There are currently a variety of different sources of policies and regulations that govern the dissemination of personal information. In fact, there are even a variety of different sources of governmental regulations that govern the dissemination of personal information. Some of these regulations include SOX, HIPPA, and GLBA. Organizations that deal with certain types of information are required to be in compliance with all of these regulations.
Another source of data dissemination policies can come from an organization itself. For instance, organizations often have internal policies that govern how certain types of information can be disseminated. By way of example, some organizations have policies governing the dissemination of intellectual property content, to ensure that it does not leak out of the company. Some organizations also have policies that govern the use of inappropriate language by employees in various forms of communications, such as electronic mail communications, instant messaging communications, chats, etc.
Often, the content that is subject to these regulations and policies is operated on by information workers that have specific business needs and are operating under time constraints. These information workers may have a handbook that contains a large volume of regulations or policies (both internal and external), and the worker is expected to know and comply with all of them.
Current attempts to enforce data dissemination policies or regulations (collectively referred to as data dissemination policies) is quite cumbersome and can interfere with the information worker's daily tasks. For instance, some organizations attempt to enforce both internal and external data dissemination policies on information workers through different mechanisms. Some current systems enforce these polices in electronic mail traffic by making an estimate of whether an electronic mail message has sensitive data in it, and then blocking or moderating that data. In one specific example, when an information worker composes an email, with sensitive content, to multiple recipients, the information worker is presented with a dialog requiring the information worker to ensure that each recipient has authorization to access the sensitive content. This is a fairly cumbersome process and usually reduces productivity, while its impact on ensuring compliance with data dissemination policies is relatively small. These and other types of measures often impede the business that can be conducted by an information worker, causing the information worker to become annoyed with such policies and attempt to work around them in order to complete the business transactions they are attempting to perform.
The discussion above is merely provided for general background information and is not intended to be used as an aid in determining the scope of the claimed subject matter.