US20040098366A1 - Method and system for secure information - Google Patents

Method and system for secure information Download PDF

Info

Publication number
US20040098366A1
US20040098366A1 US10/471,896 US47189603A US2004098366A1 US 20040098366 A1 US20040098366 A1 US 20040098366A1 US 47189603 A US47189603 A US 47189603A US 2004098366 A1 US2004098366 A1 US 2004098366A1
Authority
US
United States
Prior art keywords
consumer
advice
personal
data
items
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/471,896
Inventor
Trevor Sinclair
Paul David
Andrew Sherman
Paul Quirk
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CR Group Pty Ltd
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Assigned to C.R. GROUP PTY LIMITED reassignment C.R. GROUP PTY LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: DAVID, PAUL J., QUIRK, PAUL, SHERMAN, ANDREW, SINCLAIR, TREVOR
Publication of US20040098366A1 publication Critical patent/US20040098366A1/en
Priority to US12/206,539 priority Critical patent/US20090006124A1/en
Priority to US13/462,225 priority patent/US8543410B2/en
Priority to US13/944,358 priority patent/US20140180950A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services
    • G06Q50/265Personal security, identity or safety

Definitions

  • This invention relates generally to a method and system for providing advice and/or services to consumers and includes the storage and sharing of personal data of a user in a computer system such that the personal data is secure and not easily accessible to others with whom the personal data is not intended to be shared.
  • the invention is suited to various applications where consumers, or trusted entities acting on behalf of consumers, permit efficient access to personal data by others who legitimately require that information or with whom the consumer wishes to share that personal data.
  • the invention relates to a system and method for consumers to effectively share personal data and in doing so obtain advice based upon the personal data that has been made available to advisers.
  • the success of the advice given depends upon the ability of the individual seeking advice to identify and communicate a complete view of their relevant history, current circumstances and future plans, and upon the trusted individual's ability to identify and make use of that information to arrive at a recommended course of action and to develop a strategy to reach the individual's goal.
  • the present invention provides a method for providing advice and/or services to a consumer the method including the steps of:
  • the consumer specifying items of personal data in the secure repository that are to be accessible to at least one authorised advice provider;
  • an authorised advice provider accessing the consumer's available items of personal data across the data communications network upon provision of necessary authentication
  • the advice provider analysing the items of personal data to determine the advice for the consumer
  • the advice provider depositing information into the consumer's secure repository across the data communications network, said information representing the advice provided to the consumer;
  • the present invention provides a method for providing advice and/or services to a consumer the method including the steps of:
  • the consumer authorising a trusted entity to store the personal data of the consumer into a secure repository connected to a data communications network and to manage the release of that data;
  • the consumer and/or trusted entity specifying items of personal data in the secure repository that are to be accessible to at least one authorised advice provider;
  • an authorised advice provider accessing the consumers available items of personal data across the data communications network upon provision of necessary authentication and when executing computer instructions code for accessing the personal data that has been pre-approved by the trusted entity;
  • the advice provider analysing the items of personal data to determine the advice for the consumer.
  • the method includes the step of the consumer specifying a plurality of advice providers that can access an item of personal data.
  • the step of advice providers accessing at least one item of personal data of a consumer includes the execution of at least one segment of computer instruction code.
  • the computer instruction code may execute functions with respect to the items of personal data and provide the results of those functions to advice providers. Further, these functions may be executed and provide results to advice providers without revealing the actual personal data of the consumer to the advice provider.
  • the information representing the advice provided to a consumer by an advice provider, the consumer and/or trusted entity may authorise other advice providers to access that previously supplied advice.
  • the secure repository includes items of data representing the values and/or attitudes of the consumer, the consumer's personal goals that they intend to achieve over a specified period of time, the consumer's goals as prioritised by the consumer, the consumer's preferred outcomes over a specified period of time and the preferred outcomes as prioritised by the consumer.
  • the provider can access and determine their advice based upon this data.
  • the consumer appoints a principal adviser to act on their behalf and authorises that principal adviser to execute various transactions on behalf of the consumer. This enables the consumer to relieve themselves of the burden of managing their affairs and arranging and authorising other advice providers as and when required and considering the advice provided and resolving any difficulties or queries about advice that is deposited into the consumers secure repository.
  • the consumer and/or principal adviser authorises a plurality of advice providers to access relevant personal data of the consumer to enable the plurality of advice providers to provide relevant advice to the consumer having regard to at least one of the consumer's values, attitudes, personal goals and/or preferred outcomes. Enabling multiple advisers to access the personal data of a consumer increases the efficiency of the process of obtaining advice from multiple advisers as compared with prior systems and methods. Further, where the trusted entity and/or principal adviser retain the personal data for and on behalf of a consumer, the consumer is able to prevent their personal data from being replicated throughout a number of systems as is currently the practice.
  • the method includes the step of the recordal of each instance of one or more of the following:
  • the method also preferably includes reporting the instances. This type of report could be produced by either the consumer, the consumer's principal adviser and/or the trusted entity.
  • the present invention provides a system for providing advice and/or services to a consumer, the system including:
  • a secure repository connected to a data communications network for the storage of personal items of data of a consumer
  • a means for enabling authenticated authorised advice providers to access the specified items of personal data of the consumer for which the advice provider has been identified as having permission to access and a means enabling an advice provider to execute computer instruction code that obtains items of personal data from the consumers secure repository and analyses the items of personal data to generate information that represents advice for the consumer, the computer instruction code also enabling the advice provider to deposit said information into the consumers secure repository for subsequent access by the consumer.
  • the present invention provides a system for providing advice and/or services to a consumer, the system including:
  • a secure repository connected to a data communications network controlled by a trusted entity to store personal items of data for consumers;
  • [0051] means enabling the consumers to identify the advice provider or a class of advice providers to whom access will be provided for those specified items for personal data:
  • [0053] means for enabling authenticated authorised advice providers to access the specified items of personal data of consumers for which the advice provider has been identified as having permission to access.
  • the system of the present invention provides, in addition to the secure repository, a plurality of approved software applications, wherein each of the plurality of applications provides a specific function such as:
  • such computer software applications may access personal data stored in the secure repository in order to provide a response to a particular query of an authenticated authorised advice provider, without revealing an actual value of the accessed personal data.
  • the system of present invention provides the consumer with a secure electronic storage system for their personal private data.
  • each of the consumer can access their personal data at any time by use of a network browser or personal portal connected to the system of the present invention.
  • the system applications present the data in a manageable form to facilitate easy retrieval and re-ordering of personal data in order to perform specific tasks such as planning and decision making in relation to key life events.
  • the system of the present invention further enables each of the consumers to securely link personal information with key advice or service providers. That is, the present invention enables the advisers or service providers of the consumer to securely access the personal data of the consumer as prescribed by the consumer, via a data communication network such as the Internet.
  • the system of the present invention provides a consumer and the consumer's service providers with applications to facilitate convenient access of the personal data of the consumer, thereby improving the efficiency of the data collection processes of advice or service providers. Further, the system of the present invention provides a secure repository in which the user may store personal data such as accounting records, financial records, health records, professional data and the like.
  • the system of the present invention enables data from disparate sources to be pooled into a single secure repository, reducing the requirement for duplication of records and facilitating efficient provision of that personal data to authorised advice and/or service providers identified by the consumer.
  • the present system therefore empowers users to uniquely store their personal data in a secure repository, and to establish access permissions to advice providers of their choice, such as accountants or other service providers.
  • advice providers of their choice, such as accountants or other service providers.
  • the system may further provide a plurality of applications facilitating the storage and access of the personal data in the secure repository.
  • personal data may refer to the data that is considered personal, or private, to either an individual or an organisation such as a small business.
  • the consumer may be a small business or organisation.
  • the selection of items of personal data for sharing may be effected by various methods.
  • the selection of items of personal data for sharing is effected by use of a template, the template including at least one pre-defined list of personal data items that may be shared with an advice provider or another consumer, or class of advice providers or consumers.
  • the pre-defined template may be amended a consumer or principal adviser in order to amend the items of personal data that may be shared with an advice provider or another consumer identified by that template.
  • a consumer may prefer to share personal financial data with finance professionals without sharing that information with anyone else, such as insurance company personnel.
  • the selection of personal data for purposes of sharing may also be effected by use of a filter within the technology and activated by either the consumer or a professional adviser wherein a set of conditions satisfied by personal data of the consumer is shared with advice providers or a class of advice providers.
  • a filter within the technology and activated by either the consumer or a professional adviser wherein a set of conditions satisfied by personal data of the consumer is shared with advice providers or a class of advice providers.
  • it may be more convenient to select items of personal data for sharing by the establishment of a “sharing rule” or criteria as compared with requiring a consumer to provide a specific sharing indication for each and every item of personal data they own.
  • a consumer grants permission to advice providers or other consumers to share items of personal data by enabling those advice providers or consumers to access the template or filter that the consumer has defined for those providers or consumers.
  • the authentication of the advice provider to gain access to the template or filter may act as the authority to gain access to the items of personal data of the consumer as provided by the template or filter.
  • the method preferably includes the steps of recording all instances of actual access of the consumers personal data to generate an audit trail.
  • the record of instances of access may be included in a report that is supplied to the consumer each and every instance an attempt to access personal data occurs.
  • a report of all instances of access of the consumers personal data may be provided on a regular basis (eg monthly).
  • Templates or filters may define the particular items of personal data that a consumer wishes to share but may also include other restrictions or conditions relating to the sharing of personal data. For example, a template or filter may operate only to allow access to personal data for a limited period of time, or may only allow access for a limited number of times.
  • templates or filters primarily limit access to specific items of personal data intended to be shared by a consumer, they may also perform functions on the underlying personal data of a consumer thus providing to an advice provider using a template or filter, information derived from one or more of the underlying items of personal data of the consumer. Additionally, a template or filter may devolve information into data such that it may be presented to advice providers, such as a service provider, in a more appropriate form. The devolution of personal information into data thus provides greater flexibility with respect to the form of the personal data required by advice providers.
  • advice providers may contribute to the store of advice for a consumer as a result of effecting their own services in relation to the personal data of the consumer to which they have been granted access.
  • a financial planner may develop a plan of investments for a consumer based upon their personal data and may deposit into the consumer's secure repository, information relating to an investment plan.
  • the template provided to the advice provider namely a financial planner, may also provide them with the ability to deposit additional items of information into the consumer's repository. Templates or filters may be developed for specific purposes and be capable of only a single use.
  • an advice provider transfers a software program into the secure repository of a consumer which uses the data to which the advice provider has been granted access as input to the software program.
  • the output of the software program also resides in the secure repository and is thus provided to the consumer.
  • the output of the software program may, for example, provide advice to the consumer or may provide a progress report with respect to some combination of items of personal data.
  • the software program may provide an alert or warning of an impending condition or circumstance that requires some form of intervention in order to avoid.
  • the software program may also provide details regarding the form of intervention required or choices in relation to the available types of intervention that may avoid the condition or circumstance from developing.
  • the execution of the software program within the secure repository of the consumer provides an assurance to the consumer that their personal data is not transferred out of their secure repository at any time.
  • the software program made available may also provide recommendations regarding further actions to be performed or further data that should be collected or analysed in order to provide decision support.
  • the secure repository of items of personal data of consumers may be entrusted to a trusted entity.
  • the trusted entity may be engaged to create links between personal data items of the consumer in order to enable other users to efficiently access required personal data items of the consumer.
  • the linking of items of data enables an advice provider to efficiently perform an analysis of the consumer's relevant data and to provide advice accordingly.
  • access to data within the repository preferably requires the use of a digital security key.
  • the digital security key is preferably supplied by an advice provider or other consumer at the time the requests for access to items of personal data are made, whether the access is by way of a template or not.
  • the provision of access may be determined in a challenge/response manner.
  • the secure repository is connected to a data communications network thereby enabling all other permitted advisers connected to that network to gain access to the personal data of a consumer.
  • the repository is connected to the Internet.
  • a number of consumers may be provided with concurrent access to the personal data of a first consumer. Simultaneously, the first consumer may be provided with concurrent access to the personal data of those other consumers.
  • a community of consumers is effectively formed wherein the secure repositories of the group of consumers are aggregated to form the community. This provides for the effective sharing of information between that community of consumers and enables advice and service providers to gather collective data from the group and analyse that data.
  • FIG. 1 illustrates an architecture of the present invention
  • FIG. 2 illustrates a system model of a system according to the present invention
  • FIG. 3 depicts the flow and processing of information within the high-level process step of registering Navigator communities
  • FIG. 4 depicts the flow and processing of information within the high-level process step of establishing a personal vault
  • FIG. 5 depicts the flow and processing of information within the high-level process step of assigning Navigator and third party access controls
  • FIG. 6 depicts the flow and processing of information within the high-level process step of developing and lodging a plan
  • FIG. 7 depicts the flow and processing of information within the high-level process step of working with the plan
  • FIG. 8 depicts the flow and processing of information within the high-level process step of managing personal vault information
  • FIG. 9 illustrates an embodiment of the invention applied within the financial services industry
  • FIG. 10 is diagrammatic representation of the steps included in creating a secure repository for an embodiment of the invention.
  • FIG. 11 is a diagrammatic representation of the steps included in creating a solution plan for the embodiment of FIG. 10;
  • FIG. 12 is a diagrammatic representation of the steps included in monitoring outcomes for the embodiment of FIG. 10;
  • FIG. 13 is a diagrammatic representation of the steps included in sharing information for the embodiment of FIG. 10.
  • FIG. 14 is a diagrammatic representation of the steps included in closing the secure repository.
  • the present invention is preferably implemented in an application architecture as depicted in FIG. 1.
  • a consumer or individual 1 representing either a natural person or an enterprise, interacts with a trusted entity or Navigator 2 , which may be either an individual or business that provides specialised advice or services, or a tool delivered through a software application or other device to record and use private information to assist the consumer or individual to meet their goals.
  • a trusted entity or Navigator 2 which may be either an individual or business that provides specialised advice or services, or a tool delivered through a software application or other device to record and use private information to assist the consumer or individual to meet their goals.
  • a Navigator applies for and is granted permission to gain access to a secure repository or “Personal Vault” 4 this is managed by a trusted entity, and to either use or install task-specific applications within the secure or repository “vault”. These applications will depend upon the importation of the individual's (or business') private data to determine a tailored solution or course of action to reach an individual's goal.
  • the individual's private and sensitive information will be delivered by the individual 1 to the Navigator 2 .
  • delivery occurs electronically and the information is sent, with appropriate access controls, via the respective Web browsers of the participants through the Internet 3 , and directed to the information processors 4 of a secure trusted entity.
  • the secure trusted entity establishes and populates a secure database 5 as a repository for the individual's information, and holds that information in trust for the individual 1 .
  • Information required to populate the secure database 5 may be collected from the individual, from the Navigator 2 based upon services previously supplied, or from third parties authorised by the individual to supply information relevant to the Navigator's task.
  • the Navigator 2 can then interact with the data held therein by making use of computer software applications held within the secure trusted entity's central processor 4 .
  • New results of activities undertaken between individual 1 and Navigator 2 are recorded and transmitted via the respective browsers of the individual 1 and Navigator 2 through the Internet 3 , and to the individual's secure database 5 .
  • Results of progress or shortcomings against intended outcomes are recorded and analysed by the respective application held within the trusted entity's processor 4 and reported back via the Internet 3 to the respective pc-based browsers of both the Navigator 2 and individual 1 .
  • FIG. 2 illustrates a system model of a system according to the present invention. Navigators, third parties and other participants develop applications 9 and 13 , respectively, to meet the goals of individuals, such as wealth planning or health management. These applications will be reviewed by and approved or rejected, and the necessary data filters 10 identified that are required to restrict access to only necessary and approved information. Approved applications are registered with the Personal Vault 12 held by the trusted entity.
  • the individual 6 interacts with an authorised person or service provider, or Navigator 7 to establish and work from a task-specific plan.
  • an authorised person or service provider or Navigator 7 to establish and work from a task-specific plan.
  • the individual's personal data held in trust, is sourced from the Navigator 7 , authorised third parties 8 and other external data sources 11 .
  • the authorised application 9 or 13 delivers the information through data filters 10 that determine the right to use and need to use the personal data intended to realise the individual's stated goals contained within their plan.
  • the essence of the present invention is to provide a method and system to enable consumers, individuals or businesses to manage key elements of their affairs by following a process based upon an integrated and secure exchange of personal data with advisers.
  • Such a data exchange between consumers, individuals and advisers is provided by establishing a secure storage for personal data and managing the release and integrated distribution of personal data between advisers.
  • the present invention includes a reliable store of data pertaining to the individual or company, and integrates that information with each interaction occurring with an approved adviser. The individual or company that is the owner of the information remains in control and authorises the release of information to advisers as appropriate.
  • a trusted entity acts on behalf of a consumer or individual and manages the secure storage of personal data and controls the access to that data by external entities such as advisers; the consumer or individual is relieved of the burden of this task.
  • the storage and management of personal data is a non-trivial task especially if the trusted entity bears the responsibility of managing the secure store of data to ensure that all regulatory requirements are satisfied with respect to the control of authorised access to the data.
  • the trusted entity establishes uniform protocols for authentication of advisers for access to personal data and similar protocols for the supply and storage of information from advice providers into a consumer or individuals secure repository.
  • the Navigator will be an individual or business, but the invention recognises that the Navigator may equally be a computer application or other interactive resource that the individual or company may use to reach their goal.
  • the Navigator is likely to be a trained expert able help the individual make complex choices, for the purposes of this invention the Navigator may equally be a software program that collects, integrates, analyses and reports the individual's information, databases used to resolve a need, or published evaluators of alternatives.
  • a particular advantage of the present invention is that the individual or company is regarded as the “owner” of the data, and retains ownership although selected data is made accessible for use by outside advisers.
  • the Value Exchange builds a consistent store of information on behalf of the individual or company as each interaction with an adviser occurs, and makes that information available at the critical moment where decision support is required. This may be initiated either by the individual or by one of their nominated advisers. The individual or company that is the owner of the information remains in control and authorises the release of information to interested parties as appropriate.
  • the Navigator and workflow processes enable an adviser to take personal data and enrich it to suit specific needs, such as by creating a health or financial outcome diagnostic leading to a course of health management or investment strategy.
  • the system and method of the present invention may also be used to facilitate the prescription of medication or a loan application.
  • the present invention permits an individual anticipating major surgery to have all operative and post-operative care with the surgeon and supporting medical communities and medications scheduled and all details communicated early in the consultative process.
  • a trusted individual or trusted entity can source a range of personal data including beneficiaries' and their contact details, estate asset and liability data and life insurance details when executing a will.
  • the person or company as owner of the data can use a system and method according to the present invention to improve the efficiency of obtaining advice as data may be collected and updated only once to serve a variety of tasks. This efficiency is shared by the Navigator, who, with consent, has access to a source of data upon which to provide the best advice and plan for outcomes with greater certainty.
  • FIGS. 3 to 8 illustrate the processes through which the information owner and their communities establish the right to access private records, the processes for creating the Personal Vault and assigning specific access controls, activities related to using the information contained in the Personal Vault to help the information owner to reach planned objectives, and processes for management of the Personal Vault.
  • step 1000 represents those activities completed for registering Navigators and Third Party communities with an independent controlling authority, referred to as the “Personal Vault Authority”, to obtain a secure access Community key and be ready to interact with Vault Owners' records, when authorised by the Vault Owner to do so.
  • Step 2000 represents the processes through which individuals or companies work with Navigators to understand the benefits of a Personal Vault, and presents activities for clients to register with the Personal Vault Authority to get a secure access Owner's key and to create a Vault Owner's active Vault ready to populate with data.
  • Step 3000 represents the processes by which Vault Owners will interact with the Personal Vault Authority to assign Vault access and management controls and enter details of participating Navigators and/or Third Party data suppliers, to provide for their interaction with the Owner's record, and to load their source data.
  • Step 4000 represents those activities by which Vault Owners work with Navigators to understand the need for a Plan to achieve a stated objective, to undertake a needs analysis based upon the Owner's source records, and to load a Navigator-specific decision tree planning template to produce a customised plan.
  • Step 5000 represents those activities by which Vault Owners work with Navigators to complete planned decision tree steps, with the measurement of performance against targets leading to the attainment of milestones, after which the Navigator establishes and manages further activities to achieve planned outcomes.
  • Step 6000 represents those activities by which all parties manage their respective interfaces with the individual's Personal Vault, including periodic and on-demand refreshment of source data, provision for correcting or annotating a record, revising Vault management permissions, and terminating or archiving records.
  • FIG. 3 illustrates the processes by which Navigators and Third Party communities register with an independent controlling authority, referred to as the “Personal Vault Authority” or “Vault Authority”, to get a secure access Community key and be ready to interact with Vault Owners' records, when authorised by the Vault Owner to do so.
  • the Navigator will be an individual, but the invention recognises that the Navigator may equally be a specialised diagnostic computer application or other interactive resource that the individual or company may use to reach their goal. Where the Navigator is other than human, the Navigator application will have undergone compliance reviews and accredited approval in a manner similar to that outlined in the steps below prior to its implementation.
  • Step 1001 the Navigators and associated advice providers, referred to below as “applicants”, become aware of the existence of the Personal Vault service through various marketing communications and promotional efforts undertaken by the Personal Vault Authority and other interested parties.
  • the applicant registers their interest in interacting with their clients' records contained in the Personal Vault.
  • registration will occur using a Vault Authority-sponsored website and its secure online application routine, using registration routines embedded within industry-specific software, or through a hard copy form completed and returned to the Vault Authority.
  • Information contained in the application will include the applicant's name and contact details, their identity details (normally comprising an industry-specific approval number determined by the industry's licensing or controlling authority, or “reference source”), and details of the technology being used to access the Personal Vault, so that the appropriate key interface may be delivered.
  • the applicant does not have a formally authenticated industry-specific approval number, the applicant must provide sufficient reference source details to the Vault Authority to prove their identity.
  • the Vault Authority acknowledges receipt of the application and at Step 1004 confirms the details of the application with the reference sources provided on the application. Where all details are confirmed as correct, the Vault Authority approves the application. If details contained in the application are not sufficient to confirm the applicant's identity, the Vault Authority rejects the application and asks the applicant to re-apply or provide additional information.
  • Step 1005 the Vault Authority issues the applicant with an inactivated Personal Vault Community access key, software for installation, and instructional materials.
  • Steps 1006 through 1008 refer to the steps through which the applicant installs the access key software and refers to the instructional materials to understand how to interact with a client's private data as contained in their Personal Vault.
  • the applicant installs the software and completes the training at Step 1006 , and at Step 1007 contacts the Vault Authority to indicate they are ready to be tested for accreditation.
  • the Vault Authority schedules the accreditation at Step 1008 and at Steps 1009 and 1010 reviews the applicant's ability to work with the Personal Vault in the approved manner. If the applicant passes accreditation at Step 1011 , the Vault Authority registers the applicant at Step 1012 as an authorised participant, and activates the Community key at Step 1013 , as issued earlier at Step 1005 . The applicant is notified of acceptance, in a preferred embodiment, by e-mail at Step 1014 . If the applicant fails the accreditation review at Step 1011 , the applicant must undergo further training and another accreditation review at Steps 1006 through 1011 .
  • FIG. 4 illustrates the processes through which consumers, individuals or companies, referred to below as “clients” or “users” work with approved Navigators to understand the need for a Personal Vault, and presents activities for clients to register with the Personal Vault Authority to get a secure access Owner's key and to create a Vault Owner's active Vault ready to populate with data.
  • a “trigger event” makes a client aware that an activity must be completed and that expert help is required. For example, such an activity may be awareness of a need to plan for retirement, to lose weight or to manage the business' cash flow performance.
  • Step 2002 if the client does not have a specialist adviser, they will determine a selection of potential advisers, or “Navigators”, that may be capable of helping to resolve their objective and will select their preferred Navigator.
