What technology area does this patent fall under?

Primary CPC classification G06F21/577. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Mar 05 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Systems and methods for identifying data processing activities based on data discovery results

US11921865B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11921865-B2
Application number	US-202318183435-A
Country	US
Kind code	B2
Filing date	Mar 14, 2023
Priority date	Nov 6, 2020
Publication date	Mar 5, 2024
Grant date	Mar 5, 2024

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for identifying data processing activities associated with various data assets based on data discovery results. In accordance various aspects, a method is provided comprising: identifying and scanning data assets to detect a subset of the data assets, wherein each asset of the subset is associated with a particular data element used for target data; generating a prediction for each pair of data assets of the subset on the target data flowing between the pair; identifying a data flow for the target data based on the prediction generated for each pair; and identifying a data processing activity associated with handling the target data based on a correlation identified for the particular data element, the subset, and/or the data flow with a known data element, subset, and/or data flow for the data processing activity.

First claim

Opening claim text (preview).

What is claimed: 1. A method comprising: executing, by computing hardware, a processing activity to inject test data into a computing system, wherein: the test data represents target data; the computing system comprises a plurality of data assets; and executing the processing activity to inject the test data into the computing system causes a propagation of the test data through the plurality of data assets for the computing system; scanning, by the computing hardware, the plurality of data assets to identify a subset of data assets found in the plurality of data assets, wherein the test data is found in each data asset in the subset of data assets; identifying, by the computing hardware, a plurality of data elements associated with the subset of data assets that are used for the target data based on the plurality of data elements containing the target data; identifying, by the computing hardware and based on the propagation of the test data through the plurality of data assets for the computing system, a data flow for the target data between the subset of data assets; generating, by the computing hardware, at least one association between at least one of the processing activity, the subset of data assets, the plurality of data elements, or the data flow for the target data; and causing, by the computing hardware and based on the at least one association, performance of an action involving the target data. 2. The method of claim 1 further comprising identifying the plurality of data assets associated with the computing system via software installed within the computing system that scans the computing system to identify the plurality of data assets. 3. The method of claim 1 further comprising identifying, by the computing hardware and based on at least one of the subset of data assets, the plurality of data elements, or the data flow, a second processing activity that involves handing the target data. 4. The method of claim 3 , wherein identifying the second processing activity is performed using a data repository comprising information on at least one of known data elements, known data assets, or known processing activities. 5. The method of claim 1 , wherein scanning the plurality of data assets involves installing software within the computing system that scans each data asset of the plurality of data assets to identify the subset of data assets. 6. The method of claim 1 , wherein the action comprises: receiving a request from an individual to at least one of view, receive, access, revise, or delete the target data for the individual from the computing system; identifying, based on the at least one association, the target data found in the computing system for the individual; and processing the request to at least one of provide, revise, or delete the target data found in the computing system for the individual. 7. The method of claim 1 , wherein the action comprises: identifying a risk associated with at least one of the processing activity, the subset of data assets, the plurality of data elements, or the data flow; and responsive to identifying the risk, performing at least one of communicating the risk to an individual, initiating a process to suspend the processing activity, or initiating a process to encrypt the target data. 8. A system comprising: a non-transitory computer-readable medium storing instructions; and a processing device communicatively coupled to the non-transitory computer-readable medium, wherein, the processing device is configured to execute the instructions and thereby perform operations comprising: injecting test data into a computing system, wherein: the test data represents target data; the computing system comprises a plurality of data assets; and injecting the test data into the computing system causes a propagation of the test data through the plurality of data assets for the computing system; scanning the plurality of data assets to identify a subset of data assets found in the plurality of data assets, wherein the test data is found in each data asset in the subset of data assets; identifying a plurality of data elements associated with the subset of data assets that are used for the target data based on the plurality of data elements containing the target data; identifying, based on the propagation of the test data through the plurality of data assets for the computing system, a data flow for the target data between the subset of data assets; generating at least one association between at least one of the subset of data assets, the plurality of data elements, or the data flow for the target data; and causing, based on the at least one association, performance of an action involving the target data. 9. The system of claim 8 , wherein the operations further comprise identifying the plurality of data assets associated with the computing system from information gathered by software installed within the computing system that scans the computing system. 10. The system of claim 8 , wherein the operations further comprising identifying, based on at least one of the subset of data assets, the plurality of data elements, or the data flow, a processing activity that involves handing the target data. 11. The system of claim 10 , wherein identifying the processing activity is performed using a data repository comprising information on at least one of known data elements, known data assets, or known processing activities. 12. The system of claim 8 , wherein scanning the plurality of data assets involves installing software within the computing system that scans each data asset of the plurality of data assets to identify the subset of data assets. 13. The system of claim 8 , wherein the action comprises: receiving a request from an individual to at least one of view, receive, access, revise, or delete the target data for the individual from the computing system; identifying, based on the at least one association, the target data found in the computing system for the individual; and processing the request to at least one of provide, revise, or delete the target data found in the computing system for the individual. 14. The system of claim 8 , wherein injecting the test data into the computing system comprises at least one of executing a processing activity to inject the test data into the computing system or entering the test data into an input computing system connected to the computing system to inject the test data into the computing system. 15. A non-transitory computer-readable medium storing computer-executable instructions that, when executed by computing hardware, configure the computing hardware to perform operations comprising: injecting test data into a computing system, wherein: the test data represents target data; the computing system comprises a plurality of data assets; and injecting the test data into the computing system causes a propagation of the test data through the plurality of data assets for the computing system; scanning the plurality of data assets to identify a subset of data assets found in the plurality of data assets, wherein the test data is found in each data asset in the subset of data assets; identifying, based on the propagation of the test data through the plurality of data assets for the computing system, a data flow for the target data between the subset of data assets; identifying, based on at least one of the subset of data assets or the data flow, a processing activity associated with the subset of data assets that is used for handling the target data; generating at least one association between at least

Assignees

Onetrust Llc

Inventors

Classifications

G06F21/577Primary
Assessing vulnerabilities and evaluating computer system security · CPC title
G06F21/602
Providing cryptographic facilities or services · CPC title
G06F21/6245
Protecting personal data, e.g. for financial or medical purposes · CPC title
G06N20/00
Machine learning · CPC title
G06V30/248
involving plural approaches, e.g. verification by template match; Resolving confusion among similar patterns, e.g. "O" versus "Q" (G06V30/242 takes precedence) · CPC title

Patent family

Related publications grouped by family.

View patent family 78828214

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11921865B2 cover?: Aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for identifying data processing activities associated with various data assets based on data discovery results. In accordance various aspects, a method is provided comprising: identifying and scanning data assets to detect a subset of the data assets, wherein each asset…
Who is the assignee on this patent?: Onetrust Llc
What technology area does this patent fall under?: Primary CPC classification G06F21/577. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Mar 05 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).