Patent Issued for Systems And Methods For Regional Data Storage And Data Anonymization (USPTO 10,778,648)
2020 SEP 28 (NewsRx) -- By a
The patent’s assignee for patent number 10,778,648 is
News editors obtained the following quote from the background information supplied by the inventors: “Field of the Invention
“Embodiments of the present invention relate generally to systems and methods for regional data storage and data anonymization. More specifically, the present invention relates to systems and methods for anonymizing stored end user data and ensuring end user data is transmitted and stored on systems pinned to a designated geo-location (i.e., geo-pinning).
“Description of the Related Art
“End users of mobile applications and online services have to rely on and trust service providers with respect to the end user data they provide. The service providers, in turn, require that the end users provide a lot of personally identifying information (PII) in order to be able to serve the end users properly, and possibly for other reasons. However, the personally identifying information of end users can easily be misused, consciously or unconsciously, but still very little is done to protect the privacy rights of the end users.
“Privacy concerns exist wherever personally identifiable information or other sensitive information is collected, stored, used, and finally destroyed or deleted, in digital form or otherwise. Recently, end users, individual countries, and regions (e.g., the EU), have demanded more be done to protect end user data and to contain/store/transmit the data out of the reach of countries/regions whose governmental agencies may access it. In addition, there is a strong demand from service providers who have compliance regulations (e.g., the EU General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA) regulations, and the like) that they have to meet with respect to privacy of end user data and storage, transmission, and access of end user data that needs to be geo-located/pinned within specific region/country.
“Accordingly, there exists a need in the art for anonymizing stored end user data and ensuring end user data is transmitted and stored on systems pinned to a designated geo-location (i.e., geo-pinning).”
As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “Systems and methods for data localization and anonymization are provided herein. In some embodiments, systems and methods for data localization and anonymization may include receiving a communication request to send a message or establish a call between a first service provider and an end user device associated with an end user, determining that the communication request is associated with a requirement for securing personally identifiable information (PII) of the end user, and processing the communication request based on the requirement for securing the PII of the end user, wherein the requirement includes at least one of (A) localization of the communication request processing or (B) anonymization of any data records associated with the communication request that includes the PII of end user.
“Other and further embodiments of the present invention are described below.”
The claims supplied by the inventors are:
“What is claimed is:
“1. A method for securing end user information, comprising: receiving a communication request to send a message or establish a call between a first telephony service provider and an end user device associated with an end user, or between two or more end user devices; in response to receiving the communication request, determining that the communication request is associated with a requirement for securing personally identifiable information (PII) of the end user, wherein the PII is stored in one of a plurality of data centers, wherein the plurality of data centers is grouped by region based on their locations, and wherein the grouping of the data centers is one of physical geo-location or a logical grouping based on policies implemented by the data centers; and processing the communication request based on the requirement for securing the PII of the end user, wherein the requirement includes at least one of (A) localization of the communication request processing allowing the end user to access data centers only within their region or (B) anonymization of any data records associated with the communication request that includes the PII of end user, wherein an anonymization requirement determines how and where PII is transmitted and stored.
“2. The method of claim 1, wherein the communication request is processed based on a localization requirement, and wherein localization includes processing and transmitting the communication request on one or more servers chosen based on geographic location.
“3. The method of claim 2, wherein the one or more servers are all geo-located within a same geographic region.
“4. The method of claim 3, wherein the localization requirement further restricts storage of the PII of the end user to the same geographic region as the one or more servers.
“5. The method of claim 2, wherein the communication request is an Application Programming Interface (API) call and the localization requirement for securing the PII of the end user is provided as a parameter in the API call.
“6. The method of claim 5, wherein the parameter in the API call is one of a flag specifying the localization requirement or an explicit choice of a geographic region the communication request should be processed in.
“7. The method of claim 2, wherein the determination that the communication request is associated with a localization requirement is based on information stored in association with the first telephony service provider.
“8. The method of claim 1, wherein the communication request is processed based on an anonymization requirement, and wherein anonymization includes removal of the PII of the end user associated with the communication request.
“9. The method of claim 8, wherein the PII of the end user includes at least one of a first or last name of the end user, a phone number, an email address, a workplace name, or a home address, or a workplace address.