  • the client considers the service offer and value propositions made by prospective Navigators (either human or otherwise) at Step 2003 .
  • the application form is necessary to establish the identity of the client as owner of the information to be contained in their Personal Vault, and to establish an access mechanism embodied in a secure access key.
  • the application form at a minimum, will include collection of identity details, ideally with each detail bearing a point score based upon their level of security and where an acceptable score meets or exceeds a threshold value.
  • the form will also provide for the nomination of proxies who may act upon the client's behalf and will provide the proxy's identity details (as above).
  • the application form will also provide for details of the nominated Navigator and other known third party participants, and provide for conditions of access and consent to interact with the client's private information. Access details provided in this way will be confirmed upon establishment of the Vault, and will be modifiable by the client at any time (see FIG. 5).
  • the Navigator on behalf of the Vault Authority and acting as instructed as part of the Navigator accreditation process (at Steps 1006 - 1011 ), will confirm the client's application details at Step 2008 . Once confirmed, the Navigator compiles and delivers a Welcome Kit to the client at Step 2010 . At a minimum, the Kit will restate the value propositions surrounding creation of the Personal Vault, confirm the client's expressed needs and designated consent, present instructions for using the Personal Vault, how to provide additional access to Navigator communities, how to get further help and details of next steps in the vault establishment process.
  • the Navigator delivers the completed client vault application form to the Vault Authority for processing at Step 2011 , and the Vault Authority processes the application at Step 2012 .
  • An outcome of this step will be the establishment of the client's Personal Vault at Step 2013 .
  • the vault is dormant and inactive.
  • the Vault Authority contacts the client by mail and confirms establishment of their vault, and delivers a deactivated access key, with activation and deactivation instructions, at Step 2014 .
  • the client receives the vault establishment information, and follows the instructions to activate their access key.
  • the Vault Authority authorises and activates the client's Personal Vault and then activates the client's access key, including activation of access permissions by nominated Navigator communities, at Step 2017 .
  • the activated vault is ready to populate with information at Step 2018 .
  • FIG. 5 illustrates the processes by which Vault Owners will interact with the Personal Vault Authority to assign Vault access and management controls and enter or change details of participating Navigators and/or Third Party data suppliers, to provide for their interaction with the Owner's record, and to load their source data.
  • Step 3001 the client uses their activated access key and personal computer to log in and enter their vault.
  • Step 3002 attempted access will be recognised and validated by the Vault Authority or other nominated access security provider, and if approved, and in a particularly preferred embodiment, at Step 3003 the client's computer will display an opening menu screen for the vault, confirming the client's identity and offering a series of hierarchical menus.
  • Step 3004 the client will select the menu item for entering and changing preferences for vault management.
  • the client refers to the identity details of their Navigators and third parties as contained in the Navigator's welcome kit, delivered at Step 2010 , and enters their details at Step 3006 .
  • An automated routine recognises the client's Navigator and the relevant role (Accountant, doctor, etc.) and links them to access and management controls within the vault at Step 3007 .
  • the access conditions tailored to specific roles are displayed on the client's personal computer at Step 3008 , selected by the client at Step 3009 , and communicated to and recorded by the Personal Vault at Step 3010 .
  • Step 3011 the client's personal computer all nominated participants and selected access roles, for the client's reference. If approved, the client accepts all changes at Step 3012 , and changes are updated in the Personal Vault at Step 3013 .
  • Step 3014 The process is repeated for all additional Navigator and participating third parties, at Step 3014 , and returns to Step 3006 .
  • Step 3015 the Vault Authority confirms to the client all nominated Navigators, third parties and associated access controls.
  • the vault is ready to be populated with the client's data and used by all nominated participants.
  • the client instructs their Navigator to load their source data to the client's vault at Step 3016 , which is done at Step 3017 and recorded in the client's vault at Step 3018 .
  • FIG. 6 illustrates those activities by which Vault Owners work with Navigators to understand the need for a Plan to achieve a stated objective, to undertake a needs analysis based upon the Owner's source records, and to load a Navigator-specific decision tree planning template to produce a customised plan.
  • Step 4001 the client responds to a trigger event and contacts their Navigator. This may be an extension of the reason for contact established at Step 2001 , or it may relate to a new trigger event.
  • the client meets with the Navigator at Step 4002 and together they determine the client's goals and objectives (weight loss, retirement planning, etc).
  • the Navigator will commonly recommend the creation of a plan to reach the client's goals and will secure their permission to do so.
  • role-specific planning tools and templates will be developed by industry specialists; resulting best practice models that will be integrated within the Personal Vault data processing protocols and will interact with and draw from client data contained in the client's vault.
  • Step 4004 the Navigator uses their Community key to open the client's Personal Vault.
  • the vault recognises the Navigator and their role and displays the relevant role-centric opening menu of services at Step 4005 .
  • the Navigator selects the “planning” service from the menu at Step 4006 , and the vault returns a planning template tailored to the Navigator's specific role at Step 4007 .
  • the Navigator refers to the planning template and uploads all relevant role-centric client records at Step 4008 , drawing from the client's vault at Step 4012 . If the template requires additional 3rd party information, this information is sought and delivered at Steps 4009 through 4011 .
  • the respective template is populated with information at Step 4013 .
  • the Navigator then completes a client needs analysis (at Step 4014 ) by referring to a role-centric needs analysis questionnaire delivered by the respective template contained in the vault (Step 4015 ), and by information provided from the client during direct discussions (Step 4016 ).
  • the Navigator assesses the client's performance in key areas against Pareto expectations, representing the range of measures that would be expected for that individual (with respect to age, sex or other characteristics) or business segment (industry, scale, etc.). The Navigator then creates a Plan to achieve the desired target at Step 4018 , and determines the activities and milestones required to reach the desired target.
  • Incorporated with the planning tools linked to the Personal Vault are activity-centric decision trees. As the client performs activities within their personalised plan, the path taken to reach their objective is determined by responses provided to questions posed by the Navigator and by the measurable results obtained when completing certain tasks. Completing scheduled activities eventually leads the client to a critical juncture, or “gate”. At that point the client cannot proceed until their Navigator reviews their performance and directs them down the next decision tree path. This process is repeated until the client reaches their intended goals.
  • the decision tree model is first used by the invention at Step 4019 , and is illustrated on FIG. 7, Step 5023 .
  • Step 4019 the Navigator loads the relevant role- (i.e. doctor) and ctivity-centric (weight loss) decision tree template to the plan, drawn from the vault (Step 4020 ).
  • the Navigator modifies the plan for non-generic decision tree activities at Step 4021 .
  • the Navigator now finalises and presents the tailored plan to the client at Step 4022 , and the client approves the plan at Step 4023 .
  • FIG. 7 illustrates those activities by which clients work with Navigators to complete planned decision tree steps, with the measurement of performance against targets leading to the attainment of gated milestones, after which the Navigator establishes and manages further activities to achieve planned outcomes.
  • Step 5001 the Navigator uses their Community key to enter their client's vault, and review their progress against plan.
  • the vault displays a role-centric main menu at Step 5002 , presenting the client's plan.
  • Step 5003 the Navigator meets with the client and reviews their objectives and background information at Step 5004 .
  • Step 5005 the client understands their plan objectives, the activities to be undertaken and the measures of success required.
  • This background information is displayed on the client's personal computer through their vault at Step 5006 .
  • step 4019 and illustrated at Step 5023 activity-centric decision trees are incorporated within the planning tools linked to the Personal Vault.
  • the Navigator will commence each major planning activity by choosing and storing a client's plan activity in the decision tree template, at Step 5007 , and referred to in the vault at Step 5008 .
  • the client Under the direction of the Navigator, the client does the first (or next) plan activity contained within the decision tree template ( 5009 ). Completion of the activity will be supported through instructions and information displayed on the client's personal computer, at Step 5010 . Provision is also made in the invention for the Navigator to measure and record the client's indicators of actual performance to planned Pareto targets, at Steps 5011 and 5012 respectively, and for the information to be recorded in the client's Personal Vault at Step 5013 .
  • the Navigator monitors the client's results contained in their vault and determines if a milestone gate has been achieved (at Step 5014 ). If a milestone gate has been achieved, the Navigator directs the client to the next activity to reach their goal. If there is a shortfall in achieving the milestone, the Navigator determines the reason for this at Step 5015 , and recommends at Step 5016 an alternate course of action to reach the milestone gate.
  • the Navigator monitors progress to the achievement of the client's goal, after progressing through all decision tree branches. If a gate has been achieved but the plan goal has not (Step 5017 ), at Step 5018 the Navigator chooses and stores the next plan activity in the client's vault, selecting from a range of options in the decision tree template (Step 5019 ). The Navigator then instructs the client to proceed to the next uncompleted plan activity specified in the decision tree template (Step 5020 ).
  • Step 5021 the Navigator notifies the client of their achievement, confirming the result during a visit or by electronic means at Step 5022 .
  • FIG. 8 illustrates the remaining components of the invention not reflecting a linear client-Navigator workflow process.
  • the steps illustrate the aspects through which all parties manage their respective interfaces with the individual's Personal Vault, including periodic and on-demand refreshment of source data, provision for correcting or annotating a record, revising Vault management permissions, and terminating or archiving records.
  • Steps 6001 through 6005 refer to the refreshment of data held by Navigators or third parties in their local files, into the client's Personal Vault.
  • the client nominates the data refresh periods (daily, weekly or as appropriate), or activates an “on demand” refresh routine programmed into the software. This step is likely to occur when the client establishes their vault access controls at Step 3006 , or when a desired refresh period has changed.
  • the Navigator or third party service provider does the new activity at Step 6002 and collects and enters new data to their local file, at Step 6003 .
  • the vault responding to the nominated or on demand refresh command, enquires the Navigator or third party's local file and gains access to local client- and Navigator-nominated data.
  • Steps 6006 and 6007 refer to the identification of errors and their correction, and to the entry of notes to the record.
  • the client or Navigator
  • the client identifies possible errors in their record, or seeks an explanation about details contained in their record.
  • the Navigator or third party enters the client's vault using their community key and reviews the entry. The Navigator either corrects it in their local file or enters an explanatory note to the client's vault. Where a change is made to the local record, data is refreshed through the routines described in Steps 6001 through 6005 .
  • Steps 6008 through 6013 refer to the routine management of the record, relating to the revision of file management functions.
  • the client may wish to change an aspect of their vault management functions or permissions.
  • the client enters their vault at Step 6009 and, referring to the main menu, selects the vault preferences function.
  • the desired change is selected, which may relate to changing Navigator or third party access permissions, changing proxy access, rendering all or portion of record temporarily or permanently inactive, archiving or destroying records and other instructions.
  • the vault sends the request to the Personal Vault Authority at Step 6010 , which checks the validity of the request, and if approved, processes the nominated change or instruction at Step 6011 .
  • Revisions to vault management preferences are entered to the vault at Step 6012 and confirmed to the client at Step 6013 .
  • FIG. 9 shows the concept of the Value Exchange as applied to a particular embodiment, in this case the Financial Services industry.
  • FIGS. 10 to 14 illustrate a further embodiment of the invention, in which the secure repository will be referred to as a “Personal Vault”.
  • a scenario is depicted wherein a sharing facility is established and tailored for a first user to enable second users to access their personal data.
  • a first user is introduced to the concept of a “solutions plan” that may be effected as a result of the ability of permitted second users efficiently accessing personal data of the first user.
  • FIG. 10 a diagrammatic representation of the steps included in creating a Personal Vault is provided.
  • Steps 100 may be sub-divided into steps 110 to 140 .
  • an individual agrees to participate in the Personal Vault.
  • step 112 the individual agrees to proceed and contracts to create a Personal Vault and receive the service.
  • this contract may be as simple as verbally providing consent for a free service to the individual, or it may involve a fee-based agreement, supported by a formal contract of activities to be performed by all parties. Due to the complexity of the services and the nature of the personal information contained in the Personal Vault, this step is likely to involve a written, formal agreement, or an online application evidenced by an authentication routine and digital signature.
  • step 113 it is likely that a fee will be paid to a Personal Vault Administrator to cover the cost of maintaining records for each new participant and to provide a margin to the Administrator. Depending upon the relationship and the Personal Vault data application, this fee will either be paid by the individual for whom the Personal Vault is being created, or by the Navigator as part of their service to the individual.
  • Step 120 refers to a Welcome Kit, likely to contain a welcome letter from the Personal Vault Administrator and/or Navigator. It is likely to contain further details of Personal Vault functionality and service agreements.
  • step 122 Along with information contained in the welcome kit will be specific instructions, depicted as step 122 , for contacting the Personal Vault Administrator for installation and operational support. As part of this step, additional information may also be supplied for initialising a software program and logging on to the Personal Vault support and operations network. Operating instructions and interface templates may be provided through a secure Personal Vault administration web site.
  • a Security Provider a separate entity from the Personal Vault Administrator, may deliver an inactivated access key, along with instructions for activation and use.
  • Step 124 the individual follows the instructions to access the Administrator's secure Web site.
  • This web site may include pre-defined templates that enable the individual to determine and select which community members may have access to their personal information.
  • the templates may dictate what information can be provided to whom and under what circumstances. Templates may be used during subsequent activation steps.
  • Activity 130 relates to the steps needed to activate the individual's Personal Vault.
  • the individual follows the instructions delivered by the Security Provider (Step 132 ) to activate the security key.
  • This routine is envisaged to be similar to activating a PIN associated with a credit card or EFTPOS card.
  • step 133 once the individual activates the Personal Vault access key, he or she may select and activate access for other users and nominate the conditions under which access will be permitted, following the instructions provided at Step 124 .
  • This activation routine may occur using the Personal Vault Administrator's secure Web site. The individual may change nominated access preferences at any time.
  • step 134 the individual uses the Administrator's secure Web site to activate access rules provided for in Step 124 .
  • step 135 the Personal Vault Administrator activates selected preferences chosen by the individual. These selected preferences are expected to become available immediately and be recorded in a master file associated with the individual.
  • an individual may create a Personal Vault for a specific purpose, for example, to manage their personal and business finances.
  • the initialisation process will identify any intent in this regard, and will install purpose-specific templates for data capture, manipulation and reporting.
  • Step 140 relates to the insertion of data into an individuals Personal Vault, so that the individual's data can be used to achieve intended outcomes.
  • Step 141 ensures that a Navigator has been identified and has agreed to participate to provide a service for the individual. Whilst an intended outcome has been assumed in earlier steps, it is required at this stage prior to the execution of subsequent steps of the method. If existing professional service providers are unwilling to participate in the Personal Vault program, at Step 142 the Personal Vault Administrator may provide the individual with a directory of participating Navigators or may introduce these suppliers to the individual.
  • step 143 the individual delivers historical files and records to the Navigator for insertion into the Personal Vault, where they are downloaded by Personal Vault data capture protocols into the Personal Vault at step 144 .
  • Paper-based records such as a last will and testament and other legal documents may be converted for storage in a digital format by the Navigator at Step 146 . The decision to include such documentation will rest with the individual.
  • step 147 once all information has been downloaded and a Personal Vault file created, the individual and Navigator(s) review contents of the Personal Vault to ensure all records are present and correct. Where necessary, information may need to be re-submitted or corrected by information providers.
  • an individual may wish other community providers to know that a data file has been created and that a Personal Vault exists.
  • either the individual or the Navigator when specifically permitted by the individual may notify other users and service providers of the existence of the Personal Vault.
  • FIG. 2 is a diagrammatic representation of the steps included in creating a solution plan for an individual.
  • Step 200 relates to use of information residing in the Personal Vault to create a Solutions Plan and to monitor performance outcomes contained in the Personal Vault to guide the individual with respect to the achievement of milestones or completion of planned activities.
  • Step 200 may be sub-divided into steps 210 to 234 .
  • Step 211 The Navigator and individual agree to create a solutions plan at step 210 .
  • Step 211 the individual becomes aware, independent of the Navigator, of the need to reach a desired outcome, or of an activity that needs professional input to complete.
  • Step 212 indicates an alternative to step 211 , where the individual's established Navigator (with Personal Vault access) receives an alert from a diary program that an activity will need to be completed soon, or that a value being reported in the Personal Vault has reached a predetermined value.
  • the Navigator and individual agree that intervention is required, the intervention being formalised by a Solutions Plan.
  • the complexity of the plan will be determined primarily by the sets of data required, the outputs involved and the other users to which the outputs will be delivered.
  • the Navigator reviews all source data contained in the individual's Personal Vault, and at Step 214 , identifies the individual's core needs and introduces value proposition(s) as to why a Solutions Plan is required.
  • Step 215 Through contact with the Navigator, at Step 215 , the individual becomes aware of the need to achieve an outcome through the creation of a solutions plan.
  • Step 216 the individual agrees to proceed with the plan and contracts with the Navigator to proceed. In most professional service relationships, authorisation to proceed will involve payment of an establishment fee, this is depicted at Step 217 . If appropriate for longer-term projects, there may also be service or progress fees payable to the Navigator.
  • the individual and Navigator work together at step 220 to establish goals for the solutions plan(s), drawing from information contained in the Personal Vault.
  • the individual and Navigator would meet and discuss the condition or historical performance, leading up to awareness of the need for a solution.
  • the Navigator uses information from this discussion to enter details to a diagnostic template.
  • the Navigator sources historical Personal Vault data and adds new information gained from the discussion with the individual to the diagnostic template. This will generate an interim report on the background or condition, matched against historical performance and benchmarks such as an industry's financial performance or average health indicators for the individual's age group.
  • Step 224 the Navigator and individual discuss the interim report findings and identify adverse trends or shortfalls to benchmark. Once identified, at step 225 they discuss the potential reasons for any shortfalls.
  • a key element of the planning process at this stage involves the presentation of achievable targets, derived from benchmarks (Step 226 ). Assuming that information is available from various Personal Vaults for various individuals in similar industries or age groups, benchmarks may be established. This assumes that the information has been shared by all the other individuals and collated and analysed by another permitted user.
  • the Navigator communicates the activities required to achieve the plan target(s). These activities are likely to be derived from industry-specific sources, and have a record of success without adverse risk to the individual.
  • Step 228 involves the individual understanding the Plan steps required and committing to creating and following a Solutions Plan.
  • the Solutions Plan is activated at step 230 .
  • This step commences at step 231 , where the individual's relevant Personal Vault data is accessed and structured so that it conforms with planning templates (the template defines which items of personal data the service provider is able to access).
  • the Personal Vault data is then loaded to the planning templates.
  • the planning templates may include functions that generate a formal Solutions Plan at Step 232 .
  • the Navigator presents the Plan to the individual.
  • the individual agrees the Plan approach, including targeted milestones, outcomes and reporting activities. Once agreed and commenced, the Plan is deposited into the Personal Vault at Step 234 .
  • Step 241 has the individual starting with the first planned segment or activity contained in the Plan.
  • step 242 the individual purchases and uses the product or service suggested in the Plan, that is proposed to achieve the milestone.
  • Step 243 the individual inputs the results of using the product or service into their Personal Vault, either indicating measurable results or subjective observations about progress.
  • Step 244 the Navigator or other nominated representative monitors the results being indicated in the individual's Personal Vault against Plan targets.
  • Step 245 where there are shortfalls to any planned target, the Navigator or delegate meets with the individual and discusses the reasons for any shortfall. During this time, at Step 246 , the Navigator offers alternative products or services that may meet the objective, if it is agreed the earlier course will not meet the goal.
  • the Navigator records the achievement of the Plan outcome in the individual's Personal Vault.
  • Step 300 relates to the monitoring of a solution plan and other outcomes indicated in the Personal Vault. Step 300 may be sub-divided into steps 310 to 333 .
  • Step 310 includes the steps for working to Plan milestones.
  • the individual commences with the first planned segment or activity. This will generally involve direct counseling with the Navigator, at step 312 , but may be described in written or other instructions contained in the Plan.
  • the plan activities may involve the purchase of products or services that support achievement of the objective.
  • the individual may purchase and use products or services at Step 313 .
  • the individual will then complete or practice activities as outlined in the Plan at Step 314 , using the products or services purchased in the previous step.
  • Step 315 the individual inputs data to their Personal Vault. Where there is regular communication with the Navigator during the process, the Navigator may post the results.
  • Step 320 involves the Navigator monitoring the individual's results and correcting shortfalls to reach the target. While the individual is completing Plan activities, the Navigator will monitor progress toward outcomes through the individual's Personal Vault (step 321 ). The Navigator may diarise regular access, or may be requested to do so by the individual. There may even be an alert that automatically appears in the Navigator's system when a positive or negative performance threshold is reached.
  • Step 322 the Navigator will meet with the individual to discuss progress and to identify the reasons for any shortfall. If products or services acquired as part of the plan have not helped to achieve planned milestones, at Step 323 the Navigator may suggest alternative activities. This may involve an offer of new products or services for purchase, either through the Navigator or through another source (step 324 ). The plan completion activities outlined from Step 311 through 324 are repeated until a satisfactory outcome is achieved.
  • Step 330 involves the communication of either success or failure to meet the target.
  • the Navigator identifies the achievement of the interim or complete Plan outcome.
  • both the individual and Navigator may record details relating to the completion of the Plan in the individual's Personal Vault in Step 332 .
  • the individuals success is communicated to them at Step 333 and potentially, the result may be communicated to other interested parties within a community permitted to receive such communications.
  • Step 400 relates to the sharing aspects of the individuals personal data in the Personal Vault.
  • Step 400 may be sub-divided into steps 410 to 442 .
  • Step 410 involves the nomination of other users or community partners to gain access to the individual's Personal Vault and personal information.
  • the Navigator identifies potential suppliers or users of the individual's Personal Vault data. If the individual is a small business owner and the Navigator is his or her Accountant, potential suppliers may include banks, investment brokers, insurers, superannuation providers and others in the financial services industry.
  • the Navigator may work with the individual to nominate partner companies and people within each company at Step 412 .
  • the Navigator will create or work from a standard template indicating a range of access rules by which other users will be able to access the data in an individual's Personal Vault. It is most likely that data access templates will be constructed by the Personal Vault provider and industry authorities.
  • Step 414 the individual nominates selected access preferences. This is completed by way of a secure electronic form, transmitted to the Navigator, Personal Vault authority and Security Provider.
  • community partners may need to enter into supply contracts in Step 415 , committing to comply with rules of access.
  • step 420 community partners are connected to the individual's Personal Vault.
  • the Navigator or Personal Vault authority may send an Induction Kit to nominated community members, if the member is unaware of the program.
  • the Kit will be similar to that sent to the individual at Step 121 , but tailored to the community member, and will likely contain an inactivated security key offering a higher level of authentication than the individual's key.
  • the Navigator (or Security Administrator) ensures that the community member's access security is compliant with that of the Personal Vault to ensure that access to the individual's records is performed in a secure manner.
  • the Navigator (or Security Administrator) will ensure at Step 423 that the users have been nominated, and have received and can follow secure access routines, and use the security key correctly. This will be demonstrated by receiving accreditation for access to the Personal Vault.
  • Step 424 community partners will determine the required data and reporting formats in which to obtain data from, and supply data to, the Personal Vault. The Navigator will also discuss and action any other partner reporting requirements at Step 425 .
  • the Personal Vault Administrator Upon completion of step 425 , the Personal Vault Administrator is ready to activate the partner connection.
  • the Administrator may install an industry-specific data interface to translate Personal Vault data to the required reporting format at Step 426 .
  • the Administrator Working from selected preferences identified at Step 413 , the Administrator will also activate preferences for selective access rules at Step 427 .
  • the Administrator will activate and verify access by the nominated community member to the individual's nominated fields in the Personal Vault (Step 428 ).
  • step 430 Once installed, community members can access and share nominated Personal Vault data as depicted in step 430 .
  • This step is likely to commence at Step 431 , with a community member receiving an online alert or other notification that a Navigator or individual wishes to receive a product or service.
  • the Navigator or individual may have included details or other instructions regarding the request in a Personal Vault information field.
  • the information field may contain one or more items of personal data of an individual. If so, the community member accesses the Personal Vault and views the notes at Step 433 .
  • the community member extracts the data they require from the Personal Vault.
  • the data will be communicated in the desired format, in accordance with the templates established earlier at Step 426 .
  • the community member will then use the personal data of the individual to deliver the product or service as contracted in Step 415 .
  • Step 441 the Security Provider audits access records for unauthorised entry and takes action with respect to any unauthorised attempt to access the personal data of an individual.
  • the Security Provider sends a regular report to the Navigator and individual, as contracted, in Step 442 .
  • Step 500 of the method relates to the closing of a Personal Vault and the handling of the personal data in a secure manner.
  • Activity 511 the individual decides to close their Personal Vault record. This may be instigated by an individual, or may be instigated by a custodian who closes the record on an owner's behalf (such as in the event of death).
  • Step 512 the individual (or custodian) advises the Navigator of the intent to close the record. If appropriate, the Navigator may determine the reason for the closure and seek to correct any shortcoming ( 513 and 514 ). If the individual still wishes to close the Personal Vault record, he or she confirms their intent and provides instructions for closure at Step 515 .
  • Activity 520 details the steps for removing access.
  • the individual informs the Security Provider (preferably in writing) to close the record.
  • the Security Provider removes access to all, or part of, the individual's record in accordance with the instructions.
  • the Security Provider advises, at Step 523 , all relevant connected communities affected by the closure of the record.
  • the Personal Vault records are filed or destroyed following the individual's instructions at Activity 530 .
  • the Security Provider returns, archives or destroys the record as instructed.
  • the Security Provider seeks return of all security keys from the individual and from any connected parties, if necessary.
  • the activity ends at 533 with confirmation by the Security Provider of the action, providing a final report of closure to the individual.

