The present invention relates to the field of storing and processing documents containing restricted information. Specifically, the present invention relates to the field of protecting restricted information in a document, while storing or processing the document at a minimally secure location.
Many organizations in European Union (EU) countries and the US have started outsourcing their data-storage, processing and entry operations to other organizations, which may be located in the EU and the US or at offshore locations such as India, China, Russia and Brazil.
Outsourcing operations relating to data processing and data entry may involve the transfer of documents containing restricted information. Restricted information is defined as information that cannot be disclosed to an unauthorized organization or to an unauthorized individual. Restrictions on the disclosure of restricted information may be based on customer-specific, contract-specific or regulation-specific requirements, or in accordance with industry best practices, for example.
Restricted information includes personally identifiable information that can be used to identify an individual. Personally identifiable information is protected by various Federal and European privacy regulations, which prohibit the transfer of personal information to a foreign country. Due to these regulations, documents containing restricted information relating to an individual cannot be transferred out of the country. Hence, many organizations cannot outsource the storage or data-processing operations of documents containing restricted information. Examples of personally identifiable information include, but are not limited to, names, phone numbers, e-mail addresses, Social Security Numbers (SSNs), driving license numbers, ethnicity, religion, and combinations thereof. Restricted information may also include information such as Internet Protocol (IP) addresses that may be used to locate individuals.
Other examples of restricted information include the financial data of companies, business transaction records, medical records of individuals, and so forth. The disclosure of such restricted information may result in financial or commercial loss to a company and loss of competitive advantage.
A document may include several data fields that may individually or collectively correspond to restricted information. For instance, data fields such as a SSN or a phone number, a credit card number, and so forth, individually correspond to the restricted information. Therefore, such data fields cannot be individually disclosed to a minimally secure entity.
Further, data fields such as the name and address of an individual collectively correspond to restricted information. Therefore, such data fields cannot be collectively disclosed to a minimally secure entity. However, they can be individually disclosed to the minimally secure entity.
The minimally secure entity may be an organization or one or more individuals in an organization, who are not allowed access to the restricted information.
Various methods are available for processing documents containing restricted information. These methods are based on disguise and encryption of data fields corresponding to restricted information in documents. Disguise operations can be implemented to protect mathematical and computational data in documents. However, they cannot be widely or commonly used to protect textual data in the documents. Encryption can be used to protect textual as well as mathematical and computational data in documents. Encrypted documents can be transferred to different locations for data-processing operations. However, these documents have to be decrypted before they can be processed. A minimally secure entity, performing data processing operations has access to the decryption code(s) for decrypting encrypted documents. Therefore, methods based on encryption do not allow the transfer of documents containing restricted information to a minimally secure entity that cannot be trusted with restricted information. In addition, the methods do not provide protection for restricted information in a situation wherein the encryption fails during the transfer of documents, or in a situation wherein the minimally secure entity's infrastructure is hacked by a malicious third party.
Therefore, there is a need for approaches which allow storage and processing of maximum content in documents containing restricted information, with a minimal security risk involved during the processing of the documents. Further, there is a need for approaches to protect the restricted information from a minimally secure entity that cannot be trusted with it. There is also a need for approaches that are effective in protecting the restricted information, even if the minimally secure entity's infrastructure is hacked by a malicious third party. In addition, there is a need for approaches that can be used to incorporate and automatically enforce the information sharing restrictions on documents containing restricted information.