International Business Machines Corporation – InsuranceNewsNet

MAY 30, 2022 (NewsRx) — By a News Reporter – Staff News Editor at Daily Insurance News — Of Alexandria, VirginiaNewsRx reporters report that a patent from inventors Allen, Corville O. (Morrisville, North CarolinaUS), Gkoulalas-Divanis, Aris (Waltham, MAUnited States), filed on September 20, 2019was published online at May 10, 2022.

The patent assignee for patent number 11328089 is International Commercial Machinery Society (Armonk, New York, United States).

The news editors have obtained the following quote from the background information provided by the inventors: “The present invention relates to a computing environment, and more particularly to a computer program, a method and a system for applying a privacy legal framework based on the consent.”

In addition to general information about this patent, NewsRx correspondents also obtained summary information from the inventors for this patent: “According to one embodiment of the invention, there is a method that applies a legal framework file system of confidentiality with an operating system (OS) to enforce the legal framework of confidentiality Access to data in a selected file in the file system includes access to metadata associated with the selected file, the metadata including a privacy state and owner consent-based access policy The owner consent-based access policy is enforced by the operating system through specific support requiring the use of metadata to access the selected file.

“According to one embodiment of the invention, there is provided an information processing system comprising at least one processor executing instructions implementing the steps of the method which provides an infrastructure for accessing the file system which applies a consent-based file access.

According to one embodiment of the invention, there is provided a computer program product executing instructions having the method steps that provides a file system access infrastructure that enforces consent-based file access.

“The foregoing is a summary and therefore contains, by necessity, simplifications, generalizations and omissions of detail; therefore, those skilled in the art will appreciate that the summary is illustrative only and is not intended to be limiting in any way. Other aspects, inventive features and advantages of the present invention will become apparent from the non-limiting detailed description presented below. »

The claims provided by the inventors are:

“1. A method that enforces a privacy legal framework in storage of an information processing system that includes a processor and memory accessible by the processor, the method comprising: providing a file system with a system operating system (OS) to enforce the privacy legal framework wherein access to data in a selected file in the file system includes access to metadata associated with the selected file, the metadata including a privacy status and a access policy based on the consent of the owner; and enforcement by the operating system through custom commands for special purposes requiring the use of metadata to access the selected file, the access policy based on the consent of the owner.

“2. A method according to claim 1, wherein the privacy legal framework is selected from a group consisting of the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act ( HIPPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), and Food and drug administration (FDA).

“3. A method according to claim 1, wherein the selected file is encrypted, and wherein decryption of the selected file requires access from the operating system.

“4. The method of claim 1, wherein the owner consent-based access policy further includes: audit information, owner information, expiration, access information, and consent information. .

A method according to claim 4, wherein the audit information records information relating to access to the selected file and further comprises: recording of who accessed the selected file; recording when accessing the selected file; and record the actions performed on the selected file.

6. A method according to claim 4, wherein the consent information includes a purpose for which personal data may be used, a date on which permission was given by a data owner, and an expiration date.

“7. A method according to claim 6, wherein the selected file is automatically deleted after the expiration date.

A method according to claim 1, further comprising: tracking, automatically, copies of the selected file.

The method of claim 8, further comprising: adjusting the content of tracked copies of the selected file based on current consent information from a data owner.

“ten. An information processing system that enforces a privacy legal framework comprising: one or more processors; a memory coupled to at least one of the processors; a network interface that connects a local node to one or more remote nodes; and a set of computer program instructions stored in memory and executed by at least one of the processors to perform actions including: providing a file system with an operating system (OS) to implement the privacy legal framework in which access to data in a selected file in the file system includes access to metadata associated with the selected file, the metadata including a privacy status and an access policy based on the consent of the proprietary; and enforcement by the operating system through special-purpose custom commands requiring the use of metadata for ac assign to the selected file, the access policy based on the consent of the owner.

“11. An information processing system according to claim 10, wherein the privacy legal framework is selected from a group consisting of the General Data Protection Regulation (GDPR), Data Portability and Accountability Act (HIPPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), and Food and drug administration (FDA).

An information processing system according to claim 10, wherein the selected file is encrypted, and decryption of the selected file requires access from the operating system.

An information processing system according to claim 10, wherein the owner consent-based access policy further comprises: audit information, owner information, expiration, access information and consent information.

An information processing system according to claim 13, wherein the audit information records information relating to access to the selected file and wherein the actions further include: recording who accessed the file selected; recording when accessing the selected file; and recording actions performed on the selected file.

“15. A computer program product that enforces a legal framework of confidentiality stored in a computer-readable storage medium, comprising computer program code that, when executed by an information processing system, performs actions consisting to: provide a file system with an operating system (OS) for enforcing a legal privacy framework in which access to data in a selected file in the file system includes access to metadata associated with the file selected wherein the metadata includes a privacy status and owner consent-based access policy; and enforcement by the operating system through special-purpose custom commands requiring the use of the metadata to access the file selected, the access policy based on the consent of the owner.

“16. A computer program product according to claim 15, wherein the privacy legal framework is selected from a group consisting of the General Data Protection Regulation (GDPR), Data Portability and Accountability Act health insurance (HIPPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), and Food and drug administration (FDA).

A computer program product according to claim 15, wherein the selected file is encrypted, and decryption of the selected file requires access from the operating system.

“18. The computer program product of claim 15, wherein the owner consent-based access policy further comprises: audit information, owner information, expiration, access information, and consent information.

A computer program product according to claim 18, wherein the audit information records information relating to access to the selected file and wherein the actions further include: recording who accessed the selected file; recording when accessing the selected file; and recording the actions performed on the selected file.

“20. A computer program product according to claim 19, wherein the consent information includes a purpose for which the personal data may be used, a date on which permission was given by a data owner, and a date of expiry.

For more information on this patent, see: Allen, Corville O. Built-in legal framework file management. WE Patent number 11328089, pending September 20, 2019and published online at May 10, 2022. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=11328089.PN.&OS =PN/11328089RS=PN/11328089

(Our reports provide factual information on research and discoveries from around the world.)

Comments are closed.