Abstract

The present invention provides a method and system for providing advice and/or services to a consumer including the secure electronic storage of rich private personal data preferably held in trust for and on behalf of a natural person or nominated business or corporate entities. The system provides the applications, processes, controls and data management services to collect from various sources, transfer, store and selectively retrieve data necessary to perform a range of specified planning and decision support activities or events, for which specific applications have been integrated with the secure data store for these purposes. The invention provides for the data owner and authorised persons such as advice and service providers to gain authenticated access to accessible data to undertake permitted tasks. These tasks may include receiving data or record views, or undertaking planning or decision support strategies, or such other tasks as are prescribed. In an embodiment, the system limits access to applications to approved authorised persons and requires specific permissions from the owner in order to manage data privacy standards. The system allows the owner to provide and revoke access permissions to applications and tracks and records all access events.

Description

    TECHNICAL FIELD
  • This invention relates generally to a method and system for providing advice and/or services to consumers and includes the storage and sharing of personal data of a user in a computer system such that the personal data is secure and not easily accessible to others with whom the personal data is not intended to be shared. The invention is suited to various applications where consumers, or trusted entities acting on behalf of consumers, permit efficient access to personal data by others who legitimately require that information or with whom the consumer wishes to share that personal data. In particular, the invention relates to a system and method for consumers to effectively share personal data and in doing so obtain advice based upon the personal data that has been made available to advisers. [0001]
  • BACKGROUND ART
  • Databases for the storage of information have been known for some time. However, databases are not well known for the storage and efficient dissemination of personal information to third parties who are provided permission to access that personal information. [0002]
  • Generally, there is a significant level of community concern regarding the security of personal information stored electronically in databases. In particular, breaches of privacy with respect to personal information stored in databases operated and maintained by government agencies and others act to undermine the trust of members of the community. [0003]
  • Security measures such as public key encryption have been introduced in an attempt to improve the level of security with respect to the handling of information that is stored and accessed electronically. However, these developments have generally only been implemented with respect to entire documents or to provide access to entire databases. [0004]
  • Adviser relationships have existed since mankind first sought the advice of a trusted family member, associate or other trusted individual to assist a person make a decision or plan to achieve an outcome. [0005]
  • The success of the advice given depends upon the ability of the individual seeking advice to identify and communicate a complete view of their relevant history, current circumstances and future plans, and upon the trusted individual's ability to identify and make use of that information to arrive at a recommended course of action and to develop a strategy to reach the individual's goal. [0006]
  • Of course, this depends upon the complexity of the individual's goal and the information required, the individual's ability to selectively communicate all the information to enable the trusted individual (or trusted individuals working in collaboration), the ability of the trusted individual to get access to this information when alternatives are being considered, the professional skills required of the trusted individual to provide advice to meet that goal, and the individual's commitment to the trusted individual's recommendation(s). [0007]
  • Whilst the best possible advice is desired from a trusted individual and accurate personal data is divulged for this reason, people are generally not inclined to provide unfettered access to an adviser with respect to all their personal data. Accordingly, most people seek to restrict divulging personal data to only those necessary details for an adviser to provide the relevant advice. [0008]
  • As a result, there is a balance between divulging relevant personal data to an adviser to enable them to provide relevant, practical and effective advice and the personal desire to retain personal information private and confidential. [0009]
  • The general concern about keeping personal information private and protected has led to many countries adopting strict regulatory controls with respect to the use and management of an individual's personal data. On the other hand, with the advent of increased reliance upon advisers for a range of needs, it is becoming increasingly common for advisers to adduce evidence of a satisfactory level of probity and awareness of an individual's personal situation such that they can justify their advice as relevant and appropriate considering the personal circumstances of the individual seeking advice. [0010]
  • The situation is further complicated when a person requires advice from a range of advisers who each require access to different aspects of the individual's personal data. In certain circumstances, significant inefficiencies can be avoided if advisers are able to collaborate with respect to the individual advice they are providing. [0011]
  • Presently, in situations where a consumer requires advice from a range of advisers, they provide their relevant personal data to each adviser individually. In most instances, there is a substantial repetition of the data provided which is usually necessary since individual advisers rarely collaborate with respect to advice for a particular consumer. As a result, each adviser will usually keep a record of the personal data provided by consumer and retain that data for future reference. As the advice provided by an adviser is necessarily reliant upon the consumers personal data, advisers effectively become the owner of the record of personal data provided to and kept by them as they need to keep such data in the event that they are subsequently confronted with an allegation of negligence or some form of misconduct. In these instances, advisers rely upon the personal data that they keep to enable them to defend their consumer's action and/or the advice provided to the consumer. [0012]
  • Therefore, with prior arrangements, there is significant inefficiency experienced by a consumer when they seek advice from a range of advice providers. This inefficiency is particularly noticeable when a consumer requires advice from multiple advisers who need to collaborate in order to advice the consumer. [0013]
  • Further, with prior arrangements, it is not possible for consumers to retain ownership of their data and obtain advice without providing copies of their personal data to an adviser whilst at the same time satisfying the requirements of advisers to be able to justify or defend the advice provided. [0014]
  • Accordingly, it is an object of the present invention to provide a method and system of providing advice to a consumer that mitigates the inefficiencies associated with previously known methods and systems. [0015]
  • It is another object of the invention to provide a method and system of providing advice to a consumer that enables a consumer to retain ownership of and access their personal data and avoid providing copies of same to advisers for the purpose of obtaining advice. [0016]
  • Any discussion of documents, acts, materials, devices, articles or the like which has been included in the present specification is solely for the purpose of providing a context for the present invention. It is not to be taken as an admission that any or all of these matters form part of the prior art base or were common general knowledge in the field relevant to the present invention as it existed before the priority date of each claim of this application. [0017]
  • Throughout this specification the word “comprise”, or variations such as “comprises” or “comprising”, should be understood to mean the inclusion of a stated element, integer or step, or group of elements, integers or steps, but not the exclusion of any other element, integer or step, or group of elements, integers or steps. [0018]
  • SUMMARY OF THE INVENTION
  • In one aspect, the present invention provides a method for providing advice and/or services to a consumer the method including the steps of: [0019]
  • the consumer storing personal data and documents in a secure repository connected to a data communications network; [0020]
  • the consumer specifying items of personal data in the secure repository that are to be accessible to at least one authorised advice provider; [0021]
  • an authorised advice provider accessing the consumer's available items of personal data across the data communications network upon provision of necessary authentication; [0022]
  • the advice provider analysing the items of personal data to determine the advice for the consumer; [0023]
  • the advice provider depositing information into the consumer's secure repository across the data communications network, said information representing the advice provided to the consumer; and [0024]
  • the consumer accessing the information deposited into their secure repository to review the advice. [0025]
  • In another aspect, the present invention provides a method for providing advice and/or services to a consumer the method including the steps of: [0026]
  • the consumer authorising a trusted entity to store the personal data of the consumer into a secure repository connected to a data communications network and to manage the release of that data; [0027]
  • the consumer and/or trusted entity specifying items of personal data in the secure repository that are to be accessible to at least one authorised advice provider; [0028]
  • an authorised advice provider accessing the consumers available items of personal data across the data communications network upon provision of necessary authentication and when executing computer instructions code for accessing the personal data that has been pre-approved by the trusted entity; and [0029]
  • the advice provider analysing the items of personal data to determine the advice for the consumer. [0030]
  • In a preferred embodiment of the method of the invention, the method includes the step of the consumer specifying a plurality of advice providers that can access an item of personal data. In this embodiment, the step of advice providers accessing at least one item of personal data of a consumer includes the execution of at least one segment of computer instruction code. The computer instruction code may execute functions with respect to the items of personal data and provide the results of those functions to advice providers. Further, these functions may be executed and provide results to advice providers without revealing the actual personal data of the consumer to the advice provider. [0031]
  • It is expected that consumers will pre-approve the computer instruction code that will be permitted to access the personal data of the consumer. Of course, in the event that a consumer appoints a trusted entity to store, maintain and manage their secure repository of personal data, the trusted entity would most likely be authorised by the consumer to approve computer instruction code that, when executed, accesses the stored items of personal data owned by the consumer. [0032]
  • Once information is deposited into a consumers secure repository, the information representing the advice provided to a consumer by an advice provider, the consumer and/or trusted entity may authorise other advice providers to access that previously supplied advice. [0033]
  • As consumers are now generally more reliant upon advice from other others than ever before, it is not unusual for service industries to establish codes of conduct for members of those industries in relation to the advice they provide. In some instances, regulatory controls have been established and legislation enacted to penalise advice providers that do not display a requisite level of care and attention with respect to the advice they provide. One particular aspect of the duty of care required by an advice provider is that they ensure that they have adequate data pertaining to a consumers circumstances and an understanding of a consumers goals, attitudes to risk and similar values. Accordingly, in a preferred embodiment of the invention, the secure repository includes items of data representing the values and/or attitudes of the consumer, the consumer's personal goals that they intend to achieve over a specified period of time, the consumer's goals as prioritised by the consumer, the consumer's preferred outcomes over a specified period of time and the preferred outcomes as prioritised by the consumer. Of course, with this type of data available to an advice provider, the provider can access and determine their advice based upon this data. [0034]
  • In a particularly preferred embodiment, the consumer appoints a principal adviser to act on their behalf and authorises that principal adviser to execute various transactions on behalf of the consumer. This enables the consumer to relieve themselves of the burden of managing their affairs and arranging and authorising other advice providers as and when required and considering the advice provided and resolving any difficulties or queries about advice that is deposited into the consumers secure repository. [0035]
  • In an embodiment of the invention, the consumer and/or principal adviser authorises a plurality of advice providers to access relevant personal data of the consumer to enable the plurality of advice providers to provide relevant advice to the consumer having regard to at least one of the consumer's values, attitudes, personal goals and/or preferred outcomes. Enabling multiple advisers to access the personal data of a consumer increases the efficiency of the process of obtaining advice from multiple advisers as compared with prior systems and methods. Further, where the trusted entity and/or principal adviser retain the personal data for and on behalf of a consumer, the consumer is able to prevent their personal data from being replicated throughout a number of systems as is currently the practice. [0036]
  • In a particularly preferred embodiment, the method includes the step of the recordal of each instance of one or more of the following: [0037]
  • instances of access to a consumer's personal items of data in their secure repository; [0038]
  • instances of the depositing of information into a consumer's secure repository; or [0039]
  • instances of changes to a consumer's personal items of data in their secure repository. [0040]
  • Of course, having recorded all instances of events as listed above, the method also preferably includes reporting the instances. This type of report could be produced by either the consumer, the consumer's principal adviser and/or the trusted entity. [0041]
  • According to another aspect, the present invention provides a system for providing advice and/or services to a consumer, the system including: [0042]
  • a secure repository connected to a data communications network for the storage of personal items of data of a consumer; [0043]
  • a means enabling the consumer to specify those items of personal data in the secure repository which are to be made accessible to an authorised advice provider; [0044]
  • a means enabling the consumer to identify the advice provider or a class of advice providers to whom access will be provided for those specified items of personal data; [0045]
  • a means for authenticating the identity of an advice provider; and [0046]
  • a means for enabling authenticated authorised advice providers to access the specified items of personal data of the consumer for which the advice provider has been identified as having permission to access and a means enabling an advice provider to execute computer instruction code that obtains items of personal data from the consumers secure repository and analyses the items of personal data to generate information that represents advice for the consumer, the computer instruction code also enabling the advice provider to deposit said information into the consumers secure repository for subsequent access by the consumer. [0047]
  • In another aspect, the present invention provides a system for providing advice and/or services to a consumer, the system including: [0048]
  • a secure repository connected to a data communications network controlled by a trusted entity to store personal items of data for consumers; [0049]
  • a means enabling consumers to specify those items of personal data in the secure repository that are to be made accessible to an authorised advice provider; [0050]
  • means enabling the consumers to identify the advice provider or a class of advice providers to whom access will be provided for those specified items for personal data: [0051]
  • means for authenticating the identity of an advice provider; and [0052]
  • means for enabling authenticated authorised advice providers to access the specified items of personal data of consumers for which the advice provider has been identified as having permission to access. [0053]
  • Preferably, the system of the present invention provides, in addition to the secure repository, a plurality of approved software applications, wherein each of the plurality of applications provides a specific function such as: [0054]
  • enabling each of the consumers to store personal data in the secure repository; [0055]
  • enabling each of the consumers to specify those items of personal data in the secure repository which are to be made accessible to an authorised advice provider; [0056]
  • enabling each of the consumers to identify the advice provider or the class of advice providers to whom access is to be provided for those specified items of personal data; [0057]
  • authenticating the identity of an advice provider; and [0058]
  • enabling authenticated authorised advice providers to access the specified items of personal data of the consumer for which the advice provider has been identified as having permission to access. [0059]
  • In some embodiments of the present invention, such computer software applications may access personal data stored in the secure repository in order to provide a response to a particular query of an authenticated authorised advice provider, without revealing an actual value of the accessed personal data. [0060]
  • The system of present invention provides the consumer with a secure electronic storage system for their personal private data. In preferred embodiments of the invention, each of the consumer can access their personal data at any time by use of a network browser or personal portal connected to the system of the present invention. Preferably, the system applications present the data in a manageable form to facilitate easy retrieval and re-ordering of personal data in order to perform specific tasks such as planning and decision making in relation to key life events. [0061]
  • The system of the present invention further enables each of the consumers to securely link personal information with key advice or service providers. That is, the present invention enables the advisers or service providers of the consumer to securely access the personal data of the consumer as prescribed by the consumer, via a data communication network such as the Internet. The system of the present invention provides a consumer and the consumer's service providers with applications to facilitate convenient access of the personal data of the consumer, thereby improving the efficiency of the data collection processes of advice or service providers. Further, the system of the present invention provides a secure repository in which the user may store personal data such as accounting records, financial records, health records, professional data and the like. Consequently, the system of the present invention enables data from disparate sources to be pooled into a single secure repository, reducing the requirement for duplication of records and facilitating efficient provision of that personal data to authorised advice and/or service providers identified by the consumer. The present system therefore empowers users to uniquely store their personal data in a secure repository, and to establish access permissions to advice providers of their choice, such as accountants or other service providers. As such, since consumers commonly deal with many such professional service providers, the present system avoids the need to duplicate data gathering efforts and the need for the user to actively provide the same data repeatedly to the various professional service providers with whom they deal. The system may further provide a plurality of applications facilitating the storage and access of the personal data in the secure repository. [0062]
  • For the purposes of this specification, the term “personal data” may refer to the data that is considered personal, or private, to either an individual or an organisation such as a small business. For example, the consumer may be a small business or organisation. [0063]
  • The selection of items of personal data for sharing may be effected by various methods. Preferably, the selection of items of personal data for sharing is effected by use of a template, the template including at least one pre-defined list of personal data items that may be shared with an advice provider or another consumer, or class of advice providers or consumers. The pre-defined template may be amended a consumer or principal adviser in order to amend the items of personal data that may be shared with an advice provider or another consumer identified by that template. For example, a consumer may prefer to share personal financial data with finance professionals without sharing that information with anyone else, such as insurance company personnel. [0064]
  • The selection of personal data for purposes of sharing may also be effected by use of a filter within the technology and activated by either the consumer or a professional adviser wherein a set of conditions satisfied by personal data of the consumer is shared with advice providers or a class of advice providers. In instances where there is a substantial amount of personal data amended by a consumer, it may be more convenient to select items of personal data for sharing by the establishment of a “sharing rule” or criteria as compared with requiring a consumer to provide a specific sharing indication for each and every item of personal data they own. [0065]
  • In an embodiment, a consumer grants permission to advice providers or other consumers to share items of personal data by enabling those advice providers or consumers to access the template or filter that the consumer has defined for those providers or consumers. In this instance, the authentication of the advice provider to gain access to the template or filter may act as the authority to gain access to the items of personal data of the consumer as provided by the template or filter. [0066]
  • Irrespective of the method used by an advice provider or consumer to gain access to personal data items of a consumer, the method preferably includes the steps of recording all instances of actual access of the consumers personal data to generate an audit trail. The record of instances of access may be included in a report that is supplied to the consumer each and every instance an attempt to access personal data occurs. Alternatively, a report of all instances of access of the consumers personal data may be provided on a regular basis (eg monthly). [0067]
  • Templates or filters may define the particular items of personal data that a consumer wishes to share but may also include other restrictions or conditions relating to the sharing of personal data. For example, a template or filter may operate only to allow access to personal data for a limited period of time, or may only allow access for a limited number of times. [0068]
  • Whilst templates or filters primarily limit access to specific items of personal data intended to be shared by a consumer, they may also perform functions on the underlying personal data of a consumer thus providing to an advice provider using a template or filter, information derived from one or more of the underlying items of personal data of the consumer. Additionally, a template or filter may devolve information into data such that it may be presented to advice providers, such as a service provider, in a more appropriate form. The devolution of personal information into data thus provides greater flexibility with respect to the form of the personal data required by advice providers. [0069]
  • In a preferred embodiment, advice providers may contribute to the store of advice for a consumer as a result of effecting their own services in relation to the personal data of the consumer to which they have been granted access. For example, a financial planner may develop a plan of investments for a consumer based upon their personal data and may deposit into the consumer's secure repository, information relating to an investment plan. The template provided to the advice provider, namely a financial planner, may also provide them with the ability to deposit additional items of information into the consumer's repository. Templates or filters may be developed for specific purposes and be capable of only a single use. [0070]
  • In a particularly preferred embodiment, an advice provider transfers a software program into the secure repository of a consumer which uses the data to which the advice provider has been granted access as input to the software program. In this instance, the output of the software program also resides in the secure repository and is thus provided to the consumer. The output of the software program may, for example, provide advice to the consumer or may provide a progress report with respect to some combination of items of personal data. The software program may provide an alert or warning of an impending condition or circumstance that requires some form of intervention in order to avoid. The software program may also provide details regarding the form of intervention required or choices in relation to the available types of intervention that may avoid the condition or circumstance from developing. The execution of the software program within the secure repository of the consumer provides an assurance to the consumer that their personal data is not transferred out of their secure repository at any time. [0071]
  • The software program made available may also provide recommendations regarding further actions to be performed or further data that should be collected or analysed in order to provide decision support. [0072]
  • The secure repository of items of personal data of consumers may be entrusted to a trusted entity. In a preferred embodiment, the trusted entity may be engaged to create links between personal data items of the consumer in order to enable other users to efficiently access required personal data items of the consumer. In such an embodiment, the linking of items of data enables an advice provider to efficiently perform an analysis of the consumer's relevant data and to provide advice accordingly. [0073]
  • Irrespective of the source or operation of the secure repository, access to data within the repository preferably requires the use of a digital security key. The digital security key is preferably supplied by an advice provider or other consumer at the time the requests for access to items of personal data are made, whether the access is by way of a template or not. The provision of access may be determined in a challenge/response manner. [0074]
  • In a particularly preferred embodiment, the secure repository is connected to a data communications network thereby enabling all other permitted advisers connected to that network to gain access to the personal data of a consumer. Preferably, the repository is connected to the Internet. [0075]
  • In an embodiment, a number of consumers may be provided with concurrent access to the personal data of a first consumer. Simultaneously, the first consumer may be provided with concurrent access to the personal data of those other consumers. In this instance, a community of consumers is effectively formed wherein the secure repositories of the group of consumers are aggregated to form the community. This provides for the effective sharing of information between that community of consumers and enables advice and service providers to gather collective data from the group and analyse that data. [0076]
  • Various advantages of the present invention other than those already described will be apparent from the description of a preferred embodiment of the invention.[0077]
  • BRIEF DESCRIPTION OF DRAWINGS
  • An example of the invention will now be described with reference to the accompanying drawings in which: [0078]
  • FIG. 1 illustrates an architecture of the present invention; [0079]
  • FIG. 2 illustrates a system model of a system according to the present invention; [0080]
  • FIG. 3 depicts the flow and processing of information within the high-level process step of registering Navigator communities; [0081]
  • FIG. 4 depicts the flow and processing of information within the high-level process step of establishing a personal vault; [0082]
  • FIG. 5 depicts the flow and processing of information within the high-level process step of assigning Navigator and third party access controls; [0083]
