence across all operational embodiments.

[0061] Furthermore, in operation, the threat modelling module (310) is configured to simulate a threat modelling (130) on the data access request (345) by evaluating a correlation among a plurality of privacy attributes (365) , metadata parameters (355), operational parameters, and applicable regulatory and policy requirements. The threat modelling module (310) simulates the threat modelling (130) process on the data access request (345) by assessing how a plurality of privacy attributes (365), metadata parameters (355), operational parameters, and applicable regulatory and policy requirements interact within the request. The plurality of privacy attributes may include identifiers, location traces, behavioural markers, or device-specific tokens that signal potential sensitivity. The applicable regulatory and policy requirements may encompass global or sector-specific obligations such as GDPR processing rules, HIPAA confidentiality safeguards, DPDP act, CCPA ,or internal organizational retention policies that govern data exposure. By evaluating these elements collectively, the threat modelling module (310) determines where vulnerability pathways may emerge and how the requested operation aligns with mandated compliance boundaries. This integrated analysis enables the system (100) to identify deviations, classify risk patterns, and constrain data operations to permissible and privacy-preserving behaviours.

[0062] Additionally, the threat modelling module (310) is configured to generate an analysed data access request (370) and identify a plurality of potential vulnerabilities (375) and exposure points associated with a data access operation. The system (100) processes the data access operation by generating the analysed data access request (370), which is produced after evaluating the contextual, operational, and compliance-related attributes contained in the original request including the data access request (345). This analysed data access request (370) output is then examined to identify a plurality of potential vulnerabilities (375), representing possible weaknesses including but not limited to an excessive permission, exposure of sensitive attributes, unsafe access paths, inconsistent metadata declarations, or anomalous operational behaviours that may create a security or privacy risk. These vulnerabilities may include examples like unauthorized cross-domain access, misuse of personal identifiers, insufficient encryption of transmitted data, or attempts to access datasets beyond an entity’s (120) defined operational scope. Each identified exposure point is mapped to the structure of the proposed system (100) so that it can be linked to the relevant data category, metadata parameter (355), regulatory criterion, or operational intent that triggered the risk. This interconnected evaluation allows the system (100) to apply corrective controls, initiate alerts, or adapt the access decision logic in real time, thereby ensuring that the analysed data access request (370) is propagated forward only after mitigating or flagging all vulnerability indicators.

[0063] Moreover, in operation, the risk computation engine (340) is configured to derive a composite risk index (135) corresponding to the analysed data access request (370) based on the results of the threat modelling (130), thereby determining an inherent exposure, sensitivity, and compliance impact of the analysed data access request (370). The risk computation engine (340) processes the analysed data access request (370) by applying the outcomes of the threat modelling (130), enabling the system (100) to map the evaluated privacy attributes (365), detected potential vulnerabilities (375), and contextual parameters into quantifiable risk factors. The risk computation engine (340) is adapted to interpret these factors through predefined and dynamically adjustable weighting models, allowing the system (100) to measure sensitivity levels, exposure likelihood, and compliance dependencies associated with the request. It then synthesizes these evaluated components into a composite risk index (135), which represents an aggregated numerical indicator of the operational, privacy, and regulatory risk. This composite risk index (135) further reflects how the analysed data access request (370) aligns with mandated compliance thresholds and internal governance rules. The resulting composite risk index (135) serves as a technical basis for subsequent system (100) actions such as approval, conditional authorization, or triggering additional verification workflow.

[0064] In one embodiment, the risk computation engine (340) is configured to validate the composite risk index (135) by cross-referencing the analysed data access request (370) with a historical risk pattern and prior compliance outcomes, to optimize reliability of a risk assessment. The risk computation engine (340) is configured to validate the composite risk index (135) by cross-referencing the analysed data access request (370) against historical risk patterns and prior compliance outcomes, thereby enhancing the reliability of the risk assessment. This validation involves comparing current data access characteristics with previously observed trends to identify consistency or deviations in potential exposure and sensitivity. By leveraging historical compliance results, the system (100) can adjust the composite risk index to reflect proven risk behaviours, improving predictive accuracy. This approach ensures that the risk evaluation remains data-driven and contextually informed. Consequently, the validated composite risk index (135) supports more precise and trustworthy guidance for subsequent compliance and mitigation decisions.

