| CPC G06F 21/6245 (2013.01) [G06F 21/31 (2013.01); G06F 21/78 (2013.01); G06N 5/025 (2013.01); G06N 5/04 (2013.01); G06F 2221/2141 (2013.01)] | 20 Claims |
|
1. A system, comprising:
a processor that executes computer-executable components stored in a memory, the computer-executable components comprising:
a secure data store that stores information relating to items of data associated with users that are stored in a set of data stores, wherein the information is generated based on scanning the items of data in the set of data stores;
a classifier component that:
analyzes the items of data;
determines, for each of the items of data, a data type; and
assigns the respective data type for the items of data;
a rights management component that, determines, based on a set of rules, a set of rights of users with regard to a first subset of the items of data and a second subset of the information that are related to the users, wherein the set of rules is determined based on a set of obligations, the set of obligations being associated with the data type of each item of data in the set of data stores and related to data privacy and security; and
a governance component that:
monitors trend information relating to data of users that is accessed by an entity;
determines a quantity of users engaging in an activity, the activity subject to the set of rights of users;
compares the quantity of users to a defined threshold value for the activity, the threshold value defined based on the set of rights;
in response to the quantity of users exceeding the defined threshold value, determines, based on an analysis of the trend information, that the trend information comprises a trend spike for the activity indicative of an anomaly representing a potential violation of the set of rules; and
facilitates remediation of the anomaly at least by notifying the entity of the anomaly;
wherein the first subset of the items of data comprises an item of data of a user, wherein the rights management component receives, from a communication device of the user, a request to modify the item of data to due to inaccuracy of the item of data, and, upon authentication of the user and grant, by the rights management component, of a permission right to modify the item of data, initiates processing of the request to modify the item of data;
wherein the user is a first user, wherein the set of data stores is associated with an entity, wherein the set of rules comprises a rule that specifies the request to modify is to be processed and completed within a defined amount of time, wherein the rule corresponds to an obligation of the set of obligations, wherein the computer-executable components further comprise a notification component that generates notification messages, and
wherein, in response to a determination that the request to modify has not been processed and completed within the defined amount of time based on the rule, the notification component communicates a notification message to a device of a second user associated with the entity to notify the second user that the request to modify has not been processed and completed within the defined amount of time in violation of the rule and the obligation.
|