  • FIG. 6 depicts the flow and processing of information within the high-level process step of developing and lodging a plan; [0084]
  • FIG. 7 depicts the flow and processing of information within the high-level process step of working with the plan; [0085]
  • FIG. 8 depicts the flow and processing of information within the high-level process step of managing personal vault information; [0086]
  • FIG. 9 illustrates an embodiment of the invention applied within the financial services industry; [0087]
  • FIG. 10 is diagrammatic representation of the steps included in creating a secure repository for an embodiment of the invention; [0088]
  • FIG. 11 is a diagrammatic representation of the steps included in creating a solution plan for the embodiment of FIG. 10; [0089]
  • FIG. 12 is a diagrammatic representation of the steps included in monitoring outcomes for the embodiment of FIG. 10; [0090]
  • FIG. 13 is a diagrammatic representation of the steps included in sharing information for the embodiment of FIG. 10; and [0091]
  • FIG. 14 is a diagrammatic representation of the steps included in closing the secure repository.[0092]
  • BEST MODE OF INVENTION
  • The present invention is preferably implemented in an application architecture as depicted in FIG. 1. In a particularly preferred embodiment, a consumer or [0093] individual 1, representing either a natural person or an enterprise, interacts with a trusted entity or Navigator 2, which may be either an individual or business that provides specialised advice or services, or a tool delivered through a software application or other device to record and use private information to assist the consumer or individual to meet their goals.
  • In a particularly preferred embodiment, a Navigator applies for and is granted permission to gain access to a secure repository or “Personal Vault” [0094] 4 this is managed by a trusted entity, and to either use or install task-specific applications within the secure or repository “vault”. These applications will depend upon the importation of the individual's (or business') private data to determine a tailored solution or course of action to reach an individual's goal.
  • In the course of establishing the Navigator relationship and identifying the individual's needs, in a preferred embodiment the individual's private and sensitive information will be delivered by the individual [0095] 1 to the Navigator 2. In a particularly preferred embodiment delivery occurs electronically and the information is sent, with appropriate access controls, via the respective Web browsers of the participants through the Internet 3, and directed to the information processors 4 of a secure trusted entity. The secure trusted entity establishes and populates a secure database 5 as a repository for the individual's information, and holds that information in trust for the individual 1. Information required to populate the secure database 5 may be collected from the individual, from the Navigator 2 based upon services previously supplied, or from third parties authorised by the individual to supply information relevant to the Navigator's task.
  • Once the [0096] secure database 5 has been established through the secure trusted entity, the Navigator 2 can then interact with the data held therein by making use of computer software applications held within the secure trusted entity's central processor 4. New results of activities undertaken between individual 1 and Navigator 2 are recorded and transmitted via the respective browsers of the individual 1 and Navigator 2 through the Internet 3, and to the individual's secure database 5. Results of progress or shortcomings against intended outcomes are recorded and analysed by the respective application held within the trusted entity's processor 4 and reported back via the Internet 3 to the respective pc-based browsers of both the Navigator 2 and individual 1.
  • FIG. 2 illustrates a system model of a system according to the present invention. Navigators, third parties and other participants develop [0097] applications 9 and 13, respectively, to meet the goals of individuals, such as wealth planning or health management. These applications will be reviewed by and approved or rejected, and the necessary data filters 10 identified that are required to restrict access to only necessary and approved information. Approved applications are registered with the Personal Vault 12 held by the trusted entity.
  • The individual [0098] 6 interacts with an authorised person or service provider, or Navigator 7 to establish and work from a task-specific plan. In the course of gathering information to establish the plan, the individual's personal data, held in trust, is sourced from the Navigator 7, authorised third parties 8 and other external data sources 11. The authorised application 9 or 13 delivers the information through data filters 10 that determine the right to use and need to use the personal data intended to realise the individual's stated goals contained within their plan.
  • The progressive achievement of plan outcomes is reported by the authorised [0099] application 9 and monitored by both the Navigator and individual to determine if and when interim milestones have been achieved, and to determine what steps are necessary to meet the intended goal.
  • The essence of the present invention is to provide a method and system to enable consumers, individuals or businesses to manage key elements of their affairs by following a process based upon an integrated and secure exchange of personal data with advisers. Such a data exchange between consumers, individuals and advisers is provided by establishing a secure storage for personal data and managing the release and integrated distribution of personal data between advisers. In a preferred embodiment, the present invention includes a reliable store of data pertaining to the individual or company, and integrates that information with each interaction occurring with an approved adviser. The individual or company that is the owner of the information remains in control and authorises the release of information to advisers as appropriate. Further, when a trusted entity acts on behalf of a consumer or individual and manages the secure storage of personal data and controls the access to that data by external entities such as advisers; the consumer or individual is relieved of the burden of this task. The storage and management of personal data is a non-trivial task especially if the trusted entity bears the responsibility of managing the secure store of data to ensure that all regulatory requirements are satisfied with respect to the control of authorised access to the data. [0100]
  • In a particularly preferred embodiment, the trusted entity establishes uniform protocols for authentication of advisers for access to personal data and similar protocols for the supply and storage of information from advice providers into a consumer or individuals secure repository. [0101]
  • Individuals are gaining access to a massive storehouse of often conflicting health, financial and other information through the Internet. But information without intelligence is useless. Within each industry, there is likely to be the need for a specialist resource that will act as an intermediary for the information owner to support complex decision-making that requires expert resources, processes and/or mediation. Such a resource will guide the individual or company through the nuances of establishing a wealth creation, health management or other plan and then gathering, storing and releasing specialised information to achieve planned outcomes. For the purposes of this specification, the primary advisory role, sometimes referred to as the principal adviser, is termed the ‘Navigator’, and the interaction between the individual or company and Navigator to provide and integrate information into a plan is referred to as the “Value Exchange”. [0102]
  • In a particularly preferred embodiment, the Navigator will be an individual or business, but the invention recognises that the Navigator may equally be a computer application or other interactive resource that the individual or company may use to reach their goal. [0103]
  • While the Navigator is likely to be a trained expert able help the individual make complex choices, for the purposes of this invention the Navigator may equally be a software program that collects, integrates, analyses and reports the individual's information, databases used to resolve a need, or published evaluators of alternatives. [0104]
  • A particular advantage of the present invention is that the individual or company is regarded as the “owner” of the data, and retains ownership although selected data is made accessible for use by outside advisers. [0105]
  • The Value Exchange builds a consistent store of information on behalf of the individual or company as each interaction with an adviser occurs, and makes that information available at the critical moment where decision support is required. This may be initiated either by the individual or by one of their nominated advisers. The individual or company that is the owner of the information remains in control and authorises the release of information to interested parties as appropriate. [0106]
  • The Navigator and workflow processes enable an adviser to take personal data and enrich it to suit specific needs, such as by creating a health or financial outcome diagnostic leading to a course of health management or investment strategy. The system and method of the present invention may also be used to facilitate the prescription of medication or a loan application. [0107]
  • Across many industry sectors, there is continuous exchange of information about individuals or companies as they go about separate but related processes across the span of the industry. Often the information has substantially common elements, but it is rarely shared or re-used efficiently because each part of the industry has different systems, processes and traditions. To be useful, this information needs to reach all intended audiences participating in the delivery of a service or outcome. The value of information will be determined by the quality of that information as defined by the user—considering such elements as accuracy, currency, propensity for customisation, interactivity, relevance, security and other measures. The reach available to a consumer or individual will be determined by the number of authorised participants sharing the individuals personal data. [0108]
  • Potential applications of the present invention exist in the health industry services, where an individual can find that they are providing the same information many times as they progress through various stages of care. In a particular embodiment, the present invention permits an individual anticipating major surgery to have all operative and post-operative care with the surgeon and supporting medical communities and medications scheduled and all details communicated early in the consultative process. [0109]
  • Similar potential applications exist in the financial services industry, where an individual or company may have many interested parties that need to know relevant financial data pertaining to an individual and each has slightly different requirements. The situation is compounded where data needs to be gathered from more than one industry. In a particular embodiment of the present invention, a trusted individual or trusted entity can source a range of personal data including beneficiaries' and their contact details, estate asset and liability data and life insurance details when executing a will. [0110]
  • The person or company as owner of the data can use a system and method according to the present invention to improve the efficiency of obtaining advice as data may be collected and updated only once to serve a variety of tasks. This efficiency is shared by the Navigator, who, with consent, has access to a source of data upon which to provide the best advice and plan for outcomes with greater certainty. [0111]
  • The information management system illustrated in FIGS. [0112] 3 to 8 illustrate the processes through which the information owner and their communities establish the right to access private records, the processes for creating the Personal Vault and assigning specific access controls, activities related to using the information contained in the Personal Vault to help the information owner to reach planned objectives, and processes for management of the Personal Vault.
  • The high-level process steps associated with the invention include, [0113] step 1000 which represents those activities completed for registering Navigators and Third Party communities with an independent controlling authority, referred to as the “Personal Vault Authority”, to obtain a secure access Community key and be ready to interact with Vault Owners' records, when authorised by the Vault Owner to do so. Step 2000 represents the processes through which individuals or companies work with Navigators to understand the benefits of a Personal Vault, and presents activities for clients to register with the Personal Vault Authority to get a secure access Owner's key and to create a Vault Owner's active Vault ready to populate with data. Step 3000 represents the processes by which Vault Owners will interact with the Personal Vault Authority to assign Vault access and management controls and enter details of participating Navigators and/or Third Party data suppliers, to provide for their interaction with the Owner's record, and to load their source data. Step 4000 represents those activities by which Vault Owners work with Navigators to understand the need for a Plan to achieve a stated objective, to undertake a needs analysis based upon the Owner's source records, and to load a Navigator-specific decision tree planning template to produce a customised plan. Step 5000 represents those activities by which Vault Owners work with Navigators to complete planned decision tree steps, with the measurement of performance against targets leading to the attainment of milestones, after which the Navigator establishes and manages further activities to achieve planned outcomes. Step 6000 represents those activities by which all parties manage their respective interfaces with the individual's Personal Vault, including periodic and on-demand refreshment of source data, provision for correcting or annotating a record, revising Vault management permissions, and terminating or archiving records.
  • FIG. 3 illustrates the processes by which Navigators and Third Party communities register with an independent controlling authority, referred to as the “Personal Vault Authority” or “Vault Authority”, to get a secure access Community key and be ready to interact with Vault Owners' records, when authorised by the Vault Owner to do so. In a particularly preferred embodiment, the Navigator will be an individual, but the invention recognises that the Navigator may equally be a specialised diagnostic computer application or other interactive resource that the individual or company may use to reach their goal. Where the Navigator is other than human, the Navigator application will have undergone compliance reviews and accredited approval in a manner similar to that outlined in the steps below prior to its implementation. [0114]
  • At [0115] Step 1001, the Navigators and associated advice providers, referred to below as “applicants”, become aware of the existence of the Personal Vault service through various marketing communications and promotional efforts undertaken by the Personal Vault Authority and other interested parties.
  • At [0116] Step 1002, the applicant registers their interest in interacting with their clients' records contained in the Personal Vault. In a preferred embodiment, registration will occur using a Vault Authority-sponsored website and its secure online application routine, using registration routines embedded within industry-specific software, or through a hard copy form completed and returned to the Vault Authority. Information contained in the application will include the applicant's name and contact details, their identity details (normally comprising an industry-specific approval number determined by the industry's licensing or controlling authority, or “reference source”), and details of the technology being used to access the Personal Vault, so that the appropriate key interface may be delivered. Where the applicant does not have a formally authenticated industry-specific approval number, the applicant must provide sufficient reference source details to the Vault Authority to prove their identity.
  • At [0117] Step 1003, the Vault Authority acknowledges receipt of the application and at Step 1004 confirms the details of the application with the reference sources provided on the application. Where all details are confirmed as correct, the Vault Authority approves the application. If details contained in the application are not sufficient to confirm the applicant's identity, the Vault Authority rejects the application and asks the applicant to re-apply or provide additional information.
  • At [0118] Step 1005, and after the application has been approved, the Vault Authority issues the applicant with an inactivated Personal Vault Community access key, software for installation, and instructional materials.
  • [0119] Steps 1006 through 1008 refer to the steps through which the applicant installs the access key software and refers to the instructional materials to understand how to interact with a client's private data as contained in their Personal Vault. The applicant installs the software and completes the training at Step 1006, and at Step 1007 contacts the Vault Authority to indicate they are ready to be tested for accreditation. The Vault Authority schedules the accreditation at Step 1008 and at Steps 1009 and 1010 reviews the applicant's ability to work with the Personal Vault in the approved manner. If the applicant passes accreditation at Step 1011, the Vault Authority registers the applicant at Step 1012 as an authorised participant, and activates the Community key at Step 1013, as issued earlier at Step 1005. The applicant is notified of acceptance, in a preferred embodiment, by e-mail at Step 1014. If the applicant fails the accreditation review at Step 1011, the applicant must undergo further training and another accreditation review at Steps 1006 through 1011.
  • FIG. 4 illustrates the processes through which consumers, individuals or companies, referred to below as “clients” or “users” work with approved Navigators to understand the need for a Personal Vault, and presents activities for clients to register with the Personal Vault Authority to get a secure access Owner's key and to create a Vault Owner's active Vault ready to populate with data. [0120]
  • At [0121] Step 2001, a “trigger event” makes a client aware that an activity must be completed and that expert help is required. For example, such an activity may be awareness of a need to plan for retirement, to lose weight or to manage the business' cash flow performance.
  • At [0122] Step 2002, if the client does not have a specialist adviser, they will determine a selection of potential advisers, or “Navigators”, that may be capable of helping to resolve their objective and will select their preferred Navigator. The client considers the service offer and value propositions made by prospective Navigators (either human or otherwise) at Step 2003.
  • An integral part of the Navigator's value proposition will be the benefits for establishing and interacting with a Personal Vault as part of a complete and integrated service offer. On this basis and for other reasons, the client selects their preferred Navigator at [0123] Step 2004. If this has not been completed in sufficient detail as part of the presentation of value propositions, the Navigator promotes the need for a Personal Vault with their client at Step 2005.
  • If the proposition to create a vault is acceptable to the client at [0124] Step 2006, the client completes an application form at Step 2007. The application form is necessary to establish the identity of the client as owner of the information to be contained in their Personal Vault, and to establish an access mechanism embodied in a secure access key. The application form, at a minimum, will include collection of identity details, ideally with each detail bearing a point score based upon their level of security and where an acceptable score meets or exceeds a threshold value. The form will also provide for the nomination of proxies who may act upon the client's behalf and will provide the proxy's identity details (as above). The application form will also provide for details of the nominated Navigator and other known third party participants, and provide for conditions of access and consent to interact with the client's private information. Access details provided in this way will be confirmed upon establishment of the Vault, and will be modifiable by the client at any time (see FIG. 5).
  • The Navigator, on behalf of the Vault Authority and acting as instructed as part of the Navigator accreditation process (at Steps [0125] 1006-1011), will confirm the client's application details at Step 2008. Once confirmed, the Navigator compiles and delivers a Welcome Kit to the client at Step 2010. At a minimum, the Kit will restate the value propositions surrounding creation of the Personal Vault, confirm the client's expressed needs and designated consent, present instructions for using the Personal Vault, how to provide additional access to Navigator communities, how to get further help and details of next steps in the vault establishment process.
  • The Navigator delivers the completed client vault application form to the Vault Authority for processing at [0126] Step 2011, and the Vault Authority processes the application at Step 2012. An outcome of this step will be the establishment of the client's Personal Vault at Step 2013. At this stage, and until access protocols have been initiated, the vault is dormant and inactive. The Vault Authority contacts the client by mail and confirms establishment of their vault, and delivers a deactivated access key, with activation and deactivation instructions, at Step 2014.
  • At [0127] Step 2015, the client receives the vault establishment information, and follows the instructions to activate their access key. As part of the activation routine, at Step 2016, the Vault Authority authorises and activates the client's Personal Vault and then activates the client's access key, including activation of access permissions by nominated Navigator communities, at Step 2017. The activated vault is ready to populate with information at Step 2018.
  • Once the client's Personal Vault has been activated, both the client and nominated Navigator communities are notified at [0128] Steps 2019 and 2020. In a preferred embodiment, this notification occurs by e-mail or other electronic means.
  • FIG. 5 illustrates the processes by which Vault Owners will interact with the Personal Vault Authority to assign Vault access and management controls and enter or change details of participating Navigators and/or Third Party data suppliers, to provide for their interaction with the Owner's record, and to load their source data. [0129]
  • At [0130] Step 3001 the client uses their activated access key and personal computer to log in and enter their vault. At Step 3002 attempted access will be recognised and validated by the Vault Authority or other nominated access security provider, and if approved, and in a particularly preferred embodiment, at Step 3003 the client's computer will display an opening menu screen for the vault, confirming the client's identity and offering a series of hierarchical menus. At Step 3004 the client will select the menu item for entering and changing preferences for vault management.
  • At [0131] Step 3005 the client refers to the identity details of their Navigators and third parties as contained in the Navigator's welcome kit, delivered at Step 2010, and enters their details at Step 3006.
  • An automated routine recognises the client's Navigator and the relevant role (Accountant, doctor, etc.) and links them to access and management controls within the vault at [0132] Step 3007. The access conditions tailored to specific roles are displayed on the client's personal computer at Step 3008, selected by the client at Step 3009, and communicated to and recorded by the Personal Vault at Step 3010.
  • Once selected, at [0133] Step 3011 the client's personal computer all nominated participants and selected access roles, for the client's reference. If approved, the client accepts all changes at Step 3012, and changes are updated in the Personal Vault at Step 3013.
  • The process is repeated for all additional Navigator and participating third parties, at [0134] Step 3014, and returns to Step 3006. At Step 3015, the Vault Authority confirms to the client all nominated Navigators, third parties and associated access controls.
  • Once the Personal Vault has been established, activated and all participants given the appropriate levels of access and authentication, the vault is ready to be populated with the client's data and used by all nominated participants. The client instructs their Navigator to load their source data to the client's vault at [0135] Step 3016, which is done at Step 3017 and recorded in the client's vault at Step 3018.
  • Such access controls will activate privacy consent and nominate situations and conditions covering access to the client's vault. [0136]
  • FIG. 6 illustrates those activities by which Vault Owners work with Navigators to understand the need for a Plan to achieve a stated objective, to undertake a needs analysis based upon the Owner's source records, and to load a Navigator-specific decision tree planning template to produce a customised plan. [0137]
  • At [0138] Step 4001, the client responds to a trigger event and contacts their Navigator. This may be an extension of the reason for contact established at Step 2001, or it may relate to a new trigger event.
  • The client meets with the Navigator at [0139] Step 4002 and together they determine the client's goals and objectives (weight loss, retirement planning, etc). At Step 4003 the Navigator will commonly recommend the creation of a plan to reach the client's goals and will secure their permission to do so.
  • In a particularly preferred embodiment, role-specific planning tools and templates will be developed by industry specialists; resulting best practice models that will be integrated within the Personal Vault data processing protocols and will interact with and draw from client data contained in the client's vault. [0140]
  • At [0141] Step 4004 the Navigator uses their Community key to open the client's Personal Vault. The vault recognises the Navigator and their role and displays the relevant role-centric opening menu of services at Step 4005. The Navigator selects the “planning” service from the menu at Step 4006, and the vault returns a planning template tailored to the Navigator's specific role at Step 4007.
  • The Navigator refers to the planning template and uploads all relevant role-centric client records at [0142] Step 4008, drawing from the client's vault at Step 4012. If the template requires additional 3rd party information, this information is sought and delivered at Steps 4009 through 4011.
  • Once all available client records have been sourced, the respective template is populated with information at [0143] Step 4013. The Navigator then completes a client needs analysis (at Step 4014) by referring to a role-centric needs analysis questionnaire delivered by the respective template contained in the vault (Step 4015), and by information provided from the client during direct discussions (Step 4016).
  • Based upon the information provided, at [0144] Step 4017 the Navigator assesses the client's performance in key areas against Pareto expectations, representing the range of measures that would be expected for that individual (with respect to age, sex or other characteristics) or business segment (industry, scale, etc.). The Navigator then creates a Plan to achieve the desired target at Step 4018, and determines the activities and milestones required to reach the desired target.
  • Incorporated with the planning tools linked to the Personal Vault are activity-centric decision trees. As the client performs activities within their personalised plan, the path taken to reach their objective is determined by responses provided to questions posed by the Navigator and by the measurable results obtained when completing certain tasks. Completing scheduled activities eventually leads the client to a critical juncture, or “gate”. At that point the client cannot proceed until their Navigator reviews their performance and directs them down the next decision tree path. This process is repeated until the client reaches their intended goals. The decision tree model is first used by the invention at [0145] Step 4019, and is illustrated on FIG. 7, Step 5023.
  • At [0146] Step 4019 the Navigator loads the relevant role- (i.e. doctor) and ctivity-centric (weight loss) decision tree template to the plan, drawn from the vault (Step 4020).
  • As a final plan preparation step, the Navigator modifies the plan for non-generic decision tree activities at [0147] Step 4021.
  • The Navigator now finalises and presents the tailored plan to the client at [0148] Step 4022, and the client approves the plan at Step 4023.
  • FIG. 7 illustrates those activities by which clients work with Navigators to complete planned decision tree steps, with the measurement of performance against targets leading to the attainment of gated milestones, after which the Navigator establishes and manages further activities to achieve planned outcomes. [0149]
