[go: up one dir, main page]

CN114840727A - Data compliance management method and device - Google Patents

Data compliance management method and device Download PDF

Info

Publication number
CN114840727A
CN114840727A CN202210585637.6A CN202210585637A CN114840727A CN 114840727 A CN114840727 A CN 114840727A CN 202210585637 A CN202210585637 A CN 202210585637A CN 114840727 A CN114840727 A CN 114840727A
Authority
CN
China
Prior art keywords
management
template
data
user
compliance
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210585637.6A
Other languages
Chinese (zh)
Inventor
何晶晶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shuanxin Beijing Technology Co ltd
Original Assignee
Shuanxin Beijing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shuanxin Beijing Technology Co ltd filed Critical Shuanxin Beijing Technology Co ltd
Priority to CN202210585637.6A priority Critical patent/CN114840727A/en
Publication of CN114840727A publication Critical patent/CN114840727A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Medical Informatics (AREA)
  • Data Mining & Analysis (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computational Linguistics (AREA)
  • Computer Hardware Design (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本申请提供一种数据合规管理方法,其特征在于,包括:根据不同的用户属性预制多个管理模板;获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项;其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。本申请通过根据相关规定预先制作管理模板,可以在进行隐私授权方面进行有效的风险管理,避免违规发生。

Figure 202210585637

The present application provides a data compliance management method, which is characterized by comprising: prefabricating multiple management templates according to different user attributes; The management template is based on the management template, and a business process item is generated through the management template; wherein, the business process item includes a plurality of business nodes, and the business node has preset judgment conditions. When the data input by the user conforms to the preset judgment condition, the processing information corresponding to the data is recorded. In this application, by pre-producing management templates according to relevant regulations, effective risk management can be carried out in the aspect of privacy authorization and the occurrence of violations can be avoided.

Figure 202210585637

Description

一种数据合规管理方法及装置A data compliance management method and device

技术领域technical field

本申请涉及一种数据合规检测技术,尤其涉及一种数据合规管理方法。本申请还提供一种数据合规管理装置。The present application relates to a data compliance detection technology, in particular to a data compliance management method. The present application also provides a data compliance management device.

背景技术Background technique

数据合规是指,在一些商业或者社会活动中,如果用户的行为不够规范,则由所述活动产生的数据可以完整的体现出来,因此通过数据合规审查即可进行合规甄别。Data compliance means that in some commercial or social activities, if the user's behavior is not standardized, the data generated by the activity can be fully reflected, so compliance screening can be conducted through data compliance review.

在企业活动中,由于法律法规等因素的限制,其商业活动需要的个人隐私数据需要客户授权,以规避不合规的行为,因此进行数据合规的分析,寻找风险点以解决不合规的活动尤其重要。当前,数据合规审核是通过人工的方式进行消耗大量人力物力,并且在使用过程中容易侵犯客户的信息隐私,导致风险的产生。In corporate activities, due to the limitations of laws and regulations and other factors, the personal privacy data required by its business activities requires customer authorization to avoid non-compliant behaviors. Therefore, data compliance analysis is performed to find risk points to solve non-compliant behaviors. Activities are especially important. At present, data compliance auditing is performed manually, which consumes a lot of manpower and material resources, and it is easy to infringe on the privacy of customers' information during the use process, resulting in risks.

发明内容SUMMARY OF THE INVENTION

为解决现有技术中客户信息使用过程中可能发生的风险问题,本申请提供一种数据合规管理方法。本申请还提供一种数据合规管理装置。In order to solve the risk problem that may occur during the use of customer information in the prior art, the present application provides a data compliance management method. The present application also provides a data compliance management device.

本申请提供一种数据合规管理方法,其特征在于,包括:The present application provides a data compliance management method, which is characterized by comprising:

根据不同的用户属性预制多个管理模板对应于每个类型的用户属性的;Pre-made multiple management templates corresponding to each type of user attribute according to different user attributes;

获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项,包括关联出所述管理模板对应的每一类数据管理项,从每一个类别中选择一个数据管理项生成管理模板;Obtain user information, retrieve the corresponding management template from the template library according to the user attributes in the user information, and generate business process items through the management template, including associating each type of data corresponding to the management template Management item, select a data management item from each category to generate a management template;

其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。The business process item includes a plurality of business nodes, and the business nodes have preset judgment conditions. When the data input by the user meets the preset judgment conditions, processing information corresponding to the data is recorded.

可选的,所述根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,包括:Optionally, retrieving a corresponding management template from the template library according to the user attribute in the user information includes:

调取预训练的AI模型;Retrieve the pre-trained AI model;

在所述AI模型中输入用户信息,通过所述AI模型的计算获取对应的管理模板。Enter user information in the AI model, and obtain a corresponding management template through the calculation of the AI model.

可选的,所述预设判断条件包括:合规规则,当所述处理信息被记录后,通过所述合规规则对所述处理信息进行合规审核。Optionally, the preset judgment condition includes: a compliance rule, and after the processing information is recorded, the processing information is subject to compliance review through the compliance rule.

可选的,所述合规规则是根据确定的多种规章制度设置的。Optionally, the compliance rules are set according to multiple determined rules and regulations.

