| CPC G06F 21/6245 (2013.01) [G06F 16/2428 (2019.01); G06F 21/6227 (2013.01)] | 17 Claims |
|
1. A computer-implemented method comprising:
receiving a specific item of personal identifying information (PII) of a data subject;
using the received specific item of PII of the data subject, searching a database of PII held by an organization for instances of the specific item of PII of the data subject, wherein the database of PII identifies storage locations in which PII is held within an organizational computer network;
determining a first storage location within the organizational computer network of an instance of the specific item of PII of the data subject found during the searching of the database of PII;
searching the database of PII to find additional PII held at the first storage location;
associating a specific item of additional PII held at the first storage location with the data subject, wherein the specific item of additional PII held at the first storage location is different than the received specific item of PII of the data subject, and wherein associating the specific item of additional PII held at the first storage location with the data subject includes:
displaying multiple items of additional PII held at the first storage location in an interactive dashboard, the multiple items of additional PII held at the first storage location including the specific item of additional PII held at the first storage location, wherein the interactive dashboard depicts the first storage location and the multiple items of additional PII held at the first storage location as nodes in a constellation graph, the interactive dashboard depicts links between the first storage location and the multiple items of additional PII held at the first storage location in the constellation graph, and the interactive dashboard also includes a table view that lists the first storage location and the multiple items of additional PII held at the first storage location;
allowing a human user to indicate, via the interactive dashboard, acceptance or rejection of individual items of the multiple items of additional PII as being associated with the data subject; and
based on the human user indicating acceptance of the specific item of additional PII held at the first storage location, associating the specific item of additional PII held at the first storage location with the data subject and changing the appearance of the constellation graph in the interactive dashboard in response to the human user indicating acceptance of the specific item of additional PII held at the first storage location as being associated with the data subject;
using the specific item of additional PII held at the first storage location and associated with the data subject, searching the database of PII for instances of the specific item of additional PII held at the first storage location;
determining a second storage location within the organizational computer network of an instance of the specific item of additional PII held at the first storage location;
searching the database of PII to find additional PII held at the second storage location;
associating a specific item of additional PII held at the second storage location with the data subject, wherein the specific item of additional PII held at the second storage location is different than the specific item of additional PII held at the first storage location and the received specific item of PII of the data subject; and
preparing a data subject profile including: the received specific item of PII of the data subject, the specific item of additional PII held at the first storage location and associated with the data subject, and the specific item of additional PII held at the second storage location and associated with the data subject.
|