  • At [0150] Step 5001 the Navigator uses their Community key to enter their client's vault, and review their progress against plan. The vault displays a role-centric main menu at Step 5002, presenting the client's plan.
  • If a newly created plan (Step [0151] 5003) the Navigator meets with the client and reviews their objectives and background information at Step 5004. As a result of this meeting, at Step 5005 the client understands their plan objectives, the activities to be undertaken and the measures of success required. This background information is displayed on the client's personal computer through their vault at Step 5006.
  • As defined above, at [0152] Step 4019 and illustrated at Step 5023, activity-centric decision trees are incorporated within the planning tools linked to the Personal Vault. The Navigator will commence each major planning activity by choosing and storing a client's plan activity in the decision tree template, at Step 5007, and referred to in the vault at Step 5008.
  • Under the direction of the Navigator, the client does the first (or next) plan activity contained within the decision tree template ([0153] 5009). Completion of the activity will be supported through instructions and information displayed on the client's personal computer, at Step 5010. Provision is also made in the invention for the Navigator to measure and record the client's indicators of actual performance to planned Pareto targets, at Steps 5011 and 5012 respectively, and for the information to be recorded in the client's Personal Vault at Step 5013.
  • The Navigator monitors the client's results contained in their vault and determines if a milestone gate has been achieved (at Step [0154] 5014). If a milestone gate has been achieved, the Navigator directs the client to the next activity to reach their goal. If there is a shortfall in achieving the milestone, the Navigator determines the reason for this at Step 5015, and recommends at Step 5016 an alternate course of action to reach the milestone gate.
  • The Navigator monitors progress to the achievement of the client's goal, after progressing through all decision tree branches. If a gate has been achieved but the plan goal has not (Step [0155] 5017), at Step 5018 the Navigator chooses and stores the next plan activity in the client's vault, selecting from a range of options in the decision tree template (Step 5019). The Navigator then instructs the client to proceed to the next uncompleted plan activity specified in the decision tree template (Step 5020).
  • If and when the client achieves their ultimate plan objective, at [0156] Step 5021 the Navigator notifies the client of their achievement, confirming the result during a visit or by electronic means at Step 5022.
  • FIG. 8 illustrates the remaining components of the invention not reflecting a linear client-Navigator workflow process. The steps illustrate the aspects through which all parties manage their respective interfaces with the individual's Personal Vault, including periodic and on-demand refreshment of source data, provision for correcting or annotating a record, revising Vault management permissions, and terminating or archiving records. [0157]
  • [0158] Steps 6001 through 6005 refer to the refreshment of data held by Navigators or third parties in their local files, into the client's Personal Vault. At Step 6001 the client nominates the data refresh periods (daily, weekly or as appropriate), or activates an “on demand” refresh routine programmed into the software. This step is likely to occur when the client establishes their vault access controls at Step 3006, or when a desired refresh period has changed. The Navigator or third party service provider does the new activity at Step 6002 and collects and enters new data to their local file, at Step 6003. The vault, responding to the nominated or on demand refresh command, enquires the Navigator or third party's local file and gains access to local client- and Navigator-nominated data.
  • [0159] Steps 6006 and 6007 refer to the identification of errors and their correction, and to the entry of notes to the record. At Step 6006, the client (or Navigator) identifies possible errors in their record, or seeks an explanation about details contained in their record. At Step 6007 the Navigator or third party enters the client's vault using their community key and reviews the entry. The Navigator either corrects it in their local file or enters an explanatory note to the client's vault. Where a change is made to the local record, data is refreshed through the routines described in Steps 6001 through 6005.
  • [0160] Steps 6008 through 6013 refer to the routine management of the record, relating to the revision of file management functions. At Step 6008, the client may wish to change an aspect of their vault management functions or permissions. The client enters their vault at Step 6009 and, referring to the main menu, selects the vault preferences function. The desired change is selected, which may relate to changing Navigator or third party access permissions, changing proxy access, rendering all or portion of record temporarily or permanently inactive, archiving or destroying records and other instructions.
  • The vault sends the request to the Personal Vault Authority at [0161] Step 6010, which checks the validity of the request, and if approved, processes the nominated change or instruction at Step 6011. Revisions to vault management preferences are entered to the vault at Step 6012 and confirmed to the client at Step 6013.
  • FIG. 9 shows the concept of the Value Exchange as applied to a particular embodiment, in this case the Financial Services industry. [0162]
  • FIGS. [0163] 10 to 14 illustrate a further embodiment of the invention, in which the secure repository will be referred to as a “Personal Vault”. In addition, a scenario is depicted wherein a sharing facility is established and tailored for a first user to enable second users to access their personal data. As part of this scenario, a first user is introduced to the concept of a “solutions plan” that may be effected as a result of the ability of permitted second users efficiently accessing personal data of the first user.
  • With reference to FIG. 10, a diagrammatic representation of the steps included in creating a Personal Vault is provided. [0164]
  • [0165] Steps 100 may be sub-divided into steps 110 to 140. At step 110, an individual agrees to participate in the Personal Vault.
  • It is expected that individuals will become aware of the benefits of creating a Personal Vault and using it to provide information to suppliers or other community members. This awareness is likely to occur through interaction with a professional partner such as a financial adviser, health care provider, a trusted independent source or by way of direct marketing. [0166]
  • Partners able to provide value-added services requiring access to personal data of an individual, for the purposes of achieving planned goals, and are referred to in this description as a “Navigator”. This process is depicted as [0167] step 111 wherein an individual and their Navigator obtain information regarding the facility of a Personal Vault and the Navigator advises with respect to the benefits for the individual in arranging a Personal Vault for sharing items of their personal data.
  • At [0168] step 112, the individual agrees to proceed and contracts to create a Personal Vault and receive the service. Depending upon the application, this contract may be as simple as verbally providing consent for a free service to the individual, or it may involve a fee-based agreement, supported by a formal contract of activities to be performed by all parties. Due to the complexity of the services and the nature of the personal information contained in the Personal Vault, this step is likely to involve a written, formal agreement, or an online application evidenced by an authentication routine and digital signature.
  • At [0169] step 113, it is likely that a fee will be paid to a Personal Vault Administrator to cover the cost of maintaining records for each new participant and to provide a margin to the Administrator. Depending upon the relationship and the Personal Vault data application, this fee will either be paid by the individual for whom the Personal Vault is being created, or by the Navigator as part of their service to the individual.
  • Once an individual agrees to participate and enters into either an informal or formal supply agreement, the he or she will receive Personal Vault tools and information from the Administrator (or Navigator, as appropriate) as depicted at [0170] step 120. Step 121 refers to a Welcome Kit, likely to contain a welcome letter from the Personal Vault Administrator and/or Navigator. It is likely to contain further details of Personal Vault functionality and service agreements.
  • Along with information contained in the welcome kit will be specific instructions, depicted as [0171] step 122, for contacting the Personal Vault Administrator for installation and operational support. As part of this step, additional information may also be supplied for initialising a software program and logging on to the Personal Vault support and operations network. Operating instructions and interface templates may be provided through a secure Personal Vault administration web site.
  • At [0172] Step 123, a Security Provider, a separate entity from the Personal Vault Administrator, may deliver an inactivated access key, along with instructions for activation and use.
  • At [0173] Step 124, the individual follows the instructions to access the Administrator's secure Web site. This web site may include pre-defined templates that enable the individual to determine and select which community members may have access to their personal information. The templates may dictate what information can be provided to whom and under what circumstances. Templates may be used during subsequent activation steps.
  • [0174] Activity 130 relates to the steps needed to activate the individual's Personal Vault. At Step 131, the individual follows the instructions delivered by the Security Provider (Step 132) to activate the security key. This routine is envisaged to be similar to activating a PIN associated with a credit card or EFTPOS card.
  • At [0175] step 133, once the individual activates the Personal Vault access key, he or she may select and activate access for other users and nominate the conditions under which access will be permitted, following the instructions provided at Step 124. This activation routine may occur using the Personal Vault Administrator's secure Web site. The individual may change nominated access preferences at any time.
  • In [0176] step 134, the individual uses the Administrator's secure Web site to activate access rules provided for in Step 124.
  • In [0177] step 135, the Personal Vault Administrator activates selected preferences chosen by the individual. These selected preferences are expected to become available immediately and be recorded in a master file associated with the individual.
  • At [0178] Step 136, an individual may create a Personal Vault for a specific purpose, for example, to manage their personal and business finances. The initialisation process will identify any intent in this regard, and will install purpose-specific templates for data capture, manipulation and reporting.
  • To this stage, other users have not been involved in any of the method steps and are unaware of the individual's activities in creating a Personal Vault. The Administrator may notify those other users. [0179]
  • [0180] Step 140 relates to the insertion of data into an individuals Personal Vault, so that the individual's data can be used to achieve intended outcomes. Step 141 ensures that a Navigator has been identified and has agreed to participate to provide a service for the individual. Whilst an intended outcome has been assumed in earlier steps, it is required at this stage prior to the execution of subsequent steps of the method. If existing professional service providers are unwilling to participate in the Personal Vault program, at Step 142 the Personal Vault Administrator may provide the individual with a directory of participating Navigators or may introduce these suppliers to the individual.
  • At [0181] step 143 the individual delivers historical files and records to the Navigator for insertion into the Personal Vault, where they are downloaded by Personal Vault data capture protocols into the Personal Vault at step 144.
  • It is expected that an individual's files will appear in a variety of digital and conventional formats. Before they can be used intelligently by the Personal Vault, the Navigator (through routines developed by the Personal Vault Administrator) may need to translate the record into a commonly readable format at [0182] Step 145. Further, before other Navigators in the community can source and use this data, it must be recognised by their systems. In the preferred embodiment, the Personal Vault Administrator ensures that the records of all potential individuals can be captured and translated, and can be communicated with all potential service providers.
  • Paper-based records such as a last will and testament and other legal documents may be converted for storage in a digital format by the Navigator at [0183] Step 146. The decision to include such documentation will rest with the individual.
  • At [0184] step 147, once all information has been downloaded and a Personal Vault file created, the individual and Navigator(s) review contents of the Personal Vault to ensure all records are present and correct. Where necessary, information may need to be re-submitted or corrected by information providers.
  • At [0185] Step 148, an individual may wish other community providers to know that a data file has been created and that a Personal Vault exists. Within strict constraints, as outlined in the contract of service and nominated access provisions, either the individual or the Navigator (when specifically permitted by the individual) may notify other users and service providers of the existence of the Personal Vault.
  • FIG. 2 is a diagrammatic representation of the steps included in creating a solution plan for an individual. [0186]
  • Once a Personal Vault has been created and populated with content in a commonly useable format, Navigators can begin to use the individuals personal information to perform services required by the individual. Step [0187] 200 relates to use of information residing in the Personal Vault to create a Solutions Plan and to monitor performance outcomes contained in the Personal Vault to guide the individual with respect to the achievement of milestones or completion of planned activities. Step 200 may be sub-divided into steps 210 to 234.
  • The Navigator and individual agree to create a solutions plan at [0188] step 210. At Step 211, the individual becomes aware, independent of the Navigator, of the need to reach a desired outcome, or of an activity that needs professional input to complete. At this stage, the individual contacts the Navigator for help. Step 212 indicates an alternative to step 211, where the individual's established Navigator (with Personal Vault access) receives an alert from a diary program that an activity will need to be completed soon, or that a value being reported in the Personal Vault has reached a predetermined value.
  • At this stage, the Navigator and individual agree that intervention is required, the intervention being formalised by a Solutions Plan. The complexity of the plan will be determined primarily by the sets of data required, the outputs involved and the other users to which the outputs will be delivered. At [0189] Step 213, the Navigator reviews all source data contained in the individual's Personal Vault, and at Step 214, identifies the individual's core needs and introduces value proposition(s) as to why a Solutions Plan is required.
  • Through contact with the Navigator, at [0190] Step 215, the individual becomes aware of the need to achieve an outcome through the creation of a solutions plan. At Step 216, the individual agrees to proceed with the plan and contracts with the Navigator to proceed. In most professional service relationships, authorisation to proceed will involve payment of an establishment fee, this is depicted at Step 217. If appropriate for longer-term projects, there may also be service or progress fees payable to the Navigator.
  • The individual and Navigator work together at [0191] step 220 to establish goals for the solutions plan(s), drawing from information contained in the Personal Vault. Generally, at Step 221, the individual and Navigator would meet and discuss the condition or historical performance, leading up to awareness of the need for a solution. At step 222 the Navigator uses information from this discussion to enter details to a diagnostic template. At Step 223, the Navigator sources historical Personal Vault data and adds new information gained from the discussion with the individual to the diagnostic template. This will generate an interim report on the background or condition, matched against historical performance and benchmarks such as an industry's financial performance or average health indicators for the individual's age group.
  • At [0192] Step 224 the Navigator and individual discuss the interim report findings and identify adverse trends or shortfalls to benchmark. Once identified, at step 225 they discuss the potential reasons for any shortfalls. A key element of the planning process at this stage involves the presentation of achievable targets, derived from benchmarks (Step 226). Assuming that information is available from various Personal Vaults for various individuals in similar industries or age groups, benchmarks may be established. This assumes that the information has been shared by all the other individuals and collated and analysed by another permitted user.
  • At [0193] step 227, the Navigator communicates the activities required to achieve the plan target(s). These activities are likely to be derived from industry-specific sources, and have a record of success without adverse risk to the individual.
  • [0194] Step 228 involves the individual understanding the Plan steps required and committing to creating and following a Solutions Plan.
  • The Solutions Plan is activated at [0195] step 230. This step commences at step 231, where the individual's relevant Personal Vault data is accessed and structured so that it conforms with planning templates (the template defines which items of personal data the service provider is able to access). The Personal Vault data is then loaded to the planning templates.
  • The planning templates may include functions that generate a formal Solutions Plan at [0196] Step 232. The Navigator presents the Plan to the individual. At Step 233, the individual agrees the Plan approach, including targeted milestones, outcomes and reporting activities. Once agreed and commenced, the Plan is deposited into the Personal Vault at Step 234.
  • The individual completes the Plan activities and works to its milestones in [0197] step 240.
  • [0198] Step 241 has the individual starting with the first planned segment or activity contained in the Plan.
  • At [0199] step 242, the individual purchases and uses the product or service suggested in the Plan, that is proposed to achieve the milestone.
  • At [0200] Step 243 the individual inputs the results of using the product or service into their Personal Vault, either indicating measurable results or subjective observations about progress.
  • At [0201] Step 244, the Navigator or other nominated representative monitors the results being indicated in the individual's Personal Vault against Plan targets.
  • At [0202] Step 245, where there are shortfalls to any planned target, the Navigator or delegate meets with the individual and discusses the reasons for any shortfall. During this time, at Step 246, the Navigator offers alternative products or services that may meet the objective, if it is agreed the earlier course will not meet the goal.
  • At [0203] 247, and assuming the individual meets their planned goal, the individual and Navigator celebrate the achievement. The scale of this activity will be commensurate with the effort taken and value of the relationship.
  • At [0204] 248, the Navigator records the achievement of the Plan outcome in the individual's Personal Vault.
  • [0205] Step 300 relates to the monitoring of a solution plan and other outcomes indicated in the Personal Vault. Step 300 may be sub-divided into steps 310 to 333.
  • [0206] Step 310 includes the steps for working to Plan milestones. At Step 311, the individual commences with the first planned segment or activity. This will generally involve direct counselling with the Navigator, at step 312, but may be described in written or other instructions contained in the Plan.
  • In retail environments, the plan activities may involve the purchase of products or services that support achievement of the objective. In this instance, the individual may purchase and use products or services at [0207] Step 313. The individual will then complete or practice activities as outlined in the Plan at Step 314, using the products or services purchased in the previous step.
  • During the course of using the product or service purchased, or completing the planned activity, in [0208] Step 315 the individual inputs data to their Personal Vault. Where there is regular communication with the Navigator during the process, the Navigator may post the results.
  • [0209] Step 320 involves the Navigator monitoring the individual's results and correcting shortfalls to reach the target. While the individual is completing Plan activities, the Navigator will monitor progress toward outcomes through the individual's Personal Vault (step 321). The Navigator may diarise regular access, or may be requested to do so by the individual. There may even be an alert that automatically appears in the Navigator's system when a positive or negative performance threshold is reached.
  • At regular intervals, the Navigator will meet with the individual to discuss progress and to identify the reasons for any shortfall (Step [0210] 322). If products or services acquired as part of the plan have not helped to achieve planned milestones, at Step 323 the Navigator may suggest alternative activities. This may involve an offer of new products or services for purchase, either through the Navigator or through another source (step 324). The plan completion activities outlined from Step 311 through 324 are repeated until a satisfactory outcome is achieved.
  • [0211] Step 330 involves the communication of either success or failure to meet the target. Ideally, at Step 331, the Navigator identifies the achievement of the interim or complete Plan outcome. Regardless of success or failure, both the individual and Navigator may record details relating to the completion of the Plan in the individual's Personal Vault in Step 332. Where appropriate, the individuals success is communicated to them at Step 333 and potentially, the result may be communicated to other interested parties within a community permitted to receive such communications.
  • [0212] Step 400 relates to the sharing aspects of the individuals personal data in the Personal Vault. Step 400 may be sub-divided into steps 410 to 442. Step 410 involves the nomination of other users or community partners to gain access to the individual's Personal Vault and personal information.
  • At [0213] Step 411, the Navigator identifies potential suppliers or users of the individual's Personal Vault data. If the individual is a small business owner and the Navigator is his or her Accountant, potential suppliers may include banks, investment brokers, insurers, superannuation providers and others in the financial services industry.
  • Once a class of suppliers or users have been identified, the Navigator may work with the individual to nominate partner companies and people within each company at [0214] Step 412.
  • At [0215] Step 413, the Navigator will create or work from a standard template indicating a range of access rules by which other users will be able to access the data in an individual's Personal Vault. It is most likely that data access templates will be constructed by the Personal Vault provider and industry authorities.
  • Once a template has been developed, at [0216] Step 414, the individual nominates selected access preferences. This is completed by way of a secure electronic form, transmitted to the Navigator, Personal Vault authority and Security Provider.
  • In some instances, community partners may need to enter into supply contracts in [0217] Step 415, committing to comply with rules of access.
  • At [0218] step 420, community partners are connected to the individual's Personal Vault. At Step 421 the Navigator (or Personal Vault authority) may send an Induction Kit to nominated community members, if the member is unaware of the program. The Kit will be similar to that sent to the individual at Step 121, but tailored to the community member, and will likely contain an inactivated security key offering a higher level of authentication than the individual's key.
  • At [0219] Step 422, the Navigator (or Security Administrator) ensures that the community member's access security is compliant with that of the Personal Vault to ensure that access to the individual's records is performed in a secure manner. In addition to this, the Navigator (or Security Administrator) will ensure at Step 423 that the users have been nominated, and have received and can follow secure access routines, and use the security key correctly. This will be demonstrated by receiving accreditation for access to the Personal Vault.
  • At [0220] Step 424, community partners will determine the required data and reporting formats in which to obtain data from, and supply data to, the Personal Vault. The Navigator will also discuss and action any other partner reporting requirements at Step 425.
  • Upon completion of [0221] step 425, the Personal Vault Administrator is ready to activate the partner connection. The Administrator may install an industry-specific data interface to translate Personal Vault data to the required reporting format at Step 426. Working from selected preferences identified at Step 413, the Administrator will also activate preferences for selective access rules at Step 427. Finally, the Administrator will activate and verify access by the nominated community member to the individual's nominated fields in the Personal Vault (Step 428).
  • Once installed, community members can access and share nominated Personal Vault data as depicted in [0222] step 430. This step is likely to commence at Step 431, with a community member receiving an online alert or other notification that a Navigator or individual wishes to receive a product or service. The Navigator or individual may have included details or other instructions regarding the request in a Personal Vault information field. The information field may contain one or more items of personal data of an individual. If so, the community member accesses the Personal Vault and views the notes at Step 433.
  • At [0223] Step 434, the community member extracts the data they require from the Personal Vault. The data will be communicated in the desired format, in accordance with the templates established earlier at Step 426. At Step 435, the community member will then use the personal data of the individual to deliver the product or service as contracted in Step 415.
  • It is important to maintain control with respect to community access to the individual's personal data as depicted at [0224] step 440. At Step 441 the Security Provider audits access records for unauthorised entry and takes action with respect to any unauthorised attempt to access the personal data of an individual. The Security Provider sends a regular report to the Navigator and individual, as contracted, in Step 442.
  • [0225] Step 500 of the method relates to the closing of a Personal Vault and the handling of the personal data in a secure manner.
  • In [0226] Activity 511, the individual decides to close their Personal Vault record. This may be instigated by an individual, or may be instigated by a custodian who closes the record on an owner's behalf (such as in the event of death).
  • At [0227] Step 512, the individual (or custodian) advises the Navigator of the intent to close the record. If appropriate, the Navigator may determine the reason for the closure and seek to correct any shortcoming (513 and 514). If the individual still wishes to close the Personal Vault record, he or she confirms their intent and provides instructions for closure at Step 515.
  • [0228] Activity 520 details the steps for removing access. At 521, the individual informs the Security Provider (preferably in writing) to close the record. At 522, the Security Provider removes access to all, or part of, the individual's record in accordance with the instructions. The Security Provider advises, at Step 523, all relevant connected communities affected by the closure of the record.
  • The Personal Vault records are filed or destroyed following the individual's instructions at [0229] Activity 530. At Step 531, the Security Provider returns, archives or destroys the record as instructed. Subsequent to, or concurrent with this action, at Step 532, the Security Provider seeks return of all security keys from the individual and from any connected parties, if necessary. The activity ends at 533 with confirmation by the Security Provider of the action, providing a final report of closure to the individual.
  • It will be appreciated by persons skilled in the art that numerous variations and/or modifications may be made to the invention as shown in the specific embodiments without departing from the spirit or scope of the invention as broadly described. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive. [0230]