[0065] Moreover, in operation, the risk profiling module (315) is configured to establish a structured risk profile (140) corresponding to the composite risk index (135), wherein the structured risk profile (140) comprises quantified score (380) adapted to indicate at least one of a sensitivity, exposure probability, and regulatory criticality across the analysed data access request. The risk profiling module (315) formulates the structured risk profile (140) by interpreting the composite risk index (135) derived from the evaluated data access request (370), thereby allowing the system (100) to transition from a raw risk measurement into an organized and quantifiable representation. It processes this composite risk index (135) to generate a quantified score (380) that numerically reflects dimensions such as the sensitivity of the requested data (210), the probability of exposure during the access operation, and the level of regulatory criticality triggered by the request. The structured risk profile (140) operates as a layered analytical construct, formed by aggregating these quantified dimensions into a uniform scoring schema that enables consistent assessment across diverse data access contexts. Within the system (100), this profile acts as a standardized risk blueprint that guides downstream decision-making, such as determining approval conditions, applying additional verification layers, or invoking automated compliance controls. Through this structured approach, the risk profiling module (315) ensures that each analysed data access request (370) is associated with a clear, technically derived, and system-readable risk representation.

[0066] In one embodiment, in the proposed system (100) the structured risk profile (140) can be populated and interpreted as a privacy x ray report adapted to provide a risk summary, wherein each of the plurality of attribute and the associated metadata parameters (355) are classified in to a risk category including but not limited to a low, medium, high and severe risk category, thereby combining all the attributes to provide the risk summary. Additionally, in one embodiment the composite risk index (135) can be called and utilized as a PXAR index, and the corresponding quantified score (380) can be utilized as a PXAR score in the system (100) and the scalable and adaptable features of the invention.

[0067] In one embodiment, the risk profiling module (315) is configured to prioritize a plurality of risk parameters within the structured and unstructured data risk profile by assigning a relative weighting to privacy attributes (365), metadata parameters (355), and operational intent, to highlight higher-risk elements for focused evaluation. The risk profiling module (315) is adapted to refine the structured and unstructured data risk profile by progressively evaluating the received attributes and assigning relative weightings to each privacy attribute (365), metadata parameter (355), and operational intent, thereby enabling the system (100) to emphasize data elements that present elevated exposure likelihood. A structured and unstructured data risk profile refers to an organized representation of risks associated with different types of data (210) processed within the system (100). The structured data risk profiles relate to information stored in predefined formats such as tables or records including but not limited to a customer IDs, and transaction logs, while the unstructured data risk profiles concern free-form information such as documents, emails, or audio files that may contain unpredictable or hidden sensitive elements. These risk profiling module (315) enable the system (100) to map sensitivity levels, exposure likelihood, and compliance relevance across diverse data forms As the risk profiling module (315) applies these weighted assessments, the system (100) generates a prioritized representation in which highly sensitive identifiers, critical metadata such as timestamps or source identifiers, and intent indicators that imply broader data (210) use are surfaced for closer scrutiny. This weighted prioritization allows the system (100) to distinguish elements that could trigger regulatory obligations or operational safeguards from low-impact data points, ensuring that high-risk parameters receive targeted attention. Through this dynamic weighting logic, the risk profiling module (315) enhances the precision of downstream evaluation processes by directing compliance analysis and control application toward areas with the greatest potential risk.

[0068] In one embodiment, the risk profiling module (315) is configured to integrate an optional contextual metadata associated with the analysed data access request (370) into the structured risk profile (140), to support enhanced granularity in the semiautomated compliance evaluation. The risk profiling module (315) is adapted to incorporate optional contextual metadata linked to the analysed data access request (370) into the structured risk profile (140), thereby enabling more detailed and granular assessment of potential risks. This integration allows the system (100) to capture additional operational or environmental context, such as user location, time of access, or system load, which can influence the evaluation of privacy and compliance impact. By embedding this contextual information, the structured risk profile (140) becomes more comprehensive, supporting refined scoring of sensitivity, exposure, and regulatory criticality. This enhanced granularity facilitates a semi-automated compliance evaluation, allowing the system (100) to prioritize high-risk elements more accurately.

