公开(公告)号：US20240098109A1

公开(公告)日：2024-03-21

申请号：US18275910

申请日：2022-02-10

申请人： OneTrust, LLC

发明人： Subramanian Viswanathan ,  Milap Shah

IPC分类号： H04L9/40 ,  G06F21/60

CPC分类号： H04L63/1433 ,  G06F21/60

摘要： In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for integrating third party computing system functionality into a first party computing system by providing a risk management and mitigation computing system configured to analyze a risk of integrating the functionality provided by the third party computing system and facilitating implementation of one or more data-related controls that include performing computer-specific operations to mitigate and/or eliminate the identified risks. For example, the risk management and mitigation computing system can access risk data in tenant computing systems to determine a risk score related to the integration of the third party computing system functionality based on risks determined during prior integrations of the third party computing system functionality by other tenant computing systems. The risk management and mitigation computing system can generate a recommended control when integrating the third party computing system functionality.

公开(公告)号：US11797528B2

公开(公告)日：2023-10-24

申请号：US17370650

申请日：2021-07-08

申请人： OneTrust, LLC

发明人： Kevin Jones ,  Saravanan Pitchaimani ,  Subramanian Viswanathan ,  Milap Shah ,  Ramana Malladi ,  Aadil Allidina ,  Matthew Hennig ,  Dylan D. Patton-Kuhl ,  Jonathan Blake Brannon

IPC分类号： G06F16/242 ,  G06F16/25 ,  G06F16/23 ,  G06F16/2457 ,  G06N20/00 ,  G06F11/34

CPC分类号： G06F16/2423 ,  G06F11/3409 ,  G06F16/2358 ,  G06F16/2457 ,  G06F16/258 ,  G06N20/00 ,  G06F2201/80

摘要： Various embodiments provide methods, apparatus, systems, computing devices, computing entities, and/or the like for identifying targeted data for a data subject across a plurality of data objects in a data source. In accordance with one embodiment, a method is provided comprising: receiving a request to identify targeted data for a data subject; identifying a first data object using metadata for a data source that identifies the first data object as associated with a first targeted data type for a data portion from the request; identifying a first data field from a graph data structure of the first data object that identifies the first data field as used for storing data having the first targeted data type; and querying the first data object based on the first data field and the data for the first targeted data type to identify a first targeted data portion for the data subject.

公开(公告)号：US11416589B2

公开(公告)日：2022-08-16

申请号：US17493332

申请日：2021-10-04

申请人： OneTrust, LLC

发明人： Jonathan Blake Brannon ,  Kabir A. Barday ,  Jason L. Sabourin ,  Kevin Jones ,  Subramanian Viswanathan ,  Milap Shah

IPC分类号： G06F21/31 ,  G06F21/62 ,  G06F11/34

摘要： Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

公开(公告)号：US20210141853A1

公开(公告)日：2021-05-13

申请号：US17119080

申请日：2020-12-11

申请人： OneTrust, LLC

发明人： Patrick Whitney ,  Kevin Jones ,  Brian Kelly ,  Subramanian Viswanathan ,  Casey Hill ,  Jeffrey Baucom ,  Madhusudhan Kunhambu ,  Mithun Babu ,  Rajneesh Kesavan ,  Santhosh Kumar Koti ,  Sathish Gopalakrishnan ,  Anand Balasubramanian ,  Mohamed Kabad ,  Jayamohan Puthenveetil ,  Jonathan Blake Brannon

IPC分类号： G06F16/958 ,  G06F16/957

摘要： Data processing systems and methods, according to various embodiments, are adapted for determining a categorization for each tracking tool that executes on a particular webpage based on a variety of criteria, such as the purpose of the tracking tool and its source script. The system may compare the characteristics of tracking tools on a webpage to a database of known tracking tools to determine the appropriate categorization. When a user visits the webpage, the system analyzes these categories and determines whether the tracking tool should be permitted to run based on the categories and/or other criteria, such as whether the user has consented to the use of that type of tracking tool.