Claims (100)

What is claimed is:
1. A method for providing advice and/or services to a consumer the method including the steps of:
the consumer storing relevant personal data in a secure repository connected to a data communications network;
the consumer specifying items of personal data in the secure repository that are to be accessible to at least one authorised advice provider;
an authorised advice provider accessing the consumer's available items of personal data across the data communications network upon provision of necessary authentication;
the advice provider analysing the items of personal data to determine the advice for the consumer;
the advice provider depositing information into the consumer's secure repository across the data communications network, said information representing the advice provided to the consumer; and
the consumer accessing the information deposited into their secure repository to review the advice.
2. A method for providing advice and/or services to a consumer the method including the steps of:
the consumer authorising a trusted entity to store the personal data of the consumer into a secure repository connected to a data communications network and to manage the release of that data;
the consumer and/or trusted entity specifying items of personal data in the secure repository that are to be accessible to at least one authorised advice provider;
an authorised advice provider accessing the consumers available items of personal data across the data communications network upon provision of necessary authentication and when executing computer instructions code for accessing the personal data that has been pre-approved by the trusted entity; and
the advice provider analysing the items of personal data to determine the advice for the consumer.
3. A method according to either claim 1 including the step of the consumer specifying a plurality of advice providers that can access an item of personal data.
4. A method according to either claim 1 including the step of advice providers accessing at least one item of personal data of a consumer by executing at least one segment of computer instruction code.
5. A method according to claim 4 wherein the segment of computer instruction code is pre-approved by a consumer for accessing a consumers secure repository of personal data.
6. A method according to claim 5 wherein the computer instruction code executes functions with respect to the items of personal data in a consumer's secure repository, the computer instruction code providing results of the executed function to advice providers.
7. A method according to either claim 1 wherein advice providers access information relating to advice previously deposited by the adviser in a consumer's secure repository.
8. A method according to either claim 1 including the step of the consumer specifying which deposited information in their secure repository may be accessed by advice providers.
9. A method according to either claim 1 wherein the personal data includes data representing the values and/or attitudes of the consumer.
10. A method according to either claim 1 wherein the personal data includes an expression of at least one of the consumer's personal goals that they intend to achieve over a specified period of time.
11. A method according to claim 10 wherein the consumer's goals are prioritised by the consumer.
12. A method according to either claim 1 wherein the personal data includes an expression of the consumer's preferred outcomes over a specified period of time.
13. A method according to claim 12 wherein the preferred outcomes are prioritised by the consumer.
14. A method according to claim 9 wherein advice providers access personal data relating to at least one of the consumer's values, attitudes, personal goals and/or preferred outcomes in order to provide advice taking into account these particular aspects of the consumer's personal data.
15. A method according to claim 14 including the step of:
the consumer authorising an advice provider, as a principal adviser, to act on the consumer's behalf in relation to specifying items of personal data in the consumer's secure repository that are to be made accessible to at least one other authorised advice provider.
16. A method according to claim 15 including the step of:
the principal adviser storing relevant personal data pertaining to the consumer in the relevant secure repository.
17. A method according to claim 15 including the step of:
the principal adviser authorising at least one class of adviser to access a consumer's personal items of data.
18. A method according to claim 15 including the step of:
the principal adviser authorising at least one other advice provider to act for and on behalf of the consumer.
19. A method according to claim 15 wherein the principal adviser authorises a plurality of advice providers to access relevant personal data of the consumer to enable the plurality of advice providers to provide relevant advice to the consumer having regard to at least one of the consumer's values, attitudes, personal goals and/or preferred outcomes.
20. A method according to claim 19 wherein the principal adviser reviews the deposited information in the consumer's secure repository, said deposited information representing the advice provided to the consumer, and conducting an assessment of said advice for and on behalf of the consumer.
21. A method according to claim 20 wherein the principal adviser communicates with at least one of the plurality of the advice providers to resolve any inconsistency considered by the principal adviser with respect to the advice provided by an advice provider considering at least one of the consumer's values, attitudes, personal goals and/or preferred outcomes.
22. A method according to claim 15 wherein the principal adviser retains the consumer's items of personal data in trust, for and on behalf of the consumer.
23. A method according to claim 15 when dependent from claim 2 wherein the principal adviser has authority to access consumer's personal data retained by a trusted entity.
24. A method according to claim 5 wherein the execution of the computer instruction code provides a result to an advice provider without revealing underlying personal items of data.
25. A method according to either claim 1 wherein the authorisation of an advice provider to access a consumer's available items of personal data is effected by a template having at least one pre-defined list of personal data items that are accessible to an authorised advice provider.
26. A method according to claim 25 wherein the pre-defined list of a template is amended by a consumer to re-define the items of personal data that are to be accessible to an authorised advice provider.
27. A method according to either claim 1 wherein consumers specify items of personal data in their secure repository that are to be accessible to authorised advice providers by specifying those items in a filter, said filter establishing conditions that must be satisfied by the advice provider in order for same to be provided access to the specified items of personal data.
28. A method according to claim 26 wherein the consumer authorises the principal adviser to amend and re-define the items of personal data that are to be accessible to an authorised advice provider.
29. A method according to claim 27 wherein the consumer authorise the principal adviser to specify items of personal data in the filter.
30. A method according to either claim 1 including the step of:
recording all instances of access to a consumer's personal items of data in their secure repository.
31. A method according to either claim 1 including the step of:
recording all instances of the depositing of information into a consumer's secure repository.
32. A method according to either claim 1 including the step of:
recording all instances of changes to a consumer's personal items of data in their secure repository.
33. A method according to claim 30 including the step of:
requesting a report of at least one instance of any one or more of the following events:
an instance of accessing a consumer's personal items of data;
an instance of depositing information into a consumer's secure repository; or
an instance of a change to a consumer's stored personal items of data.
34. A method according to claim 30 when dependent from claim 2 wherein the recording and/or reporting of instances is effected by the trusted authority.
35. A method according to either claim 1 including the step of:
the consumer specifying items of personal data in their secure repository that are to be accessible to at least one other consumer.
36. A method according to either claim 1 including the step of:
the consumer specifying items of personal data in their secure repository that are to be accessible to at least one class of other consumers.
37. A method according to claim 26 wherein the template is operable to perform functions on personal data to provide an adviser with information derived from one or more of the underlying items of personal data.
38. A method according to claim 26 wherein the template devolves personal data into information that is presented to an adviser in a pre-defined form.
39. A method according to claim 2 wherein the trusted entity maintains the store of personal data and controls access to the personal data in accordance with regulatory requirements pertaining to the protection of consumers personal items of data.
40. A system for providing advice and/or services to a consumer, the system including:
a secure repository connected to a data communications network for the storage of personal items of data of a consumer;
a means enabling the consumer to specify those items of personal data in the secure repository which are to be made accessible to an authorised advice provider;
means enabling the consumer to identify the advice provider or the class of advice provides to whom access will be provided for those specified items of personal data;
means for authenticating the identity of an advice provider; and
means for enabling authenticated authorised advice providers to access the specified items of personal data of the consumer for which the advice provider has been identified as having permission to access and a means enabling an advice provider to execute computer instruction code that obtains items of personal data from the consumer's secure repository and analysis the items of personal data to generate information that represents advice for the consumer, the computer instruction code also enabling the advice provider to deposit said information into the consumer's secure repository for subsequent access by the consumer.
41. A system for providing advice and/or services to a consumer, the system including:
a secure repository connected to a data communications network controlled by a trusted entity to store personal items of data for consumers:
a means enabling consumers to specify those items of personal data in the secure repository that are to be made accessible to an authorised advice provider:
means enabling the consumers to identify the advice provider or a class of advice providers to whom access will be provided for those specified items for persona data:
means for authenticating the identity of an advice provider; and
means for enabling authenticated authorised advice providers to access the specified items of personal data of consumers for which the advice provider has been identified as having permission to access.
42. A system according to claim 41 including a computing means enabling an advice provider to execute computer instruction code that obtains items of personal data from the consumer's secure repository and analyses the items of personal data to generate information that represents advice for the consumer.
43. A system according to claim 42 wherein the computer instruction code also enables the advice provider to deposit said information into the consumer's secure repository before subsequent access by the consumer.
44. A system according to either claim 40 wherein the secure repository includes a database operable to store and retrieve data in accordance with secure read/write access protocols.
45. A system according to claim 44 wherein the personal items of data belonging to consumers are stored in fields in the secure database.
46. A system according to either claim 40 wherein the means enabling a consumer to specify those items of personal data in the secure repository that are to be made accessible to an authorised advice provider includes a personal computing device executing computer instruction code that causes the items of personal data of the consumer to be displayed and provides a selection means for the consumer to select items of personal data that are stored in the secure repository, the personal computing device being operably connected to a data communications network.
47. A system according to either claim 40 wherein the means enabling a consumer to identify an advice provider or a class of advice providers to whom access will be granted for those specified items of personal data includes a personal computing device executing computer instruction code that causes available advice providers to be displayed to the consumer and provides a selection means for the consumer to select from the list of available advice providers for the purpose of granting access, the personal computing device being operably connected to a data communications network.
48. A system according to either claim 40 wherein the means for authenticating the identity of an advice provider includes a personal computing device operably connected to the secure repository that receives authentication information from an advice provider across the data communications network and determines the identity of the advice provider.
49. A system according to claim 48 wherein the authentication information is a digital security key.
50. A system according to claim 48 wherein the authentication information is a password.
51. A system according to either claim 40 wherein the means for enabling authenticated authorised advice providers to access specified items of personal data of consumers includes a personal computing device executing computer instruction code that identifies the specific items of personal data of a consumer in the secure repository that have been nominated for access by the advice provider, the personal computing device being operably connected to a data communications network.
52. A system according to claim 40 wherein the means enabling an advice provider to execute computer instruction code that obtains items of personal data from the consumers secure repository includes a personal computing device operable to execute computer instruction code that transfers available items of personal data from the secure repository to the personal computing device enabling the advice provider to analyse the items of personal data and generate information that represents advice for the consumer.
53. A system according to claim 52 wherein the items of personal data are transferred to the volatile memory of the personal computing device for a sufficient time to enable the advice provider to complete their analysis of the personal data and generate the information required by a consumer, the information being transferred to the secure repository without the data being stored in the non volatile memory of the personal computing device.
54. A system according to claim 46 wherein the personal computing device executes computer instruction code including a web browser thus enabling the personal computing devices to communicate with each other and the secure repository across the data communications network in accordance with world wide web protocols.
55. A system according to either claim 40 wherein the secure repository includes items of personal data relating to any one or more of the following:
accounting records;
financial records;
health records;
insurance records;
estate records;
values and/or attitudes of the consumer;
personal goals of the consumer; or
preferred outcomes of the consumer.
56. A system according to either claim 40 wherein the secure repository includes a computing device operable to execute computer instruction code to operate a database function, the computing device including additional computer instruction code operable to perform functions on items of personal data belonging to consumers wherein the functions provide results that are transmitted to advice providers.
57. A system according to claim 56 wherein the additional computer instruction code is transferred from an advice provider to the computing device to perform functions relevant to the advice provider.
58. A system according to claim 56 wherein the functions results are provided to an advice provider without revealing details of the personal items of data.
59. A system according to either claim 40 wherein the data communications network is the Internet.
60. A method for providing advice and/or services to a consumer the method including the steps of:
the consumer transferring and storing relevant personal data in a secure repository using a consumer personal computing device connected to a data communications network;
the consumer specifying items of their personal data in the secure repository using the personal computing device thus granting access to those items to at least one authorised advice provider;
an authorised advice provider accessing the consumer's available items of personal data using a provider personal computing device connected to the data communications network, the provider gaining access after transferring the necessary provider authentication across the network;
the advice provider analysing the items of personal data on the provider personal computing device which includes computer instruction code operable to analyse the consumers items of personal data, the provider thus determining the advice for the consumer;
the advice provider operating the provider personal computing device to deposit information into the consumer's secure repository by transferring that information across the data communications network, said information representing the advice provided to the consumer; and
the consumer using the consumer personal computing device to access the information deposited into their secure repository to review the advice.
61. A method for providing advice and/or services to a consumer the method including the steps of:
the consumer operating a personal computing device to authorise a trusted entity to store personal data of the consumer into a secure repository connected to a data communications network and to manage the release of that data;
the consumer and/or trusted entity operating a computing device to specify items of personal data in the secure repository that are to be accessible to at least one authorised advice provider;
an authorised advice provider operating a provider personal computing device to access the consumers available items of personal data across the data communications network upon provision of the necessary provider authentication and when executing computer instructions code for accessing the personal data that has been pre-approved by the trusted entity; and
the advice provider operating the provider personal computing device to analyse the items of personal data to determine the advice for the consumer.
62. A method according to either claim 60 including the step of the consumer operating the consumer personal computing device to specify a plurality of advice providers that can access an item of personal data.
63. A method according to either claim 60 including the step of advice providers operating provider personal computing devices including computer instruction code operable to access at least one item of personal data of a consumer.
64. A method according to claim 63 wherein the computer instruction code is pre-approved by a consumer for accessing a consumers secure repository of personal data.
65. A method according to claim 63 wherein the computer instruction code executes functions with respect to the items of personal data in a consumer's secure repository, the computer instruction code providing results of the executed function to advice providers.
66. A method according to either claim 60 wherein advice providers operate provider personal computing devices to access information relating to advice previously deposited by the advisers in a consumer's secure repository.
67. A method according to either claim 60 including the step of the consumer operating a consumer personal computing device to specify which deposited information in their secure repository may be accessed by advice providers.
68. A method according to either claim 60 wherein the personal data includes data representing the values and/or attitudes of the consumer.
69. A method according to either claim 60 wherein the personal data includes an expression of at least one of the consumer's personal goals that they intend to achieve over a specified period of time.
70. A method according to claim 69 wherein the consumer's goals are prioritised by the consumer.
71. A method according to either claim 60 wherein the personal data includes an expression of the consumer's preferred outcomes over a specified period of time.
72. A method according to claim 71 wherein the preferred outcomes are prioritised by the consumer.
73. A method according to either claim 60 wherein advice providers access personal data relating to at least one of the consumer's values, attitudes, personal goals and/or preferred outcomes and provide advice taking into account one or more of these particular aspects of the consumer's personal data.
74. A method according to either claim 60 including the step of:
the consumer authorising an advice provider, as a principal adviser, to act on the consumer's behalf in relation to specifying items of personal data in the consumer's secure repository for which access will be granted to at least one other authorised advice provider.
75. A method according to claim 74 including the step of:
the principal adviser operating a personal computing device to transfer and store relevant personal data pertaining to the consumer in the relevant secure repository.
76. A method according to claim 74 including the step of:
the principal adviser operating the personal computing device to authorise at least one class of adviser to access a consumer's personal items of data.
77. A method according to claim 74 including the step of:
the principal adviser authorising at least one other advice provider to act for and on behalf of the consumer.
78. A method according to claim 74 wherein the principal adviser authorises a plurality of advice providers to access relevant personal data of the consumer to enable the plurality of advice providers to provide relevant advice to the consumer having regard to at least one of the consumer's values, attitudes, personal goals and/or preferred outcomes.
79. A method according to claim 78 wherein the principal adviser operates a personal computing device to review the deposited information in the consumer's secure repository, said deposited information representing the advice provided to the consumer, and conducting an assessment of said advice for and on behalf of the consumer.
80. A method according to claim 79 wherein the principal adviser operates the personal computing device to communicate with at least one of the plurality of the advice providers to resolve any inconsistency considered by the principal adviser with respect to the advice provided by an advice provider considering at least one of the consumer's values, attitudes, personal goals and/or preferred outcomes.
81. A method according to either claim 60 wherein the principal adviser retains the consumer's items of personal data in trust, for and on behalf of the consumer.
82. A method according to either claim 60 when dependent from claim 62 wherein the principal adviser has authority to access consumer's personal data retained by a trusted entity.
83. A method according to claim 64 wherein the execution of the computer instruction code provides a result to an advice provider without revealing underlying personal items of data.
84. A method according to either claim 60 wherein the authorisation of an advice provider to access a consumer's available items of personal data is effected by computing device including computer instruction code operable to generate a template having at least one pre-defined list of personal data items that are to be made accessible to an authorised advice provider.
85. A method according to claim 84 wherein the pre-defined list of a template is amended by a consumer operating a personal computing device to re-define the items of personal data that are to be accessible to an authorised advice provider.
86. A method according to either claim 60 wherein consumers operate a consumer personal computing device to specify items of personal data in their secure repository that are to be accessible to authorised advice providers by specifying those items in a filter, said filter establishing conditions that must be satisfied by the advice provider in order for same to be provided access to the specified items of personal data.
87. A method according to claim 86 wherein the consumer authorises the principal adviser to amend and re-define the items of personal data that are to be accessible to an authorised advice provider.
88. A method according to claim 87 wherein the consumer authorises the principal adviser to specify items of personal data in the filter.
89. A method according to either claim 60 including the step of:
recording all instances of access to a consumer's personal items of data in their secure repository.
90. A method according to either claim 60 including the step of:
recording all instances of the depositing of information into a consumer's secure repository.
91. A method according to either claim 60 including the step of:
recording all instances of changes to a consumer's personal items of data in their secure repository.
92. A method according to either claim 60 including the step of:
requesting a report of at least one instance of any one or more of the following events:
an instance of accessing a consumer's personal items of data;
an instance of depositing information into a consumer's secure repository; or
an instance of a change to a consumer's stored personal items of data.
93. A method according to claim 89 wherein the recording and/or reporting of instances is effected by the trusted authority.
94. A method according to either claim 60 including the step of:
the consumer specifying items of personal data in their secure repository that are to be accessible to at least one other consumer.
95. A method according to either claim 60 including the step of:
the consumer specifying items of personal data in their secure repository that are to be accessible to at least one class of other consumers.
96. A method according to claim 85 wherein the template is operable to perform functions on personal data to provide an adviser with information derived from one or more of the underlying items of personal data.
97. A method according to claim 85 wherein the template devolves personal data into information that is presented to an adviser in a pre-defined form.
98. A method according to claim 61 wherein the trusted entity maintains the store of personal data and controls access to the personal data in accordance with regulatory requirements pertaining to the protection of consumers personal items of data.
99. A method according to either claim 60 wherein the data communications network is the Internet.
100. A method according to either claim 60 wherein the secure repository includes items of personal data relating to any one or more of the following:
accounting records;
financial records;
health records;
insurance records;
estate records;
values and/or attitudes of the consumer;
personal goals of the consumer; or
preferred outcomes of the consumer.
US10/471,896 2001-03-14 2002-03-14 Method and system for secure information Abandoned US20040098366A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US12/206,539 US20090006124A1 (en) 2001-03-14 2008-09-08 Method and System Providing Advice and Services to Consumers
US13/462,225 US8543410B2 (en) 2001-03-14 2012-05-02 Method and system providing advice and services to consumers
US13/944,358 US20140180950A1 (en) 2001-03-14 2013-07-17 Method and system providing advice and services to consumers

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
AUPR3726 2001-03-14
AUPR3726A AUPR372601A0 (en) 2001-03-14 2001-03-14 Method and system for secure information
PCT/AU2002/000298 WO2002073455A1 (en) 2001-03-14 2002-03-14 Method and system for secure information

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US12/206,539 Continuation US20090006124A1 (en) 2001-03-14 2008-09-08 Method and System Providing Advice and Services to Consumers

Publications (1)

Publication Number Publication Date
US20040098366A1 true US20040098366A1 (en) 2004-05-20

Family

ID=3827734

Family Applications (4)

Application Number Title Priority Date Filing Date
US10/471,896 Abandoned US20040098366A1 (en) 2001-03-14 2002-03-14 Method and system for secure information
US12/206,539 Abandoned US20090006124A1 (en) 2001-03-14 2008-09-08 Method and System Providing Advice and Services to Consumers
US13/462,225 Expired - Lifetime US8543410B2 (en) 2001-03-14 2012-05-02 Method and system providing advice and services to consumers
US13/944,358 Abandoned US20140180950A1 (en) 2001-03-14 2013-07-17 Method and system providing advice and services to consumers

Family Applications After (3)

Application Number Title Priority Date Filing Date
US12/206,539 Abandoned US20090006124A1 (en) 2001-03-14 2008-09-08 Method and System Providing Advice and Services to Consumers
US13/462,225 Expired - Lifetime US8543410B2 (en) 2001-03-14 2012-05-02 Method and system providing advice and services to consumers
US13/944,358 Abandoned US20140180950A1 (en) 2001-03-14 2013-07-17 Method and system providing advice and services to consumers

Country Status (6)

Country Link
US (4) US20040098366A1 (en)
AU (2) AUPR372601A0 (en)
CA (1) CA2441244C (en)
GB (1) GB2392524B (en)
NZ (1) NZ528797A (en)
WO (1) WO2002073455A1 (en)