[0069] In one embodiment, the risk profiling module (315) is configured to assign confidence scores to the structured risk profile (140) parameters based on historical outcomes, to provide an indication of reliability for each of a risk dimension. The risk profiling module (315) is configured to assign confidence scores to the parameters of the structured risk profile (140) by analysing historical outcomes, thereby quantifying the reliability of each risk dimension. This mechanism evaluates past data access operations and their associated compliance results to determine the likelihood that a given risk assessment is accurate. By incorporating these confidence scores, the system (100) can differentiate between high-certainty and low-certainty risk indicators, allowing focused attention on areas with greater uncertainty. The approach enhances the precision of the structured risk profile (140), supporting informed decision-making in semi -automated compliance evaluations. Overall, this enables the system (100) to prioritize mitigation efforts effectively while maintaining adaptive and data-driven risk assessment.

[0070] Moreover, in operation, the technical recommendation module (320) is configured to populate an assessment interface (145) corresponding to the analysed data access request (370) using the structured risk profile (140), wherein the assessment interface (145) comprises at least one assessment parameter, and associate each assessment parameter with a quantified score (380), thereby embedding a privacy threat modelling-based risk scoring (385) within a data protection impact assessment (387) and enable a guided and a semi-automated compliance evaluation. The technical recommendation module (320) populates the assessment interface (145) mapped to the analysed data access request (370) by leveraging the structured risk profile (140), and the assessment interface (145) arranges multiple assessment parameters in a systematic evaluation layout. Each parameter is aligned with a quantified score (380) so that the assessment interface (145) reflects the sensitivity, likelihood of exposure, and regulatory relevance inferred from the earlier analysis. This structured scoring mechanism embeds a privacy threat modelling-based risk scoring (385), which represents a weighted evaluation generated from modelling privacy-centric attack vectors, such as unauthorized attribute inference or misuse of sensitive identifiers. Such scoring is integrated directly into a data protection impact assessment (387), enabling the assessment interface (145) to show how each risk factor affects compliance readiness. The assessment interface (145) thereby becomes a dynamic layer that translates technical risk insights into actionable compliance indicator.

[0071] Additionally, the data protection impact assessment (387) within this assessment interface (145) functions as a consolidated decision environment that highlights the regulatory implications of the analysed data access request (370), for example showing whether a high-risk data operation requires additional safeguards under privacy regulations. The embedded privacy threat modelling-based risk scoring (385) enhances this by offering numeric severity values that represent potential privacy harms, such as exposure of medical attributes or behavioural analytics, thus guiding an evaluator toward the most critical areas. These integrated evaluations help the system (100) present semi-automated recommendations, making the assessment interface (145) adaptive to evolving compliance rules. The cumulative effect is a streamlined mechanism that connects technical risk computation with policy-driven assessment. Through this combined scoring and assessment approach, the technical recommendation module (320) ensures a consistent, transparent, and technically justified compliance evaluation.

[0072] Additionally, the technical recommendation module (320) is configured to determine a compliance recommendation (150) by correlating the composite risk index (135) and the assessment interface (145) with a stored regulatory framework and an organizational policy dataset, thereby achieving conformance of the analysed data access request (370) with a plurality of mandatory regulatory and organizational data protection requirements. The technical recommendation module (320) operates by correlating the composite risk index (135) with the parameters displayed in the assessment interface (145), allowing the system (100) to map the evaluated risks against a stored regulatory framework and an organizational policy dataset. As this correlation occurs, the technical recommendation module (320) interprets how each quantified score (380) aligns with specific legal mandates such as data minimization, consent validity, or cross- border transfer restrictions and internal governance rules defined for the entity (120). The system (100) then synthesizes these mapped outcomes into a compliance recommendation (150), indicating whether the analysed data access request (370) meets, violates, or conditionally satisfies the required obligations. For example, if the composite risk index (135) reflects high sensitivity and the assessment interface (145) marks inadequate justification, the generated recommendation may direct enhanced encryption or deny the request. Through this structured correlation , the technical recommendation module (320) ensures that each data access operation conforms to a plurality of mandatory regulatory and organizational data protection requirements in an automated and technically traceable manner.

