Patent Issued for Computer-implemented system and method for facilitating data security of documents (USPTO 11803661): ImageSource Inc.
2023 NOV 20 (NewsRx) -- By a
The patent’s inventors are
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “Data security is extremely important to prevent the disclosure of sensitive information, which can result in theft and fraud. As more and more documents are generated and stored electronically, data breaches are of big concern to companies and organizations storing the documents, as well as the individuals identified by the documents.
“Organizations that maintain documents with sensitive data must ensure that the information remains safe and inaccessible to prevent liability for unauthorized release of the information. For example, the Health Insurance Portability and Accountability Act provides guidelines for maintaining personally identifiable information in health care industries, while the Payment Card Industry Data Security Standard provides a standard for the handling of credit card information. Failure to follow such guidelines can result in legal liability.
“Often times, sensitive documents must be provided to a third party, such as during the discovery phase of a pending litigation or during an investigation by an insurance company. To comply with established guidelines, sensitive data must be redacted prior to providing the documents to the third party. Additionally, many government agencies and private organizations require a fine-grained audit trail of the redactions to accompany the redacted documents.
“Currently, redactions commonly occur manually or via a computer using search terms. However, the conventional methods for redaction fail to provide reliability assurance of the redaction, as well as maintain an audit trail of the redaction to identify who made the redaction, as well as when and why the redaction was made. Although audit trails may be manually constructed during or after the redaction, such a task requires large amounts of time and is usually incapable of conforming to the requirements of the government agencies and organizations.
“Accordingly, there is a need for quick and accurate redactions of sensitive data in a large number of documents. Preferably, a redaction approval process is performed to ensure the accuracy of the redactions, while complying with audit requirements issued by government agencies and organizations.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “Documents that include sensitive data need to be protected to prevent disclosure of such information to unauthorized people to prevent identity theft, unauthorized use of credit cards, loss of money, and many other issues. The data can be secured through security features associated with the database or computer system which stores the data. Transmitting sensitive data from one source to another, while ensuring security can be difficult and can increase processing load, while decreasing processing speed of the computer system. Accordingly, redacting data prior to transmission of the sensitive data can increase security and processing speed of a computing device transmitting the data when the data is transformed to a particular format.
“Redacting computer media, such as documents, containing sensitive data prior to providing the documents to a third party can prevent disclosure of the sensitive data to unauthorized individuals. Upon receiving a request for disclosure, such as a disclosure of documents with sensitive data, the documents are collected from one or more sources and converted to a common format. The collected documents are processed by identifying text, video media, or audio media specified by one or more of a search query, category, or redaction formula and the sensitive data of the documents or audio media transcripts is highlighted with a semi-opaque indicator as text for redaction. With respect to the video media, segments of the video data with sensitive data can be pixelated, while segments of audio data with sensitive information can be muted. A review of all highlighted or obfuscated text, video or audio is performed and once approved, the obfuscated sensitive data is finalized. For example, with respect to documents, the semi-opaque indicator is replaced with a fully opaque indicator. Meanwhile, data regarding the redactions is collected, including date, time, reasons for redaction, and reviewer, and used to generate an audit report that is associated with documents associated with the request for information. The report provides activities performed on every document reviewed as part of the disclosure request.
“An embodiment provides a computer-implemented system and method for facilitating document information security. A request for documents is received and documents of different formats that satisfy the request are obtained from one or more sources. Source information is extracted from each obtained document. Each obtained document is converted to a common format and the source information is embedded within the common format for that document. At least a portion of text having sensitive data is identified within one or more of the obtained documents. The sensitive data is redacted by highlighting the text portion with a semi-transparent indicator. The highlighted text portion is obfuscated upon approval of the redacted sensitive data by changing the semi-transparent indicator to an opaque indicator. The redaction information is overlayed on the opaque indicator and the obtained documents are provided in response to the request.
“Still other embodiments will become readily apparent to those skilled in the art from the following detailed description, wherein are described embodiments of the invention by way of illustrating the best mode contemplated for carrying out the invention. As will be realized, the invention is capable of other and different embodiments and its several details are capable of modifications in various obvious respects, all without departing from the spirit and the scope of the present invention. Accordingly, the drawings and detailed description are to be regarded as illustrative in nature and not as restrictive.”
The claims supplied by the inventors are:
“1. A computer-implemented system for facilitating document information security, comprising: a database to maintain documents; and a server comprising a central processing unit, memory, an input port to receive one or more of the documents from the database, and an output port, wherein the central processing unit is configured to perform the following steps: obtaining documents that satisfy the request from one or more sources, wherein the documents comprise different formats; extracting source information from each obtained document; converting each obtained document to a common format and embedding the source information with the common format for that document; identifying within at least one of the obtained documents, one or more portions of text comprising sensitive data; redacting the sensitive data by highlighting the text portions with a semi-transparent indicator; determining approval of the redacted sensitive information for complete redaction; obfuscating the highlighted text portions upon the approval of the redacted sensitive data, comprising: changing the semi-transparent indicator of only the highlighted text portions to an opaque indicator; and overlaying redaction information on the opaque indicator; and providing the obtained documents in response to the request.
“2. The computer-implemented system according to claim 1, wherein the central processing unit collects the obtained documents, comprising: transmitting solicitation emails to one or more individuals comprising the request for documents; receiving from at least one of the individuals at least one document that satisfies the request.