Cited By (174)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050160062A1 (en) * 2004-01-16 2005-07-21 Howard W. B. Method to report personal security information about a person
US20060085314A1 (en) * 2004-10-14 2006-04-20 Grim Clifton E Iii Escrowing digital property in a secure information vault
US20060136361A1 (en) * 2004-12-22 2006-06-22 Microsoft Corporation Extensible, customizable database-driven row-level database security
US20060277092A1 (en) * 2005-06-03 2006-12-07 Credigy Technologies, Inc. System and method for a peer to peer exchange of consumer information
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070162377A1 (en) * 2005-12-23 2007-07-12 Credigy Technologies, Inc. System and method for an online exchange of private data
WO2009016327A2 (en) 2007-07-27 2009-02-05 Almerys Management and sharing of dematerialised safes
US20090157471A1 (en) * 2007-12-13 2009-06-18 Tribunal Systems, Inc. Facilitating the execution of transactions between customers and providers
US20090210423A1 (en) * 2008-02-15 2009-08-20 Yahoo! Inc. Methods and systems for maintaining personal data trusts
US20090222897A1 (en) * 2008-02-29 2009-09-03 Callisto, Llc Systems and methods for authorization of information access
US20090307137A1 (en) * 2008-06-09 2009-12-10 Microsoft Corporation Managing provenance of digitally signed data in user editable records
US7689682B1 (en) 2006-08-16 2010-03-30 Resource Consortium Limited Obtaining lists of nodes of a multi-dimensional network
US20100262837A1 (en) * 2009-04-14 2010-10-14 Haluk Kulin Systems And Methods For Personal Digital Data Ownership And Vaulting
US20100332271A1 (en) * 2009-05-21 2010-12-30 De Spong David T Methods and systems for resource and organization achievement
US20110173325A1 (en) * 2008-09-15 2011-07-14 Dell Products L.P. System and Method for Management of Remotely Shared Data
US20130013507A1 (en) * 2011-04-04 2013-01-10 Browning Christopher S System to Create and Manage Payment Accounts
US8769621B2 (en) 2011-01-18 2014-07-01 At&T Intellectual Property I, L.P. Method and system for providing permission-based access to sensitive information
US8930204B1 (en) 2006-08-16 2015-01-06 Resource Consortium Limited Determining lifestyle recommendations using aggregated personal information
US20160171235A1 (en) * 2014-12-10 2016-06-16 International Business Machines Corporation Intelligent database with secure tables
US10129119B2 (en) 2016-10-07 2018-11-13 Mastercard International Incorporated Systems and methods for analyzing report access data
US20190180054A1 (en) * 2016-06-10 2019-06-13 OneTrust, LLC Consent receipt management systems and related methods
CN110298527A (en) * 2018-03-23 2019-10-01 阿里巴巴集团控股有限公司 Information output method, system and equipment
US10496803B2 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US10496846B1 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing and communications systems and methods for the efficient implementation of privacy by design
US10503926B2 (en) 2016-06-10 2019-12-10 OneTrust, LLC Consent receipt management systems and related methods
US10509894B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10509920B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing systems for processing data subject access requests
US10558821B2 (en) 2016-06-10 2020-02-11 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10564935B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US10564936B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for identity validation of data subject access requests and related methods
US10565397B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10565161B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for processing data subject access requests
US10567439B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US10565236B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10572686B2 (en) 2016-06-10 2020-02-25 OneTrust, LLC Consent receipt management systems and related methods
US10574705B2 (en) 2016-06-10 2020-02-25 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US10586072B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for measuring privacy maturity within an organization
US10585968B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10586075B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US10594740B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10592648B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Consent receipt management systems and related methods
US10592692B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Data processing systems for central consent repository and related methods
US10599870B2 (en) 2016-06-10 2020-03-24 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US10606916B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing user interface monitoring systems and related methods
US10607028B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US10614246B2 (en) 2016-06-10 2020-04-07 OneTrust, LLC Data processing systems and methods for auditing data request compliance
US10614247B2 (en) 2016-06-10 2020-04-07 OneTrust, LLC Data processing systems for automated classification of personal information from documents and related methods
US10642870B2 (en) 2016-06-10 2020-05-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US10678945B2 (en) 2016-06-10 2020-06-09 OneTrust, LLC Consent receipt management systems and related methods
US10692033B2 (en) 2016-06-10 2020-06-23 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US10706379B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for automatic preparation for remediation and related methods
US10708305B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Automated data processing systems and methods for automatically processing requests for privacy-related information
US10706447B2 (en) 2016-04-01 2020-07-07 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments
US10706131B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US10706174B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for prioritizing data subject access requests for fulfillment and related methods
US10706176B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data-processing consent refresh, re-prompt, and recapture systems and related methods
US10713387B2 (en) 2016-06-10 2020-07-14 OneTrust, LLC Consent conversion optimization systems and related methods
US10726158B2 (en) 2016-06-10 2020-07-28 OneTrust, LLC Consent receipt management and automated process blocking systems and related methods
US10740487B2 (en) 2016-06-10 2020-08-11 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US10762236B2 (en) 2016-06-10 2020-09-01 OneTrust, LLC Data processing user interface monitoring systems and related methods
US10769301B2 (en) 2016-06-10 2020-09-08 OneTrust, LLC Data processing systems for webform crawling to map processing activities and related methods
US10776517B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods
US10776518B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Consent receipt management systems and related methods
US10776514B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for the identification and deletion of personal data in computer systems
US10783256B2 (en) 2016-06-10 2020-09-22 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US10796260B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Privacy management systems and methods
US10798133B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10803198B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems for use in automatically generating, populating, and submitting data subject access requests
US10803200B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US10803202B2 (en) 2018-09-07 2020-10-13 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US10839102B2 (en) 2016-06-10 2020-11-17 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US10848523B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10846433B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing consent management systems and related methods
US10853501B2 (en) 2016-06-10 2020-12-01 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10873606B2 (en) 2016-06-10 2020-12-22 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10878127B2 (en) 2016-06-10 2020-12-29 OneTrust, LLC Data subject access request processing systems and related methods
US10885485B2 (en) 2016-06-10 2021-01-05 OneTrust, LLC Privacy management systems and methods
US10896394B2 (en) 2016-06-10 2021-01-19 OneTrust, LLC Privacy management systems and methods
US10909488B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US10909265B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Application privacy scanning systems and related methods
US10944725B2 (en) 2016-06-10 2021-03-09 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US10949565B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10949170B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US10970675B2 (en) 2016-06-10 2021-04-06 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10997318B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
US10997315B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11004125B2 (en) 2016-04-01 2021-05-11 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US11025675B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11023842B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US11038925B2 (en) 2016-06-10 2021-06-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11057356B2 (en) 2016-06-10 2021-07-06 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US11074367B2 (en) 2016-06-10 2021-07-27 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11087260B2 (en) 2016-06-10 2021-08-10 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11100444B2 (en) 2016-06-10 2021-08-24 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11134086B2 (en) 2016-06-10 2021-09-28 OneTrust, LLC Consent conversion optimization systems and related methods
US11138242B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11138299B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11146566B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11144675B2 (en) 2018-09-07 2021-10-12 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US11144622B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Privacy management systems and methods
US11151233B2 (en) 2016-06-10 2021-10-19 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11157600B2 (en) 2016-06-10 2021-10-26 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11188862B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Privacy management systems and methods
US11190512B2 (en) 2019-04-17 2021-11-30 Microsoft Technology Licensing, Llc Integrity attestation of attestation component
US11188615B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Data processing consent capture systems and related methods
US11200341B2 (en) 2016-06-10 2021-12-14 OneTrust, LLC Consent receipt management systems and related methods
US11210420B2 (en) 2016-06-10 2021-12-28 OneTrust, LLC Data subject access request processing systems and related methods
US11222137B2 (en) * 2019-05-03 2022-01-11 Microsoft Technology Licensing, Llc Storing and executing an application in a user's personal storage with user granted permission
US11222142B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for validating authorization for personal data collection, storage, and processing
US11222139B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems and methods for automatic discovery and assessment of mobile software development kits
US11222309B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11228620B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11227247B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US11238390B2 (en) 2016-06-10 2022-02-01 OneTrust, LLC Privacy management systems and methods
US11244367B2 (en) 2016-04-01 2022-02-08 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US11277448B2 (en) 2016-06-10 2022-03-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11295316B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11294939B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11301796B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11328092B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11336697B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11341447B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Privacy management systems and methods
US11343284B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11349832B2 (en) * 2016-06-09 2022-05-31 Amazon Technologies, Inc. Account recovery
US11354434B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11354435B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11366786B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing systems for processing data subject access requests
US11366909B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11373007B2 (en) 2017-06-16 2022-06-28 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
US11381567B2 (en) 2019-04-29 2022-07-05 Microsoft Technology Licensing, Llc Execution of an application within a scope of user-granted permission
CN114722412A (en) * 2022-04-15 2022-07-08 北京科杰科技有限公司 Data security storage method and device, electronic equipment and storage medium
US11392467B2 (en) 2019-04-17 2022-07-19 Microsoft Technology Licensing, Llc Failover between decentralized identity stores
US11392720B2 (en) 2016-06-10 2022-07-19 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11397819B2 (en) 2020-11-06 2022-07-26 OneTrust, LLC Systems and methods for identifying data processing activities based on data discovery results
US11403377B2 (en) 2016-06-10 2022-08-02 OneTrust, LLC Privacy management systems and methods
US11411959B2 (en) 2019-05-03 2022-08-09 Microsoft Technology Licensing, Llc Execution of application in a container within a scope of user-granted permission
US11410106B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Privacy management systems and methods
US11416798B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11416109B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US11416590B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11418492B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US11416589B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11429743B2 (en) 2019-04-29 2022-08-30 Microsoft Technology Licensing, Llc Localization of DID-related claims and data
US11438386B2 (en) 2016-06-10 2022-09-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11436373B2 (en) 2020-09-15 2022-09-06 OneTrust, LLC Data processing systems and methods for detecting tools for the automatic blocking of consent requests
US11442906B2 (en) 2021-02-04 2022-09-13 OneTrust, LLC Managing custom attributes for domain objects defined within microservices
US11444976B2 (en) 2020-07-28 2022-09-13 OneTrust, LLC Systems and methods for automatically blocking the use of tracking tools
US11461500B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US11475136B2 (en) 2016-06-10 2022-10-18 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US11475165B2 (en) 2020-08-06 2022-10-18 OneTrust, LLC Data processing systems and methods for automatically redacting unstructured data from a data subject access request
US11481710B2 (en) 2016-06-10 2022-10-25 OneTrust, LLC Privacy management systems and methods
US11494515B2 (en) 2021-02-08 2022-11-08 OneTrust, LLC Data processing systems and methods for anonymizing data samples in classification analysis
US11520928B2 (en) 2016-06-10 2022-12-06 OneTrust, LLC Data processing systems for generating personal data receipts and related methods
US11526624B2 (en) 2020-09-21 2022-12-13 OneTrust, LLC Data processing systems and methods for automatically detecting target data transfers and target data processing
US11533315B2 (en) 2021-03-08 2022-12-20 OneTrust, LLC Data transfer discovery and analysis systems and related methods
US11544409B2 (en) 2018-09-07 2023-01-03 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US11544667B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11546661B2 (en) 2021-02-18 2023-01-03 OneTrust, LLC Selective redaction of media content
US11562078B2 (en) 2021-04-16 2023-01-24 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
US11562097B2 (en) 2016-06-10 2023-01-24 OneTrust, LLC Data processing systems for central consent repository and related methods
US11586700B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for automatically blocking the use of tracking tools
US11601464B2 (en) 2021-02-10 2023-03-07 OneTrust, LLC Systems and methods for mitigating risks of third-party computing system functionality integration into a first-party computing system
US11620142B1 (en) 2022-06-03 2023-04-04 OneTrust, LLC Generating and customizing user interfaces for demonstrating functions of interactive user environments
US11625502B2 (en) 2016-06-10 2023-04-11 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11636171B2 (en) 2016-06-10 2023-04-25 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11651402B2 (en) 2016-04-01 2023-05-16 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of risk assessments
US11651106B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11651104B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Consent receipt management systems and related methods
US11675929B2 (en) 2016-06-10 2023-06-13 OneTrust, LLC Data processing consent sharing systems and related methods
US11687528B2 (en) 2021-01-25 2023-06-27 OneTrust, LLC Systems and methods for discovery, classification, and indexing of data in a native computing system
US11727141B2 (en) 2016-06-10 2023-08-15 OneTrust, LLC Data processing systems and methods for synching privacy-related user consent across multiple computing devices
US11775348B2 (en) 2021-02-17 2023-10-03 OneTrust, LLC Managing custom workflows for domain objects defined within microservices
US11797528B2 (en) 2020-07-08 2023-10-24 OneTrust, LLC Systems and methods for targeted data discovery
US11921894B2 (en) 2021-05-03 2024-03-05 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests

Families Citing this family (77)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8447630B2 (en) * 2004-02-26 2013-05-21 Payment Pathways, Inc. Systems and methods for managing permissions for information ownership in the cloud
US20060190283A1 (en) * 2005-02-04 2006-08-24 Searete Llc Participating in risk mitigation in a virtual world
US7774275B2 (en) 2005-02-28 2010-08-10 Searete Llc Payment options for virtual credit
US20060178218A1 (en) * 2005-02-04 2006-08-10 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Virtual world escrow user interface
US20060229976A1 (en) * 2005-03-30 2006-10-12 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Virtual credit with transferability
US20060178899A1 (en) * 2005-02-04 2006-08-10 Jung Edward K Identifying a participant loss in a virtual world
US20060178965A1 (en) * 2005-02-04 2006-08-10 Jung Edward K Tracking a participant loss in a virtual world
US20090198604A1 (en) * 2004-12-17 2009-08-06 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Tracking a participant loss in a virtual world
US9917819B2 (en) * 2005-01-13 2018-03-13 International Business Machines Corporation System and method for providing a proxied contact management system
US20090125383A1 (en) * 2005-02-04 2009-05-14 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Participation profiles of virtual world players
US20070112660A1 (en) * 2005-02-04 2007-05-17 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Disposition of proprietary virtual rights
US20070174183A1 (en) * 2006-01-26 2007-07-26 Jung Edward K Context determinants in virtual world environment
US20080228607A1 (en) * 2005-02-04 2008-09-18 Jung Edward K Y Resolution of virtual world revocable transfers
US20090037364A1 (en) * 2005-02-04 2009-02-05 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Participation profiles of virtual world players
US20060195376A1 (en) * 2005-02-28 2006-08-31 Jung Edward K Compensation techniques for virtual credit transactions
US20070013691A1 (en) * 2005-07-18 2007-01-18 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Supervisory authority in virtual world environment
US20080133392A1 (en) * 2005-02-04 2008-06-05 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Security arrangements for virtual world obligations
US20060178180A1 (en) * 2005-02-04 2006-08-10 Jung Edward K Virtual world escrow environment
US7720687B2 (en) * 2005-10-03 2010-05-18 The Invention Science Fund I, Llc Virtual world property disposition after real-world occurrence
US20060178966A1 (en) * 2005-02-04 2006-08-10 Jung Edward K Virtual world property disposition after virtual world occurence
US20090070180A1 (en) * 2005-02-04 2009-03-12 Searete Llc A Limited Liability Corporation Of The State Of Delaware Variant rating plans for virtual world environment
US20090138333A1 (en) * 2005-02-04 2009-05-28 Searete Llc, A Limited Liablity Of The State Of Delaware Follow-up contacts with virtual world participants
US20070268299A1 (en) * 2005-02-04 2007-11-22 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Attribute enhancement in virtual world environments
US8457991B2 (en) * 2005-02-04 2013-06-04 The Invention Science Fund I, Llc Virtual credit in simulated environments
US20090144073A1 (en) * 2005-02-04 2009-06-04 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Probability adjustment of a virtual world loss event
US8060829B2 (en) * 2005-04-15 2011-11-15 The Invention Science Fund I, Llc Participation profiles of virtual world players
US20090043682A1 (en) * 2005-02-04 2009-02-12 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Real-world profile data for making virtual world contacts
US20060178967A1 (en) * 2005-02-04 2006-08-10 Searete Llc Disposition of proprietary virtual rights
US20060195377A1 (en) * 2005-02-28 2006-08-31 Searete Llc Financial ventures based on virtual credit
US20070036328A1 (en) * 2005-07-19 2007-02-15 Searete Llc Virtual world escrow
US20080177558A1 (en) * 2005-02-04 2008-07-24 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Resolution of virtual world revocable transfers
US8556723B2 (en) * 2005-02-04 2013-10-15 The Invention Science Fund I. LLC Third party control over virtual world characters
US20100114662A1 (en) * 2008-10-31 2010-05-06 Searette Llc, A Limited Liability Corporation Of The State Of Delaware Real-world profile data for making virtual world contacts
US20070203725A1 (en) * 2006-02-27 2007-08-30 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Security arrangements for virtual world obligations
US8566111B2 (en) * 2005-02-04 2013-10-22 The Invention Science Fund I, Llc Disposition of component virtual property rights
US20070130001A1 (en) * 2005-11-18 2007-06-07 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Real-world profile data for making virtual world contacts
US20070024613A1 (en) * 2005-07-28 2007-02-01 Searete Llc, A Limited Liability Corporation Of Delaware Selecting auxiliary control features for virtual world environment
US20070118420A1 (en) * 2005-02-04 2007-05-24 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Context determinants in virtual world environment
US20070112624A1 (en) * 2005-11-15 2007-05-17 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Use of patron profiles in virtual world environment
US20070035548A1 (en) * 2005-08-12 2007-02-15 Searete Llc Rating technique for virtual world environment
US20090043683A1 (en) * 2005-02-04 2009-02-12 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Virtual world reversion rights
US20060235791A1 (en) * 2005-04-15 2006-10-19 Searete Llc Follow-up contacts with virtual world participants
US20080270165A1 (en) * 2005-02-04 2008-10-30 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Virtual world property disposition after real-world occurrence
US8271365B2 (en) 2005-02-04 2012-09-18 The Invention Science Fund I, Llc Real-world profile data for making virtual world contacts
US20070156509A1 (en) * 2005-02-04 2007-07-05 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Real-world incentives offered to virtual world participants
US20080092065A1 (en) * 2005-02-04 2008-04-17 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Third party control over virtual world characters
US7958047B2 (en) * 2005-02-04 2011-06-07 The Invention Science Fund I Virtual credit in simulated environments
US20070203828A1 (en) * 2005-02-04 2007-08-30 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Real-world incentives offered to virtual world participants
US20090132297A1 (en) * 2005-02-04 2009-05-21 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Probability adjustment of a virtual world loss event
US20090144148A1 (en) * 2005-02-04 2009-06-04 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Attribute enhancement in virtual world environments
US20070073614A1 (en) * 2005-09-15 2007-03-29 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Real world interaction with virtual world privileges
US20090100354A1 (en) * 2005-02-04 2009-04-16 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Third party control over virtual world characters
US20080109338A1 (en) * 2005-02-04 2008-05-08 Searete Llc, A Limited Liability Corporation Virtual credit in simulated environments
US20080215434A1 (en) * 2005-02-04 2008-09-04 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Real world interaction with virtual world privileges
US8512143B2 (en) 2005-07-18 2013-08-20 The Invention Science Fund I, Llc Third party control over virtual world characters
US8473382B2 (en) * 2006-02-28 2013-06-25 The Invention Science Fund I, Llc Virtual collateral for real-world obligations
US20070150986A1 (en) * 2005-03-30 2007-06-28 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Virtual credit with transferability
US20090099930A1 (en) * 2005-02-04 2009-04-16 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Participation profiles of virtual world players
US20070198305A1 (en) * 2005-03-30 2007-08-23 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Virtual credit with transferability
US20070038559A1 (en) * 2005-07-28 2007-02-15 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Rating notification for virtual world environment
US7937314B2 (en) * 2005-10-21 2011-05-03 The Invention Science Fund I Disposition of component virtual property rights
US20060178968A1 (en) * 2005-02-04 2006-08-10 Jung Edward K Virtual world interconnection technique
US20090138355A1 (en) * 2005-02-04 2009-05-28 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Real-world profile data for making virtual world contacts
US20070073582A1 (en) * 2005-09-27 2007-03-29 Searete Llc Real-world incentives offered to virtual world participants
US20070035549A1 (en) * 2005-08-12 2007-02-15 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Variant rating plans for a virtual world environment
US20060195378A1 (en) * 2005-02-28 2006-08-31 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Hybrid charge account for virtual world credit
US20070078737A1 (en) * 2005-02-28 2007-04-05 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Financial ventures based on virtual credit
US8069256B2 (en) * 2005-08-23 2011-11-29 Mehran Randall Rasti System and method to curb identity theft
US8190502B2 (en) * 2009-05-29 2012-05-29 Ameriprise Financial, Inc. Management of goals and recommendations
WO2011063827A1 (en) * 2009-11-24 2011-06-03 Nec Europe Ltd. Personal identity management system and method
US20130090978A1 (en) * 2011-10-05 2013-04-11 Ameriprise Financial, Inc. Risk-based evaluation of financial advisors
US9210164B2 (en) 2012-01-08 2015-12-08 International Business Machines Corporation Confidential information access via social networking web site
EP3414694A4 (en) * 2016-02-12 2019-10-23 Pegasus Media Security, LLC Security enhanced portable data store and processor for allowing secure and selective access to genomic data
GB2548165A (en) * 2016-03-11 2017-09-13 Trust-Hub Ltd A data transfer system and an interactive voice response system
US10831917B2 (en) 2018-10-29 2020-11-10 At&T Intellectual Property I, L.P. Database system consensus-based access control
US11514187B1 (en) 2019-11-26 2022-11-29 Wells Fargo Bank, N.A. Systems and methods for managing the processing of customer information within a global enterprise
WO2024044522A1 (en) 2022-08-24 2024-02-29 Arthur Hustad Method and system for providing control over storage of and access to user data

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6092199A (en) * 1997-07-07 2000-07-18 International Business Machines Corporation Dynamic creation of a user account in a client following authentication from a non-native server domain
US6101607A (en) * 1998-04-24 2000-08-08 International Business Machines Corporation Limit access to program function
US6154732A (en) * 1997-07-25 2000-11-28 Guidedchoice.Com System for providing investment advice and management of pension assets
US6269369B1 (en) * 1997-11-02 2001-07-31 Amazon.Com Holdings, Inc. Networked personal contact manager
US6625734B1 (en) * 1999-04-26 2003-09-23 Disappearing, Inc. Controlling and tracking access to disseminated information

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA1329657C (en) * 1989-04-03 1994-05-17 Gerald S. Lang Method and apparatus for protecting material on storage media
US5924074A (en) * 1996-09-27 1999-07-13 Azron Incorporated Electronic medical records system
EP0917119A3 (en) * 1997-11-12 2001-01-10 Citicorp Development Center, Inc. Distributed network based electronic wallet
US6278999B1 (en) * 1998-06-12 2001-08-21 Terry R. Knapp Information management system for personal health digitizers
AU2473300A (en) * 1998-11-04 2000-05-22 Garfinkle Limited Partnership Ii A system for protection of unauthorized entry into accessing records in a recorddatabase
CA2396266C (en) * 2000-01-12 2007-03-13 Metavante Corporation Integrated systems for electronic bill presentment and payment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6092199A (en) * 1997-07-07 2000-07-18 International Business Machines Corporation Dynamic creation of a user account in a client following authentication from a non-native server domain
US6154732A (en) * 1997-07-25 2000-11-28 Guidedchoice.Com System for providing investment advice and management of pension assets
US6269369B1 (en) * 1997-11-02 2001-07-31 Amazon.Com Holdings, Inc. Networked personal contact manager
US6101607A (en) * 1998-04-24 2000-08-08 International Business Machines Corporation Limit access to program function
US6625734B1 (en) * 1999-04-26 2003-09-23 Disappearing, Inc. Controlling and tracking access to disseminated information