[0073] In one embodiment, the technical recommendation module (320) is configured to standardize the compliance recommendations (150), thereby corresponding to a jurisdiction-specific data protection standards to maintain a multi -regional conformity. The technical recommendation module (320) is configured to standardize the compliance recommendations (150) by aligning them with jurisdiction-specific data protection standards, such as GDPR in Europe, CCPA in California, DPDP in India, thereby ensuring multi -regional regulatory conformity. This involves mapping each recommendation to relevant local laws and organizational policies to provide consistent guidance across different regulatory environments. For example, access restrictions or encryption requirements may be tailored depending on regional mandates while maintaining uniform compliance logic. By adapting recommendations to various legal frameworks, the system (100) minimizes the risk of non-conformance in cross-border data access operations. Consequently, the analysed data access requests (370) are evaluated and mitigated in accordance with applicable multi -regional data protection requirements while preserving operational efficiency.

[0074] Moreover, in operation, the safeguard derivation module (325) is configured to derive a plurality of safeguard parameters (155) based on the compliance recommendation (150), wherein the plurality of safeguard parameters (155) comprise at least one of an access control rule, encryption configuration, anonymization procedure, and a data isolation directive to mitigate the plurality of potential vulnerabilities (375). The safeguard derivation module (325) derives a plurality of safeguard parameters (155) by interpreting the compliance recommendation (150) and translating it into specific technical controls that directly mitigate the plurality of potential vulnerabilities (375) identified earlier. These safeguard parameters (155) include but not limited to an access control rules that restrict which entities (120) may interact with sensitive datasets, encryption configurations that secure data (210) during storage or transmission, anonymization procedures that remove or mask identifiable attributes, and data isolation directives that separate high-risk information from general operational datasets. Each safeguard parameter is selected and formulated based on the assessed sensitivity, exposure likelihood, and regulatory obligations associated with the analysed data access request (370), thereby ensuring that the applied protection aligns with the system’s (100) broader compliance logic. In operation, these safeguards are applied as machine-interpretable rules that automatically enforce tailored protection measures, such as triggering encryption when confidential financial data is accessed or applying role-based access filters for health records. Through this structured derivation, the system (100) ensures that every identified vulnerability (375) is countered with a precise and context-matched protective action.

[0075] Moreover, in operation, the authorization and trace module (330) is configured to facilitate a validation and authorization by a compliance authority (160) to verify the compliance recommendation (150) and the plurality of safeguard parameters (155), thereby perform at least one of an authorize, a modify, and reject a proposed data access request (345) based on a contextual justification. The authorization and trace module (330) is configured to route the compliance recommendation (150) and the plurality of safeguard parameters (155) to a designated compliance authority (160) through a controlled validation workflow, enabling a contextual review of whether the proposed data access request (345) aligns with applicable regulatory and organizational obligations. The compliance authority (160) may include an automated governance engine or in an embodiment-based scenario a Data Protection Officer (DPO), acting as a human-in-the-loop reviewer, who examines whether the suggested safeguards parameters (155) such as access-control rules, encryption settings, anonymization steps, or data-isolation directives appropriately mitigate the identified vulnerabilities (375). This verification flow allows the system (100) to correlate the technical safeguards with the justification offered in the request, ensuring that sensitive processing is not approved without proportional controls. Once the contextual review is completed, the compliance authority (160) can authorize the request when adequate protections are in place, modify the recommended safeguards where additional controls are necessary, or reject the operation entirely if the justification is insufficient. Through this integrated decision layer, the system (100) achieves accountable and transparent approval of data access operations while preserving traceability for future audits or compliance assessments.

[0076] Additionally, the authorization and trace module (330) is configured to record a compliance trace (388) of a validated approval decision by writing final disposition metadata into a compliance registry linked to a plurality of risk indicators and the threat model, thereby maintaining an end-to-end traceability of a data access authorization. The authorization and trace module (330) records the outcome of an approved or modified data access request (345) by generating a compliance trace (388) that captures the final decision metadata in a structured manner, thereby enabling the system (100) to maintain a verifiable history of each authorization event. This compliance trace (388) represents a machine-readable log of what decision was taken, why it was taken, and under what contextual conditions it was validated, allowing each record to be linked with the corresponding risk indicators, threat model outputs, and safeguard parameters. The authorization and trace module (330) stores this information within a compliance registry, which serves as a persistent repository that organizes authorization outcomes, associated justification elements, and regulatory considerations. The compliance registry is utilized by the system (100) to ensure transparency, support auditability, and allow retrospective verification of whether a specific data access operation aligned with applicable privacy and security requirements. Through this mechanism, the system (100) enforces end-to-end traceability, enabling regulatory audits, organizational reporting, and continuous improvement of privacy-risk governance.

