| CPC G06F 21/6245 (2013.01) | 20 Claims |
|
1. A computing system for tracking data protection compliance of a plurality of entities using personally identifying information (“PII”), the computing system comprising a server in communication with a user computing device associated with a user and a requesting entity computing device associated with a requesting entity, the server comprising:
a memory device for storing data, wherein the memory device includes a user profile associated with the user; and
at least one processor communicatively coupled to the memory device, the at least one processor configured to:
receive, from the requesting entity computing device, a PII consent request for access to a requested PII set of the user, the PII consent request identifying a reason code associated with the requested PII set;
determine, based on the PII consent request, at least one PII item associated with the reason code;
transmit, to the requesting entity, a notification indicating user consent for the requesting entity to retrieve the at least one PII item from a third-party PII storage entity;
update, in the memory device, the user profile to track the requesting entity with the at least one PII item;
receive, from the user computing device, a PII removal request indicating that the user revokes the user consent previously provided to the requesting entity;
transmit, to the requesting entity, a removal notification including (i) the revoked user consent, (ii) an identification of the at least one PII item to be removed;
monitor the requesting entity to determine a duration of time the requesting entity spent implementing the removal notification;
receive, from the requesting entity, a removal compliance response in response to the removal notification, the removal compliance response indicating that the at least one PII item has been removed; and
generate a consent recommendation associated with the requesting entity based on the monitoring.
|