公开(公告)号：US20240265036A1

公开(公告)日：2024-08-08

申请号：US18691416

申请日：2022-09-23

申请人： OneTrust, LLC

发明人： Subramanian Viswanathan ,  Milap Shah

IPC分类号： G06F16/28

CPC分类号： G06F16/287

摘要： The present disclosure provides methods, apparatus, systems, computing devices, computing entities, and/or the like for providing persistent representations in graph data structures of relationships that exist among data objects found across different data-related processes to enable efficient querying of data from the different data-related processes.

公开(公告)号：US20240160747A1

公开(公告)日：2024-05-16

申请号：US18421484

申请日：2024-01-24

申请人： OneTrust, LLC

发明人： Jonathan Blake Brannon ,  Kevin Jones ,  Saravanan Pitchaimani ,  Dylan D. Patton-Kuhl ,  Ramana Malladi ,  Subramanian Viswanathan

IPC分类号： G06F21/57 ,  G06F21/60 ,  G06F21/62 ,  G06N20/00 ,  G06V30/24

CPC分类号： G06F21/577 ,  G06F21/602 ,  G06F21/6245 ,  G06N20/00 ,  G06V30/248 ,  G06F2221/033 ,  G06V30/2528

摘要： Aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for identifying data processing activities associated with various data assets based on data discovery results. In accordance various aspects, a method is provided comprising: identifying and scanning data assets to detect a subset of the data assets, wherein each asset of the subset is associated with a particular data element used for target data; generating a prediction for each pair of data assets of the subset on the target data flowing between the pair; identifying a data flow for the target data based on the prediction generated for each pair; and identifying a data processing activity associated with handling the target data based on a correlation identified for the particular data element, the subset, and/or the data flow with a known data element, subset, and/or data flow for the data processing activity.

公开(公告)号：US11442906B2

公开(公告)日：2022-09-13

申请号：US17592922

申请日：2022-02-04

申请人： OneTrust, LLC

发明人： Subramanian Viswanathan ,  Milap Shah

IPC分类号： G06F16/21 ,  G06F16/23

摘要： In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for generating and managing custom attributes and corresponding values for domain objects defined within microservices. In accordance with various aspects, a method is provided that comprises: receiving a custom attribute request for a domain object defined in a microservice that comprises a domain object identifier, a custom attribute to add to the domain object, and a value type for the custom attribute; identifying, based on the domain object identifier and the value type, a custom value table for the domain object that comprises placeholder fields; identifying a placeholder field that is available in the custom value table; and storing a record in the attribute schema table for the domain object and the custom attribute comprising mapping data that maps the custom attribute to the placeholder field for the custom value table.

公开(公告)号：US20220261288A1

公开(公告)日：2022-08-18

申请号：US17674187

申请日：2022-02-17

申请人： OneTrust, LLC

发明人： Subramanian Viswanathan ,  Milap Shah

IPC分类号： G06F9/50

摘要： In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for generating and managing custom workflows for domain objects defined within microservices. In accordance with various aspects, a method is that comprises: receiving an attribute value for a custom workflow to include in a microservice that corresponds to an attribute defined for a workflow component; accessing mapping data for an attribute; identifying, based on the mapping data, a corresponding field of a workflows table mapped to the attribute; storing a record in the workflows table for the custom workflow with the attribute value stored in the corresponding field for the record to persist the custom workflow in the microservice.

公开(公告)号：US20200257784A1

公开(公告)日：2020-08-13

申请号：US16862952

申请日：2020-04-30

申请人： OneTrust, LLC

发明人： Jonathan Blake Brannon ,  Kabir A. Barday ,  Jason L. Sabourin ,  Kevin Jones ,  Subramanian Viswanathan ,  Milap Shah

IPC分类号： G06F21/31 ,  G06F11/34 ,  G06F21/62

摘要： Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

公开(公告)号：US20200257783A1

公开(公告)日：2020-08-13

申请号：US16862948

申请日：2020-04-30

申请人： OneTrust, LLC

发明人： Jonathan Blake Brannon ,  Kabir A. Barday ,  Jason L. Sabourin ,  Kevin Jones ,  Subramanian Viswanathan ,  Milap Shah

IPC分类号： G06F21/31 ,  G06F11/34 ,  G06F21/62

摘要： Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.