[0077] In one embodiment, the authorization and trace module (330) is configured to standardize the recorded compliance trace (388) by structuring a captured metadata, risk indices, compliance recommendations (150), safeguard parameters (155), and authorization outcomes based on a plurality of predefined templates (390), to enable a consistent auditing across multiple data access requests (345). The authorization and trace module (330) is configured to standardize the recorded compliance trace (388) by organizing captured metadata, risk indices, compliance recommendations (150), safeguard parameters (155), and authorization outcomes according to a set of predefined templates (390), thereby enabling a consistent auditing across multiple data access requests (345). This involves structuring all relevant information in a uniform format to ensure traceability and comparability of authorization decisions. By using standardized predefined templates (390), the system (100) facilitates efficient review and verification of compliance actions for regulatory or internal audits. This ensures that each data access operation is documented with consistent detail, reducing ambiguity and supporting accountability. As a result, the system (100) maintains end-to-end visibility and audit readiness across diverse data access scenarios. In one embodiment, the authorization and trace module (330) is configured to incorporate verification of compliance authority (160) feedback into a reference dataset to continuously refine subsequent automated evaluations. The authorization and trace module (330) is designed to incorporate feedback from the compliance authority (160) into the reference dataset, enabling continuous refinement of subsequent automated evaluations. This allows the authorization and trace module (330) to capture decisions such as approvals, modifications, or rejections and links them to contextual metadata and risk indicators. By integrating this feedback, the system (100) learns from human oversight to improve the accuracy and reliability of future automated compliance assessments. This iterative approach enhances decision-making precision, reduces errors, and ensures that automated evaluations remain aligned with regulatory and organizational standards over time.

[0078] In one embodiment, the system (100) generates a resultant output as the data access request decision (170), derived from the compliance authority (160) recommendations. The decision include but not limited to an approved, and rejected based on the data access request (345), thereby ensuring a strict adherence to applicable privacy norms and established an optimum data privacy mechanism.

[0079] In a non-limiting example, consider a scenario, consider a multinational healthcare organization managing sensitive patient data across multiple hospitals and research centres. A clinical researcher requests access to a combination of structured data (350), such as patient demographics and lab test results, and unstructured data (350), such as physician notes and imaging reports, via a secure authenticated portal. The system (100) receives this request and performs a contextual analysis, establishing baseline compliance parameters (360) for permissible access. Using adaptive classification logic and correlation metrics on stored data lineage, the system (100) distinguishes sensitive medical information, like HIV status or genetic markers, from non-sensitive operational data, such as appointment schedules. Threat modelling (130) evaluates privacy attributes (365), metadata parameters (355), operational intent, and regulatory requirements like HIPAA or GDPR or DPDP to identify potential vulnerabilities (375), including unauthorized crosshospital data exposure. The system (100) generates a composite risk index (135), forming a structured risk profile (140) with quantified score (380) including sensitivity, exposure probability, and regulatory criticality scores. An assessment interface (145) embeds a privacy threat modelling-based risk scoring (385) within a data protection impact assessment (387). Compliance recommendations (150) are derived, suggesting safeguards such as role-based access controls, encryption of sensitive fields, anonymization of identifiers, and data isolation protocols. A compliance authority (160) reviews and validates these safeguards, modifying or authorizing access as appropriate. Finally, a compliance trace (388) is recorded in a centralized registry, linking all risk indicators, threat models, and authorization decisions, ensuring end-to-end traceability, audit readiness, and real-time adaptability to subsequent access requests. This proposed system (100) introduces a balancing data accessibility for research with strict privacy and regulatory compliance.

