1. Field of the Invention
The present invention generally relates to methods, systems and program products for classifying and storing a data handling method, and for associating a data handling method with a data item. By storing data handling methods according to the present invention, consistent security of associated data items is maintained.
2. Background Art
As computer technology continues to improve, the capability to efficiently disseminate data grows. Specifically, today, not only can data be shared within an organization over an internal network (e.g., a LAN, a WAN, a VPN, etc.), but it can also be shared with outside organizations over a public network (e.g., the Internet). With such capabilities, it is essential that data be handled in a consistent and secure manner. In providing proper data security, many organizations adopt a scale of data classifications. For example, an organization might classify data as either “public,” “confidential,” “secret,” or “top secret.” Each one of these classifications could have different data handling requirements. For example, data classified as “public” could be permitted to be left open on desks, taken out of the office building, etc. Conversely, data classified as “top secret” might have to be kept in locked cabinets, and made accessible only to specific personnel. In classifying data, many variations are possible. For example, an entire document could be classified under one classification. Alternatively individual data items (e.g., name, address, social security number, etc.) could be given their own classifications.
Problems arise, however, when organizations fail to specifically enumerate the handling requirements for each data classification. This is especially problematic in that a given classification could mean something different to two different individuals. For example, individual “A” might believe that he/she is permitted to take “top secret” data home at night, while individual “B” might believe the same data must remain in the office building. Discrepancies such as this occur not only within a single organization, but between different organizations as well. Moreover, even if an organization specifically enumerates the handling requirements for each classification, the organization must rely on the individuals to either: (1) remember the different classifications and their corresponding handling requirements; or (2) take the initiative to manually consult the appropriate manuals to look up the handling requirements. In addition, since there is no “universal standard” of data handling requirements, different organizations could have different handling requirements for the same data classifications. Such discrepancies are frequently the cause of dangerous lapses in data security.
In view of the foregoing, there exists a need for methods, systems and program products for classifying and storing a data handling method, and for associating a data handling method with a data item. Specifically, a need exists for a data handling method to be stored within a multidimensional data structure according to responses to a plurality of questions. A further need exists for a data item to be associated with the data handling method based on coordinate values that correspond to the address in a multidimensional structure where the data handling method is stored. Still yet, a need exists for the data item to be transmitted with the coordinate values of its associated data handling method so that adherence to the data handling method is ensured.