US 11,755,761 B2
Determining a combined compliance assessment metric
Tiffany Joy Chin, San Mateo, CA (US); Chad Richard Holdorf, San Rafael, CA (US); Anubha Dubey, Sunnyvale, CA (US); and Matthew Wilbert Parin, New Richmond, WI (US)
Assigned to Salesforce, Inc., San Francisco, CA (US)
Filed by Salesforce, Inc., San Francisco, CA (US)
Filed on Jan. 29, 2021, as Appl. No. 17/163,307.
Claims priority of provisional application 63/120,721, filed on Dec. 2, 2020.
Claims priority of provisional application 63/120,201, filed on Dec. 1, 2020.
Prior Publication US 2022/0172222 A1, Jun. 2, 2022
Int. Cl. G06F 21/62 (2013.01); G06F 16/21 (2019.01); G06F 3/04842 (2022.01); G06Q 30/08 (2012.01); H04L 67/10 (2022.01); G06Q 30/018 (2023.01); G06Q 10/0639 (2023.01); G06F 3/0482 (2013.01)
CPC G06F 21/6218 (2013.01) [G06F 16/214 (2019.01); G06F 21/6245 (2013.01); G06Q 10/06393 (2013.01); G06Q 30/018 (2013.01); H04L 67/10 (2013.01); G06F 3/0482 (2013.01)] 22 Claims
OG exemplary drawing
 
1. An article of manufacture comprising:
a non-transitory machine-readable storage medium that provides instructions that, if executed by a set of one or more processors, are configurable to cause the set of processors to perform operations comprising,
combining compliance assessment metrics in a subset of two or more compliance assessment metrics to form a combined compliance assessment metric, wherein each compliance assessment metric in the subset reflects a level of compliance of a set of rules with a different type of data privacy and/or data security laws, regulations, and/or policy, wherein the set of rules are to manage personal data in an organization instance of a customer of a cloud-based software provider capable of hosting the organization instance in one or more datacenters in a plurality of different geographic regions, wherein the combining includes setting the combined compliance assessment metric to:
a first tier when each of the compliance assessment metrics in the subset are in a first state,
a second tier when a first compliance assessment metric and a second compliance assessment metric of the subset are in the first state, but a third compliance assessment metric of the subset is in a second state, and
a third tier when the first compliance assessment metric or the second compliance assessment metric of the subset is in the second state;
gating an ability to migrate the organization instance from a first geographic region of the plurality of different geographic regions to a second geographic region of the plurality of different geographic regions based on the combined compliance assessment metric, the gating including:
causing a migration only after a user affirms acceptance of a risk of migration when the combined compliance assessment metric was set to the second tier, and
preventing the migration when the combined compliance assessment metric was set to the third tier; and
causing the display of a dashboard, which is part of a data policy compliance service provided by the cloud-based software provider, including at least the combined compliance assessment metric.