[0080] FIG. 4 (a) is a flow chart representing the steps involved in a method for data protection assessment using threat modelling and adaptive optimization in accordance with an embodiment of the present disclosure. FIG. 4 (b) illustrates continued steps of the method of FIG. 4 (a) in accordance with an embodiment of the present disclosure. The method (400) includes receiving, by one or more entity, a data access request via an authenticated digital interface comprising a plurality of structured and unstructured data categories, metadata parameters, operational intent, and justification criteria, thereby initiating a contextual analysis of an associated data access operation to establish a plurality of baseline compliance parameters in the step (405).

[0081] Additionally, the method (400) includes analysing, by applying an adaptive classification logic and a plurality of correlation metrics across a stored data lineage information, the data access request for each of a received data category and a corresponding metadata parameters, thereby distinguishing a privacy-critical information from a non-sensitive operational data in the step (410).

[0082] Furthermore, the method (400) includes simulating, by evaluating a correlation among a plurality of constraints, a threat modelling on the data access request, wherein the constraint comprises at least one of a privacy attribute, metadata parameters, operational parameters, applicable regulatory and policy requirements in the step (415).

[0083] Moreover, the method (400) includes generating, by identifying a plurality of potential vulnerabilities and exposure points associated with a data access operation, an analysed data access request in the step (420).

[0084] Moreover, the method (400) includes deriving, based on the results of the threat modelling, a composite risk index corresponding to the analysed data access request, thereby determining an inherent exposure, sensitivity, and compliance impact of the analysed data access request in the step (425).

[0085] Moreover, the method (400) includes establishing, a structured risk profile corresponding to the composite risk index, wherein the structured risk profile comprises quantified score adapted to indicate at least one of a sensitivity, exposure probability, and regulatory criticality across the analysed data access request in the step (430).

[0086] Moreover, the method (400) includes populating, by utilizing the structured risk profile, an assessment interface corresponding to the analysed data access request , wherein the assessment interface comprises at least one assessment parameter, and associate each assessment parameter with a quantified score, thereby embedding a privacy threat modelling-based risk scoring within a data protection impact assessment and enable a guided and a semi-automated compliance evaluation in the step (435). Moreover, the method (400) includes determining, by correlating the composite risk index and the assessment interface, a compliance recommendation with a stored regulatory framework and an organizational policy dataset, thereby achieving conformance of the analysed data access request with a plurality of mandatory regulatory and organizational data protection requirements in the step (440).

[0087] Moreover, the method (400) includes deriving, in response to the compliance recommendation a plurality of safeguard parameters, wherein the plurality of safeguard parameters comprise at least one of an access control rule, encryption configuration, anonymization procedure, and a data isolation directive to mitigate the plurality of potential vulnerabilities in the step (445).

[0088] Moreover, the method (400) includes facilitating, by a compliance authority, a validation and authorization to verify the compliance recommendation and the plurality of safeguard parameters, thereby performing at least one of an authorize, a modify, and reject a proposed data access request based on a contextual justification in the step (450).

[0089] Moreover, the method (400) includes recording, by writing final disposition metadata into a compliance registry, a compliance trace of a validated approval decision, wherein the compliance registry is linked to a plurality of risk indicators and the threat model, thereby maintaining an end-to-end traceability of a data access authorization in the step (455).

[0090] Various embodiments of the system and the method for data protection assessment using threat modelling and adaptive optimization described above enables various advantages. The disclosed system (100) provides significant advantages for organizations handling sensitive data across multiple domains, such as healthcare, finance, or research. When a data access request (345) is submitted through an authenticated interface (125), the system (100) immediately initiates a contextual analysis, establishing baseline compliance parameters (360) and distinguishing sensitive information from routine operational data using adaptive classification logic and correlation metrics across stored data lineage. Threat modelling (130) evaluates privacy attributes (365), metadata parameters (355), operational intent, and regulatory requirements to identify potential vulnerabilities (375) and exposure points, allowing early detection of potential compliance risks. The composite risk index (135) and structured risk profile (140) quantify sensitivity, exposure probability, and regulatory criticality, enabling a semi -automated, guided compliance evaluation. Compliance recommendations (150) are dynamically aligned with regulatory and organizational policies, while safeguard parameters (155) such as access controls, encryption, anonymization, and data isolation mitigate identified risks. The compliance authority (160) including human in loop intervention validates or modifies recommendations, ensuring contextual judgment, and a compliance trace (388) is recorded for end-to-end auditability. This approach optimizes data security, reduces manual oversight, ensures regulatory adherence, and provides a real-time, adaptive protection for sensitive data operations, improving efficiency and organizational confidence in managing complex data environment.