“3. The computer-implemented system according to claim 2, wherein the documents from each individual can be provided via one of attachment to an electronic form, attached to the solicitations email for that individual, and uploaded to a shared folder.
“4. The computer-implemented system according to claim 1, wherein the central processing unit color-codes the semi-opaque indicator based on a status of the redacted sensitive data.
“5. The computer-implemented system according to claim 1, wherein the redaction information comprises one or more of an operator that generated the redaction of the sensitive data, an operator that modified the redaction of the sensitive data, dates of any changes to the sensitive data redaction, and a status of each change to the sensitive data redaction.
“6. The computer-implemented system according to claim 1, wherein the central processing unit collects document information for each document comprising whether the document includes one or more sensitive data redactions, how many redactions of sensitive data are included in the document, a number of pages in the document with redactions of sensitive data, a list of redaction codes associated with the sensitive data redactions in the document, and a list of all operators that have modified one or 8 more of the sensitive data redactions.
“7. The computer-implemented system according to claim 1, wherein the central processing unit generates an audit report for the obtained documents and provides the audit report with the obtained documents.
“8. The computer-implemented system according to claim 7, wherein the audit report comprises information collected for the obtained documents, including an identity of the document requestor, a summary of the obtained documents, a summary of emails soliciting the obtained documents, changes made to the obtained documents, and details regarding delivery of the obtained documents.
“9. The computer-implemented system according to claim 1, wherein the central processing unit maintains each of the obtained documents in a queue depending on a status of that obtained document.
“10. A computer-implemented method for facilitating document information security, comprising: receiving a request for documents; obtaining documents that satisfy the request from one or more sources, wherein the documents comprise different formats; extracting source information from each obtained document; converting each obtained document to a common format and embedding the source information with the common format for that document; identifying within at least one of the obtained documents, one or more portions of text comprising sensitive data; redacting the sensitive data by highlighting the text portions with a semi-transparent indicator; determining approval of the redacted sensitive data for complete redaction; obfuscating the highlighted text portions upon the approval of the redacted sensitive data, comprising: changing the semi-transparent indicator of only the highlighted text portions to an opaque indicator; and overlaying redaction information on the opaque indicator; and providing the obtained documents in response to the request.
“11. The computer-implemented method according to claim 10, further comprising: collecting the obtained documents, comprising: transmitting solicitation emails to one or more individuals comprising the request for documents; receiving from at least one of the individuals at least one document that satisfies the request.
“12. The computer-implemented method according to claim 11, wherein the documents from each individual can be provided via one of attachment to an electronic form, attached to the solicitations email for that individual, and uploaded to a shared folder.
“13. The computer-implemented method according to claim 10, further comprising: color-coding the semi-opaque indicator based on a status of the redacted sensitive data.
“14. The computer-implemented method according to claim 10, wherein the redaction information comprises one or more of an operator that generated the redaction of the sensitive data, an operator that modified the redaction of the sensitive data, dates of any changes to the sensitive data redaction, and a status of each change to the sensitive data redaction.
“15. The computer-implemented method according to claim 10, further comprising: collecting document information for each document comprising whether 4 the document includes one or more sensitive data redactions, how many redactions of sensitive data are included in the document, a number of pages in the document with redactions of sensitive data, a list of redaction codes associated with the sensitive data redactions in the document, and a list of all operators that have modified one or more of the sensitive data redactions.
“16. The computer-implemented method according to claim 10, further comprising: generating an audit report for the obtained documents; and providing the audit report with the obtained documents.
“17. The computer-implemented method according to claim 10, wherein the audit report comprises information collected for the obtained documents, including an identity of the document requestor, a summary of the obtained documents, a summary of emails soliciting the obtained documents, changes made to the obtained documents, and details regarding delivery of the obtained documents.
“18. The computer-implemented method according to claim 10, further comprising: maintaining each of the obtained documents in a queue depending on a status of that obtained document.
“19. The computer-implemented system according to claim 1, wherein obtained document comprising the text portions with the semi-transparent indicator are displayed via a user interface comprising at least one of a 4 search filter and redaction status values of the text portions.”
For the URL and additional information on this patent, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
London School of Hygiene and Tropical Medicine Reports Findings in Immunization (Resilience in childhood vaccination: analysing delivery system responses to shocks in Lebanon): Public Health – Immunization
Patent Issued for System for improving data security when redeeming data (USPTO 11803622): The Prudential Insurance Company of America
Advisor News
- Wealth management: why some insurance companies are opting out of a lucrative opportunity
- Middle-income households exceeding retirement savings expectations
- How SECURE impacts inherited IRA beneficiaries
- 62% of workers face serious financial anxieties
- Nearly half of retirees lack a structured decumulation strategy
More Advisor NewsAnnuity News
Health/Employee Benefits News
- How to find the best small business health insurance
- 9 states, including Virginia, poised to end coverage for millions if Trump cuts Medicaid funding
- We're at mercy of the health insurance industry
- Hospital Payment Caps Could Save Millions Of Dollars For State Employee Health Plans
- Kobach victory gets 147,000 people denied health care coverage | Opinion
More Health/Employee Benefits NewsLife Insurance News