“10. The method of claim 8, wherein removal of the PII of the end user associated with the communication request is performed after a predetermined time period.
“11. The method of claim 8, wherein removal of the PII of the end user associated with the communication request is performed directly after the processing of the communication request.
“12. The method of claim 8, wherein the communication request is an Application Programming Interface (API) call and the anonymization requirement for securing the PII of the end user is provided as a parameter in the API call.
“13. The method of claim 12, wherein the parameter in the API call is one of a flag specifying the anonymization requirement or an explicit choice of governmental agency requirement.
“14. The method of claim 8, wherein the determination that the communication request is associated with an anonymization requirement is based on information stored in association with the first telephony service provider.
“15. The method of claim 8, wherein the anonymized data records associated with the communication request are stored in a global central data warehouse that is not located in the same geographic region as the servers that process the communication request.
“16. The method of claim 1, wherein the communication request is processed based on both a localization requirement and an anonymization requirement, wherein localization includes processing and transmitting the communication request on one or more servers chosen based on geographic location, and wherein anonymization includes removal of the PII of the end user associated with the communication request.
“17. The method of claim 16, wherein the localization requirement only restricts storage of data records including non-anonymized PII of the end user to the same geographic region as the one or more servers that process and transmit the communication request.
“18. The method of claim 1, wherein all PII of the end user is encrypted prior to storage.
“19. A regional data center for securing end user information, comprising: at least one application server comprising: a) at least one processor; b) at least one input device; and c) at least one storage device storing processor executable instructions of a plurality of applications wherein each of application includes an application program interface and which, when executed by the at least one processor, perform a method to: receive communications requests to send a message or establish a call between a first telephony service provider and an end user device associated with an end user, or between two or more end user devices, in response to receiving the communication request, geo-pin data and communications associated with the communication requests and the message or call when the communication requests meet localization requirements of the at least one application server and denying the communication requests when the localization requirements are not met, wherein each application is configured to generate call data records (CDRs) or log files associated with the message or call; and receive CDRs or log files generated and anonymize any personally identifying information (PII) included in the CDRs or log files.
“20. The regional data center of claim 19, wherein the performed method further includes processing and transmitting the communication request on one or more servers chosen based on geographic location, and wherein the PII of the end user associated with the communication request is removed.”
For additional information on this patent, see: Norman, Mark; Lescelliere-Dumilly, Fabien; Nadalin, Eric. Systems And Methods For Regional Data Storage And Data Anonymization.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Sonoma County fire survivors embrace roles as guides and counselors to latest wave of disaster victims
Changes in Flood Hazard Determinations
Advisor News
- Alternative investments in 401(k)s: What advisors must know
- The modern advisor: Merging income, insurance, and investments
- Financial shocks, caregiving gaps and inflation pressures persist
- Americans unprepared for increased longevity
- More investors will seek comprehensive financial planning
More Advisor NewsAnnuity News
- Lack of digital tools drives wedge between insurers, advisors
- LIMRA: Annuity sales notch 10th consecutive $100B+ quarter
- AIG to sell remaining shares in Corebridge Financial
- Corebridge Financial, Equitable Holdings post Q1 earnings as merger looms
- AM Best Assigns Credit Ratings to Calix Re Limited
More Annuity NewsHealth/Employee Benefits News
- Arizona's Medicaid, AHCCCS, undergoes huge changes
- Rob Schofield: NC’s new Medicaid ‘compromise’ comes at a cost
- We have to stop this with our votes | RODNEY WALKER
- MCCLELLAN INTRODUCES BILL TO HELP VIRGINIANS KEEP THEIR MEDICAID COVERAGE
- The Spine of Justice Roberts
More Health/Employee Benefits NewsLife Insurance News
- Lack of digital tools drives wedge between insurers, advisors
- Living benefits: A better way to position life insurance
- Best’s Market Segment Report: AM Best Maintains Stable Outlook on Italy’s Non-Life Insurance Segment
- 2025 Insurance Abstracts
- AM Best Assigns Credit Ratings to Tokio Marine Newa Insurance Co., Ltd.
More Life Insurance News