[0091] The techniques described in this disclosure may be implemented, at least in part, in hardware, software, firmware, or any combination thereof. For example, various aspects of the described techniques may be implemented within one or more processors, including one or more microprocessors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or any other equivalent integrated or discrete logic circuitry, as well as any combinations of such components. The term “processor” or “processing subsystem” may generally refer to any of the foregoing logic circuitry, alone or in combination with other logic circuitry, or any other equivalent circuitry. A control unit including hardware may also perform one or more of the techniques of this disclosure.

[0092] Such hardware, software, and firmware may be implemented within the same device or within separate devices to support the various techniques described in this disclosure. In addition, any of the described units, modules, or components may be implemented together or separately as discrete but interoperable logic devices. Depiction of different features as modules or units is intended to highlight different functional aspects and does not necessarily imply that such modules or units must be realized by separate hardware, firmware, or software components. Rather, functionality associated with one or more modules or units may be performed by separate hardware, firmware, or software components, or integrated within common or separate hardware, firmware, or software components.

[0093] It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the disclosure and are not intended to be restrictive thereof.

[0094] While specific language has been used to describe the disclosure, any limitations arising on account of the same are not intended. As would be apparent to a person skilled in the art, various working modifications may be made to the method in order to implement the inventive concept as taught herein.

[0095] The figures and the foregoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, the order of processes described herein may be changed and are not limited to the manner described herein. Moreover, the actions of any flow diagram need not be implemented in the order shown; nor do all of the acts need to be necessarily performed. Also, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is by no means limited by these specific examples

Claims

WE CLAIM:

1. A system for data protection assessment using threat modelling and adaptive optimization comprising: a processor; a memory coupled to the processor, wherein the memory comprises instructions that when executed by the processor cause the processor to: receive a data access request from one or more entity via an authenticated digital interface comprising a plurality of structured and unstructured data categories, metadata parameters, operational intent, and justification criteria, thereby initiating a contextual analysis of an associated data access operation to establish a plurality of baseline compliance parameters; analyse the data access request for each of a received data category and a corresponding metadata parameters by applying an adaptive classification logic and a plurality of correlation metrics across a stored data lineage information, thereby distinguishing a privacy-critical information from a non-sensitive operational data; simulate a threat modelling on the data access request by evaluating a correlation among a plurality of privacy attributes, metadata parameters, operational parameters, and applicable regulatory and policy requirements; generate an analysed data access request and identify a plurality of potential vulnerabilities and exposure points associated with a data access operation; derive a composite risk index corresponding to the analysed data access request based on the results of the threat modelling, thereby determining an inherent exposure, sensitivity, and compliance impact of the analysed data access request; establish a structured risk profile corresponding to the composite risk index, wherein the structured risk profile comprises quantifiedscore adapted to indicate at least one of a sensitivity, exposure probability, and regulatory criticality across the analysed data access request; populate an assessment interface corresponding to the analysed data access request using the structured risk profile, wherein the assessment interface comprises at least one assessment parameter, and associate each assessment parameter with a quantified score, thereby embedding a privacy threat modelling-based risk scoring within a data protection impact assessment and enable a guided and a semi -automated compliance evaluation; determine a compliance recommendation by correlating the composite risk index and the assessment interface with a stored regulatory framework and an organizational policy dataset, thereby achieving conformance of the analysed data access request with a plurality of mandatory regulatory and organizational data protection requirements; derive a plurality of safeguard parameters based on the compliance recommendation, wherein the plurality of safeguard parameters comprise at least one of an access control rule, encryption configuration, anonymization procedure, and a data isolation directive to mitigate the plurality of potential vulnerabilities; facilitate a validation and authorization by a compliance authority to verify the compliance recommendation and the plurality of safeguard parameters, thereby perform at least one of an authorize, a modify, and reject a proposed data access request based on a contextual justification; and record a compliance trace of a validated approval decision by writing final disposition metadata into a compliance registry linked to a plurality of risk indicators and the threat model, thereby maintaining an end-to- end traceability of a data access authorization.