Cited By (277)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050160062A1 (en) * 2004-01-16 2005-07-21 Howard W. B. Method to report personal security information about a person
US20060085314A1 (en) * 2004-10-14 2006-04-20 Grim Clifton E Iii Escrowing digital property in a secure information vault
US8224725B2 (en) 2004-10-14 2012-07-17 Google Inc. Escrowing digital property in a secure information vault
US8606673B1 (en) 2004-10-14 2013-12-10 Google Inc. Escrowing digital property in a secure information vault
US20060136361A1 (en) * 2004-12-22 2006-06-22 Microsoft Corporation Extensible, customizable database-driven row-level database security
US20060277092A1 (en) * 2005-06-03 2006-12-07 Credigy Technologies, Inc. System and method for a peer to peer exchange of consumer information
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US8560456B2 (en) 2005-12-02 2013-10-15 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070162377A1 (en) * 2005-12-23 2007-07-12 Credigy Technologies, Inc. System and method for an online exchange of private data
US7970827B1 (en) 2006-08-16 2011-06-28 Resource Consortium Limited Providing notifications to an individual in a multi-dimensional personal information network
US8073708B1 (en) 2006-08-16 2011-12-06 Resource Consortium Limited Aggregating personal healthcare informatoin
US8930204B1 (en) 2006-08-16 2015-01-06 Resource Consortium Limited Determining lifestyle recommendations using aggregated personal information
US7689682B1 (en) 2006-08-16 2010-03-30 Resource Consortium Limited Obtaining lists of nodes of a multi-dimensional network
US8185597B1 (en) 2006-08-16 2012-05-22 Resource Consortium Limited Providing notifications to an individual in a multi-dimensional personal information network
US7801956B1 (en) 2006-08-16 2010-09-21 Resource Consortium Limited Providing notifications to an individual in a multi-dimensional personal information network
US8775287B1 (en) 2006-08-16 2014-07-08 Resource Consortium Limited Method and system for determining insurance needs
US8635087B1 (en) 2006-08-16 2014-01-21 Resource Consortium Limited Aggregating personal information
US7966647B1 (en) 2006-08-16 2011-06-21 Resource Consortium Limited Sending personal information to a personal information aggregator
US8121915B1 (en) 2006-08-16 2012-02-21 Resource Consortium Limited Generating financial plans using a personal information aggregator
US20100198721A1 (en) * 2007-07-27 2010-08-05 Laurent Caredda Management of Dematerialized Safes
WO2009016327A3 (en) * 2007-07-27 2009-05-07 Almerys Management and sharing of dematerialised safes
WO2009016327A2 (en) 2007-07-27 2009-02-05 Almerys Management and sharing of dematerialised safes
US20090157471A1 (en) * 2007-12-13 2009-06-18 Tribunal Systems, Inc. Facilitating the execution of transactions between customers and providers
US20090210423A1 (en) * 2008-02-15 2009-08-20 Yahoo! Inc. Methods and systems for maintaining personal data trusts
US9083700B2 (en) 2008-02-29 2015-07-14 Vicki L. James Systems and methods for authorization of information access
US8621641B2 (en) * 2008-02-29 2013-12-31 Vicki L. James Systems and methods for authorization of information access
US20090222897A1 (en) * 2008-02-29 2009-09-03 Callisto, Llc Systems and methods for authorization of information access
US20090307137A1 (en) * 2008-06-09 2009-12-10 Microsoft Corporation Managing provenance of digitally signed data in user editable records
US8321522B2 (en) * 2008-09-15 2012-11-27 Dell Products L.P. System and method for management of remotely shared data
US20110173325A1 (en) * 2008-09-15 2011-07-14 Dell Products L.P. System and Method for Management of Remotely Shared Data
US20100262837A1 (en) * 2009-04-14 2010-10-14 Haluk Kulin Systems And Methods For Personal Digital Data Ownership And Vaulting
US10002332B2 (en) * 2009-05-21 2018-06-19 Shared Performance, Llc Methods and systems for resource and organization achievement
US20100332271A1 (en) * 2009-05-21 2010-12-30 De Spong David T Methods and systems for resource and organization achievement
US11205141B2 (en) * 2009-05-21 2021-12-21 Shared Performance, Llc Methods and systems for resource and organization achievement
US8769621B2 (en) 2011-01-18 2014-07-01 At&T Intellectual Property I, L.P. Method and system for providing permission-based access to sensitive information
US20130013507A1 (en) * 2011-04-04 2013-01-10 Browning Christopher S System to Create and Manage Payment Accounts
US20160171235A1 (en) * 2014-12-10 2016-06-16 International Business Machines Corporation Intelligent database with secure tables
US10114972B2 (en) 2014-12-10 2018-10-30 International Business Machines Corporation Intelligent database with secure tables
US10223542B2 (en) * 2014-12-10 2019-03-05 International Business Machines Corporation Intelligent database with secure tables
US11651402B2 (en) 2016-04-01 2023-05-16 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of risk assessments
US11244367B2 (en) 2016-04-01 2022-02-08 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US10706447B2 (en) 2016-04-01 2020-07-07 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments
US11004125B2 (en) 2016-04-01 2021-05-11 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US10956952B2 (en) 2016-04-01 2021-03-23 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments
US10853859B2 (en) 2016-04-01 2020-12-01 OneTrust, LLC Data processing systems and methods for operationalizing privacy compliance and assessing the risk of various respective privacy campaigns
US11349832B2 (en) * 2016-06-09 2022-05-31 Amazon Technologies, Inc. Account recovery
US11036771B2 (en) 2016-06-10 2021-06-15 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11151233B2 (en) 2016-06-10 2021-10-19 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10564936B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for identity validation of data subject access requests and related methods
US10565397B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10565161B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for processing data subject access requests
US10567439B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US10565236B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10572686B2 (en) 2016-06-10 2020-02-25 OneTrust, LLC Consent receipt management systems and related methods
US10574705B2 (en) 2016-06-10 2020-02-25 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US10586072B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for measuring privacy maturity within an organization
US10585968B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10586075B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US10594740B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10592648B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Consent receipt management systems and related methods
US10592692B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Data processing systems for central consent repository and related methods
US10599870B2 (en) 2016-06-10 2020-03-24 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US10606916B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing user interface monitoring systems and related methods
US10607028B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US10614246B2 (en) 2016-06-10 2020-04-07 OneTrust, LLC Data processing systems and methods for auditing data request compliance
US10614247B2 (en) 2016-06-10 2020-04-07 OneTrust, LLC Data processing systems for automated classification of personal information from documents and related methods
US10642870B2 (en) 2016-06-10 2020-05-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US10678945B2 (en) 2016-06-10 2020-06-09 OneTrust, LLC Consent receipt management systems and related methods
US10685140B2 (en) * 2016-06-10 2020-06-16 OneTrust, LLC Consent receipt management systems and related methods
US10692033B2 (en) 2016-06-10 2020-06-23 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US10705801B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for identity validation of data subject access requests and related methods
US10706379B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for automatic preparation for remediation and related methods
US10708305B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Automated data processing systems and methods for automatically processing requests for privacy-related information
US10558821B2 (en) 2016-06-10 2020-02-11 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10706131B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US10706174B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for prioritizing data subject access requests for fulfillment and related methods
US10706176B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data-processing consent refresh, re-prompt, and recapture systems and related methods
US10713387B2 (en) 2016-06-10 2020-07-14 OneTrust, LLC Consent conversion optimization systems and related methods
US10726158B2 (en) 2016-06-10 2020-07-28 OneTrust, LLC Consent receipt management and automated process blocking systems and related methods
US10740487B2 (en) 2016-06-10 2020-08-11 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US10754981B2 (en) 2016-06-10 2020-08-25 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10762236B2 (en) 2016-06-10 2020-09-01 OneTrust, LLC Data processing user interface monitoring systems and related methods
US10769303B2 (en) 2016-06-10 2020-09-08 OneTrust, LLC Data processing systems for central consent repository and related methods
US10769301B2 (en) 2016-06-10 2020-09-08 OneTrust, LLC Data processing systems for webform crawling to map processing activities and related methods
US10769302B2 (en) 2016-06-10 2020-09-08 OneTrust, LLC Consent receipt management systems and related methods
US10776515B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10776517B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods
US10776518B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Consent receipt management systems and related methods
US10776514B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for the identification and deletion of personal data in computer systems
US10783256B2 (en) 2016-06-10 2020-09-22 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US10791150B2 (en) 2016-06-10 2020-09-29 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US10796020B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Consent receipt management systems and related methods
US10796260B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Privacy management systems and methods
US10798133B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10803198B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems for use in automatically generating, populating, and submitting data subject access requests
US10803097B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10805354B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US10803199B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing and communications systems and methods for the efficient implementation of privacy by design
US10803200B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11868507B2 (en) 2016-06-10 2024-01-09 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US10839102B2 (en) 2016-06-10 2020-11-17 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US10848523B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10846261B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing systems for processing data subject access requests
US10846433B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing consent management systems and related methods
US10509920B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing systems for processing data subject access requests
US10853501B2 (en) 2016-06-10 2020-12-01 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10867072B2 (en) 2016-06-10 2020-12-15 OneTrust, LLC Data processing systems for measuring privacy maturity within an organization
US10867007B2 (en) 2016-06-10 2020-12-15 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10873606B2 (en) 2016-06-10 2020-12-22 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10878127B2 (en) 2016-06-10 2020-12-29 OneTrust, LLC Data subject access request processing systems and related methods
US10885485B2 (en) 2016-06-10 2021-01-05 OneTrust, LLC Privacy management systems and methods
US10896394B2 (en) 2016-06-10 2021-01-19 OneTrust, LLC Privacy management systems and methods
US10909488B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US10909265B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Application privacy scanning systems and related methods
US10929559B2 (en) 2016-06-10 2021-02-23 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US10944725B2 (en) 2016-06-10 2021-03-09 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US10949565B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10949567B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10949544B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US10949170B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US10509894B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11847182B2 (en) 2016-06-10 2023-12-19 OneTrust, LLC Data processing consent capture systems and related methods
US10972509B2 (en) 2016-06-10 2021-04-06 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US10970675B2 (en) 2016-06-10 2021-04-06 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10970371B2 (en) 2016-06-10 2021-04-06 OneTrust, LLC Consent receipt management systems and related methods
US10984132B2 (en) 2016-06-10 2021-04-20 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US10997542B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Privacy management systems and methods
US10997318B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
US10997315B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10503926B2 (en) 2016-06-10 2019-12-10 OneTrust, LLC Consent receipt management systems and related methods
US11025675B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11023842B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US11023616B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11030327B2 (en) 2016-06-10 2021-06-08 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11030563B2 (en) 2016-06-10 2021-06-08 OneTrust, LLC Privacy management systems and methods
US11030274B2 (en) 2016-06-10 2021-06-08 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11038925B2 (en) 2016-06-10 2021-06-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11036674B2 (en) 2016-06-10 2021-06-15 OneTrust, LLC Data processing systems for processing data subject access requests
US10496846B1 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing and communications systems and methods for the efficient implementation of privacy by design
US11036882B2 (en) 2016-06-10 2021-06-15 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11057356B2 (en) 2016-06-10 2021-07-06 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US11062051B2 (en) 2016-06-10 2021-07-13 OneTrust, LLC Consent receipt management systems and related methods
US11068618B2 (en) 2016-06-10 2021-07-20 OneTrust, LLC Data processing systems for central consent repository and related methods
US11070593B2 (en) 2016-06-10 2021-07-20 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11074367B2 (en) 2016-06-10 2021-07-27 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11087260B2 (en) 2016-06-10 2021-08-10 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11100444B2 (en) 2016-06-10 2021-08-24 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11100445B2 (en) 2016-06-10 2021-08-24 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US11113416B2 (en) 2016-06-10 2021-09-07 OneTrust, LLC Application privacy scanning systems and related methods
US11120162B2 (en) 2016-06-10 2021-09-14 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11120161B2 (en) 2016-06-10 2021-09-14 OneTrust, LLC Data subject access request processing systems and related methods
US11122011B2 (en) 2016-06-10 2021-09-14 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US11126748B2 (en) 2016-06-10 2021-09-21 OneTrust, LLC Data processing consent management systems and related methods
US11134086B2 (en) 2016-06-10 2021-09-28 OneTrust, LLC Consent conversion optimization systems and related methods
US11138242B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11138318B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US11138336B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11138299B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11144670B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11146566B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11727141B2 (en) 2016-06-10 2023-08-15 OneTrust, LLC Data processing systems and methods for synching privacy-related user consent across multiple computing devices
US11144622B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Privacy management systems and methods
US10564935B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US11157600B2 (en) 2016-06-10 2021-10-26 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11675929B2 (en) 2016-06-10 2023-06-13 OneTrust, LLC Data processing consent sharing systems and related methods
US11182501B2 (en) 2016-06-10 2021-11-23 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11188862B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Privacy management systems and methods
US11651104B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Consent receipt management systems and related methods
US11188615B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Data processing consent capture systems and related methods
US11195134B2 (en) 2016-06-10 2021-12-07 OneTrust, LLC Privacy management systems and methods
US11200341B2 (en) 2016-06-10 2021-12-14 OneTrust, LLC Consent receipt management systems and related methods
US10496803B2 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US11210420B2 (en) 2016-06-10 2021-12-28 OneTrust, LLC Data subject access request processing systems and related methods
US11651106B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11222142B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for validating authorization for personal data collection, storage, and processing
US11222139B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems and methods for automatic discovery and assessment of mobile software development kits
US11222309B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11228620B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11227247B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US11238390B2 (en) 2016-06-10 2022-02-01 OneTrust, LLC Privacy management systems and methods
US11240273B2 (en) 2016-06-10 2022-02-01 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US11244071B2 (en) 2016-06-10 2022-02-08 OneTrust, LLC Data processing systems for use in automatically generating, populating, and submitting data subject access requests
US11244072B2 (en) 2016-06-10 2022-02-08 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11645418B2 (en) 2016-06-10 2023-05-09 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11256777B2 (en) 2016-06-10 2022-02-22 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11277448B2 (en) 2016-06-10 2022-03-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11295316B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11294939B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11301796B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11301589B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Consent receipt management systems and related methods
US11308435B2 (en) 2016-06-10 2022-04-19 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11328092B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11328240B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US11334681B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Application privacy scanning systems and related meihods
US11334682B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data subject access request processing systems and related methods
US11336697B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11341447B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Privacy management systems and methods
US11343284B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11347889B2 (en) 2016-06-10 2022-05-31 OneTrust, LLC Data processing systems for generating and populating a data inventory
US20190180054A1 (en) * 2016-06-10 2019-06-13 OneTrust, LLC Consent receipt management systems and related methods
US11354434B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11354435B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11361057B2 (en) 2016-06-10 2022-06-14 OneTrust, LLC Consent receipt management systems and related methods
US11366786B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing systems for processing data subject access requests
US11366909B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11645353B2 (en) 2016-06-10 2023-05-09 OneTrust, LLC Data processing consent capture systems and related methods
US11636171B2 (en) 2016-06-10 2023-04-25 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11625502B2 (en) 2016-06-10 2023-04-11 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11609939B2 (en) 2016-06-10 2023-03-21 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11392720B2 (en) 2016-06-10 2022-07-19 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11586762B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for auditing data request compliance
US11403377B2 (en) 2016-06-10 2022-08-02 OneTrust, LLC Privacy management systems and methods
US11409908B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US11586700B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for automatically blocking the use of tracking tools
US11410106B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Privacy management systems and methods
US11416576B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing consent capture systems and related methods
US11416634B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Consent receipt management systems and related methods
US11416798B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11416109B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US11416590B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11416636B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing consent management systems and related methods
US11418492B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US11416589B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11418516B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Consent conversion optimization systems and related methods
US11562097B2 (en) 2016-06-10 2023-01-24 OneTrust, LLC Data processing systems for central consent repository and related methods
US11438386B2 (en) 2016-06-10 2022-09-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11556672B2 (en) 2016-06-10 2023-01-17 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11558429B2 (en) 2016-06-10 2023-01-17 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US11551174B2 (en) 2016-06-10 2023-01-10 OneTrust, LLC Privacy management systems and methods
US11449633B2 (en) 2016-06-10 2022-09-20 OneTrust, LLC Data processing systems and methods for automatic discovery and assessment of mobile software development kits
US11461722B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Questionnaire response automation for compliance management
US11461500B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US11468386B2 (en) 2016-06-10 2022-10-11 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US11468196B2 (en) 2016-06-10 2022-10-11 OneTrust, LLC Data processing systems for validating authorization for personal data collection, storage, and processing
US11475136B2 (en) 2016-06-10 2022-10-18 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US11550897B2 (en) 2016-06-10 2023-01-10 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11481710B2 (en) 2016-06-10 2022-10-25 OneTrust, LLC Privacy management systems and methods
US11488085B2 (en) 2016-06-10 2022-11-01 OneTrust, LLC Questionnaire response automation for compliance management
US11544405B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11520928B2 (en) 2016-06-10 2022-12-06 OneTrust, LLC Data processing systems for generating personal data receipts and related methods
US11544667B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10129119B2 (en) 2016-10-07 2018-11-13 Mastercard International Incorporated Systems and methods for analyzing report access data
US11663359B2 (en) 2017-06-16 2023-05-30 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
US11373007B2 (en) 2017-06-16 2022-06-28 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
CN110298527A (en) * 2018-03-23 2019-10-01 阿里巴巴集团控股有限公司 Information output method, system and equipment
US10803202B2 (en) 2018-09-07 2020-10-13 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US11544409B2 (en) 2018-09-07 2023-01-03 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US11144675B2 (en) 2018-09-07 2021-10-12 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US10963591B2 (en) 2018-09-07 2021-03-30 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US11157654B2 (en) 2018-09-07 2021-10-26 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US11593523B2 (en) 2018-09-07 2023-02-28 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US11190512B2 (en) 2019-04-17 2021-11-30 Microsoft Technology Licensing, Llc Integrity attestation of attestation component
US11392467B2 (en) 2019-04-17 2022-07-19 Microsoft Technology Licensing, Llc Failover between decentralized identity stores
US11381567B2 (en) 2019-04-29 2022-07-05 Microsoft Technology Licensing, Llc Execution of an application within a scope of user-granted permission
US11429743B2 (en) 2019-04-29 2022-08-30 Microsoft Technology Licensing, Llc Localization of DID-related claims and data
US11411959B2 (en) 2019-05-03 2022-08-09 Microsoft Technology Licensing, Llc Execution of application in a container within a scope of user-granted permission
US11222137B2 (en) * 2019-05-03 2022-01-11 Microsoft Technology Licensing, Llc Storing and executing an application in a user's personal storage with user granted permission
US11797528B2 (en) 2020-07-08 2023-10-24 OneTrust, LLC Systems and methods for targeted data discovery
US11444976B2 (en) 2020-07-28 2022-09-13 OneTrust, LLC Systems and methods for automatically blocking the use of tracking tools
US11475165B2 (en) 2020-08-06 2022-10-18 OneTrust, LLC Data processing systems and methods for automatically redacting unstructured data from a data subject access request
US11436373B2 (en) 2020-09-15 2022-09-06 OneTrust, LLC Data processing systems and methods for detecting tools for the automatic blocking of consent requests
US11704440B2 (en) 2020-09-15 2023-07-18 OneTrust, LLC Data processing systems and methods for preventing execution of an action documenting a consent rejection
US11526624B2 (en) 2020-09-21 2022-12-13 OneTrust, LLC Data processing systems and methods for automatically detecting target data transfers and target data processing
US11615192B2 (en) 2020-11-06 2023-03-28 OneTrust, LLC Systems and methods for identifying data processing activities based on data discovery results
US11397819B2 (en) 2020-11-06 2022-07-26 OneTrust, LLC Systems and methods for identifying data processing activities based on data discovery results
US11687528B2 (en) 2021-01-25 2023-06-27 OneTrust, LLC Systems and methods for discovery, classification, and indexing of data in a native computing system
US11442906B2 (en) 2021-02-04 2022-09-13 OneTrust, LLC Managing custom attributes for domain objects defined within microservices
US11494515B2 (en) 2021-02-08 2022-11-08 OneTrust, LLC Data processing systems and methods for anonymizing data samples in classification analysis
US11601464B2 (en) 2021-02-10 2023-03-07 OneTrust, LLC Systems and methods for mitigating risks of third-party computing system functionality integration into a first-party computing system
US11775348B2 (en) 2021-02-17 2023-10-03 OneTrust, LLC Managing custom workflows for domain objects defined within microservices
US11546661B2 (en) 2021-02-18 2023-01-03 OneTrust, LLC Selective redaction of media content
US11533315B2 (en) 2021-03-08 2022-12-20 OneTrust, LLC Data transfer discovery and analysis systems and related methods
US11562078B2 (en) 2021-04-16 2023-01-24 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
US11816224B2 (en) 2021-04-16 2023-11-14 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
US11921894B2 (en) 2021-05-03 2024-03-05 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
CN114722412A (en) * 2022-04-15 2022-07-08 北京科杰科技有限公司 Data security storage method and device, electronic equipment and storage medium
US11620142B1 (en) 2022-06-03 2023-04-04 OneTrust, LLC Generating and customizing user interfaces for demonstrating functions of interactive user environments

Also Published As

Publication number Publication date
GB2392524A (en) 2004-03-03
CA2441244A1 (en) 2002-09-19
US8543410B2 (en) 2013-09-24
US20140180950A1 (en) 2014-06-26
GB2392524B (en) 2005-06-15
NZ528797A (en) 2005-05-27
AUPR372601A0 (en) 2001-04-12
GB0323953D0 (en) 2003-11-12
US20090006124A1 (en) 2009-01-01
AU2002240703C1 (en) 2009-09-17
WO2002073455A1 (en) 2002-09-19
AU2002240703B2 (en) 2009-01-29
US20120304308A1 (en) 2012-11-29
CA2441244C (en) 2014-09-30

Similar Documents

Publication Publication Date Title
AU2002240703C1 (en) Method and system for secure information
AU2002240703A1 (en) Method and system for secure information
Hiller et al. Privacy and security in the implementation of health information technology (electronic health records): US and EU compared
US20190303867A1 (en) Blockchain based crowdsourcing medical billing for medical insurance claims processing
Konnoth Health Information Equity
US20200020440A1 (en) Computer-assist method using distributed ledger technology for operating and managing an enterprise
Chou et al. Healthcare information portal: a web technology for the healthcare community
Yasnoff Health information infrastructure
Szabó et al. Affordances in blockchain-based financial recommendations concerned with life events and personalities
Sunyaev Health-care telematics in Germany: design and application of a security analysis method
CN117083603A (en) System for process coordination and interoperation across different systems, platforms and/or services
Knapp et al. Using the Person-Event Data Environment for Military Personnel Research in the Department of Defense
Cunningham et al. Feasibility of a Student Unit Record System within the Integrated Postsecondary Education Data System. Research and Development Report. NCES 2005-160.
Fiedler et al. Federal Policy Options to Realize the Potential of APCDs
Thomas Evaluating Electronic Health Records Interoperability Symbiotic Relationship to Information Management Governance Security Risks
POLICY Open Data
Urbano et al. Inter-organizational data sharing during COVID-19 health emergency: lesson learnt from veneto and lombardy regions
Chernik et al. Enhancing Encryption Measures for Expanded HIPAA Covered Entities
Tilahun THE APPLICATION OF QUANTITATIVE METHODS IN THE ADOPTION OF CLOUD COMPUTING WITHIN A FRAMEWORK OF UNIFIED TECHNOLOGY ACCEPTANCE THEORY: A COMPARATIVE ANALYSIS OF US HOSPITALSntitled Item
Aliero Strategic approaches to address the challenges faced in using electronic document management system: a case of staff of Kebbi State University of Science and Technology Aliero, Nigeria.
Nosrati Blockchain Audit & Assurance–Towards an Audit Standard for the Consortium Blockchain
Vishwa MediBlock-A Privacy-aware Blockchain to store patients data and effective diagnosis methods
Rudolph et al. Administrative data and disease surveillance: An integration toolkit
Guah et al. NHS information quality and integrity: issues arising from primary service provision
Yimam Compliance issues in cloud computing systems

Legal Events

Date Code Title Description
AS Assignment

Owner name: C.R. GROUP PTY LIMITED, AUSTRALIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SINCLAIR, TREVOR;DAVID, PAUL J.;SHERMAN, ANDREW;AND OTHERS;REEL/FRAME:014895/0700

Effective date: 20030912

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION