| CPC G06F 21/6218 (2013.01) | 20 Claims |
|
1. A data management system, comprising:
one or more first processors communicatively coupled to a first storage device operating on a first computing device in a first jurisdiction, wherein the one or more first processors execute application code instructions that are stored in the first storage device to:
transmit data from the first computing device in the first jurisdiction to a second computing device in a second jurisdiction, the data comprising data fields with a first data field classified as a sensitive data field having sensitive data and a second data field classified as a non-sensitive data field having non-sensitive data, the sensitive data field being tokenized by the first computing device according to a first tokenization protocol before transfer;
transmit detokenization controls to the second jurisdiction, the detokenization controls comprising conditions under which the second computing device may detokenize tokenized data;
cause storage of the tokenized data on the second computing device in the second jurisdiction, wherein the second computing device is unable to access the data without satisfying the conditions;
receive an indication that the second data field has been reclassified into a second sensitive data field;
responsive to the indication that the second data field has been reclassified into the second sensitive data field, cause tokenization of the data in the second data field at the first computing device using a second tokenization protocol, wherein the tokenization generates new tokenized data for the second data field and renders the new tokenized data inaccessible to the second computing device until the tokenized data is retokenized; and
propagate the new tokenized data to the second computing device in the second jurisdiction.
|