2. The system as claimed in claim 1, comprises a structured dataset adapted to update dynamically upon alteration of any received attribute to maintain synchronized analytical accuracy.

3. The system as claimed in claim 1, to cause the processor to prioritize a plurality of risk parameters within the structured and unstructured data risk profile by assigning a relative weighting to privacy attributes, metadata parameters, and operational intent, to highlight higher-risk elements for focused evaluation.

4. The system as claimed in claim 1, to cause the processor to validate the composite risk index by cross-referencing the analysed data access request with a historical risk pattern and prior compliance outcomes, to optimize reliability of a risk assessment.

5. The system as claimed in claim 1, to cause the processor to integrate an optional contextual metadata associated with the analysed data access request into the structured risk profile, to support enhanced granularity in the semi-automated compliance evaluation.

6. The system as claimed in claim 1, to cause the processor to assign confidence scores to the structured risk profile parameters based on historical outcomes, to provide an indication of reliability for each of a risk dimension.

7. The system as claimed in claim 1, to cause the processor to standardize the recorded compliance trace by structuring a captured metadata, risk indices, compliance recommendations, safeguard parameters, and authorization outcomes based on a plurality of predefined templates, to enable a consistent auditing across multiple data access requests.

8. The system as claimed in claim 1, to cause the processor to standardize the compliance recommendations, thereby corresponding to a jurisdiction-specific data protection standards to maintain a multi -regional conformity.

9. The system as claimed in claim 1, to cause the processor to incorporate verification of compliance authority feedback into a reference dataset to continuously refine subsequent automated evaluations.

10. A method for data protection assessment using threat modelling and adaptive optimization comprising: receiving, by one or more entity, a data access request via an authenticated digital interface comprising a plurality of structured and unstructured data categories, metadata parameters, operational intent, and justification criteria, thereby initiating a contextual analysis of an associated data access operation to establish a plurality of baseline compliance parameters; analysing, by applying an adaptive classification logic and a plurality of correlation metrics across a stored data lineage information, the data access request for each of a received data category and a corresponding metadata parameters, thereby distinguishing a privacy -critical information from a non-sensitive operational data; simulating, by evaluating a correlation among a plurality of constraints, a threat modelling on the data access request, wherein the constraint comprises at least one of a privacy attribute, metadata parameters, operational parameters, applicable regulatory and policy requirements; generating, by identifying a plurality of potential vulnerabilities and exposure points associated with a data access operation, an analysed data access request; deriving, based on the results of the threat modelling, a composite risk index corresponding to the analysed data access request, thereby determining an inherent exposure, sensitivity, and compliance impact of the analysed data access request; establishing, a structured risk profile corresponding to the composite risk index, wherein the structured risk profile comprises quantified score adapted to indicate at least one of a sensitivity, exposure probability, and regulatory criticality across the analysed data access request; populating, by utilizing the structured risk profile, an assessment interface corresponding to the analysed data access request , wherein the assessment interface comprises at least one assessment parameter, and associateeach assessment parameter with a quantified score, thereby embedding a privacy threat modelling-based risk scoring within a data protection impact assessment and enable a guided and a semi -automated compliance evaluation; determining, by correlating the composite risk index and the assessment interface, a compliance recommendation with a stored regulatory framework and an organizational policy dataset, thereby achieving conformance of the analysed data access request with a plurality of mandatory regulatory and organizational data protection requirements; deriving, in response to the compliance recommendation a plurality of safeguard parameters, wherein the plurality of safeguard parameters comprise at least one of an access control rule, encryption configuration, anonymization procedure, and a data isolation directive to mitigate the plurality of potential vulnerabilities; facilitating, by a compliance authority, a validation and authorization to verify the compliance recommendation and the plurality of safeguard parameters, thereby performing at least one of an authorize, a modify, and reject a proposed data access request based on a contextual justification; and recording, by writing final disposition metadata into a compliance registry, a compliance trace of a validated approval decision, wherein the compliance registry is linked to a plurality of risk indicators and the threat model, thereby maintaining an end-to-end traceability of a data access authorization.