可选的,所述管理模板存储在模板库中。Optionally, the management template is stored in a template library.

本申请还提供一种数据合规管理装置,包括:The application also provides a data compliance management device, including:

模板模块,用于根据不同的用户属性预制多个管理模板对应于每个类型的用户属性的;The template module is used to prefabricate multiple management templates corresponding to each type of user attributes according to different user attributes;

调取模块,用于获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项,包括关联出所述管理模板对应的每一类数据管理项,从每一个类别中选择一个数据管理项生成管理模板;A retrieval module, configured to acquire user information, retrieve a corresponding management template from the template library according to the user attribute in the user information, and generate a business process item through the management template, including associating the management template For each type of data management item, select a data management item from each category to generate a management template;

其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。The business process item includes a plurality of business nodes, and the business nodes have preset judgment conditions. When the data input by the user meets the preset judgment conditions, processing information corresponding to the data is recorded.

可选的,所述根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,包括:Optionally, retrieving a corresponding management template from the template library according to the user attribute in the user information includes:

调取预训练的AI模型;Retrieve the pre-trained AI model;

在所述AI模型中输入用户信息,通过所述AI模型的计算获取对应的管理模板。Enter user information in the AI model, and obtain a corresponding management template through the calculation of the AI model.

可选的,所述预设判断条件包括:合规规则,当所述处理信息被记录后,通过所述合规规则对所述处理信息进行合规审核。Optionally, the preset judgment condition includes: a compliance rule, and after the processing information is recorded, the processing information is subject to compliance review through the compliance rule.

可选的,所述合规规则是根据确定的多种规章制度设置的。Optionally, the compliance rules are set according to multiple determined rules and regulations.

可选的,所述管理模板存储在模板库中。Optionally, the management template is stored in a template library.

本申请相对与现有技术的优点:The advantages of the present application relative to the prior art:

本申请提供一种数据合规管理方法,其特征在于,包括:根据不同的用户属性预制多个对应于每个类型的用户属性的管理模板;获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项,包括关联出所述管理模板对应的每一类数据管理项,从每一个类别中选择一个数据管理项生成管理模板;其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。本申请通过根据相关规定预先制作管理模板,可以在进行隐私授权方面进行有效的风险管理,避免违规发生。The present application provides a data compliance management method, which is characterized by comprising: pre-preparing a plurality of management templates corresponding to each type of user attributes according to different user attributes; acquiring user information, and according to the user attributes in the user information The corresponding management template is retrieved from the template library, and business process items are generated through the management template, including associating each type of data management item corresponding to the management template, and selecting a data management item from each category Generate a management template; wherein, the business process item includes a plurality of business nodes, and the business nodes have preset judgment conditions. When the data input by the user meets the preset judgment conditions, the processing information corresponding to the data is recorded. . In this application, by pre-producing management templates according to relevant regulations, effective risk management can be carried out in terms of privacy authorization, and violations can be avoided.

附图说明Description of drawings

图1是本申请中数据合规管理的流程图。FIG. 1 is a flowchart of data compliance management in this application.

图2是本申请中直接获取管理模板流程图。FIG. 2 is a flow chart of directly obtaining a management template in this application.

图3是本申请中数据合规管理装置的示意图。FIG. 3 is a schematic diagram of the data compliance management apparatus in the present application.

具体实施方式Detailed ways

在下面的描述中阐述了很多具体细节以便于充分理解本申请。但是本申请能够以很多不同于在此描述的其它方式来实施,本领域技术人员可以在不违背本申请内涵的情况下做类似推广,因此本申请不受下面公开的具体实施的限制。In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application. However, the present application can be implemented in many other ways different from those described herein, and those skilled in the art can make similar promotions without violating the connotation of the present application. Therefore, the present application is not limited by the specific implementation disclosed below.

本申请提供一种数据合规管理方法,其特征在于,包括:根据不同的用户属性预制多个对应于每个类型的用户属性的管理模板;获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项,包括关联出所述管理模板对应的每一类数据管理项,从每一个类别中选择一个数据管理项生成管理模板;其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。本申请通过根据相关规定预先制作管理模板,可以在进行隐私授权方面进行有效的风险管理,避免违规发生。The present application provides a data compliance management method, which is characterized by comprising: pre-preparing a plurality of management templates corresponding to each type of user attributes according to different user attributes; acquiring user information, and according to the user attributes in the user information The corresponding management template is retrieved from the template library, and business process items are generated through the management template, including associating each type of data management item corresponding to the management template, and selecting a data management item from each category Generate a management template; wherein, the business process item includes a plurality of business nodes, and the business nodes have preset judgment conditions. When the data input by the user meets the preset judgment conditions, the processing information corresponding to the data is recorded. . In this application, by pre-producing management templates according to relevant regulations, effective risk management can be carried out in terms of privacy authorization, and violations can be avoided.

图1是本申请中数据合规管理的流程图。FIG. 1 is a flowchart of data compliance management in this application.

请参照图1所示,S101根据不同的用户属性预制多个管理模板;Referring to Figure 1, S101 prefabricates multiple management templates according to different user attributes;

所述用户属性是指,用户的类型,商业活动方式等,例如用户的经营项目,需要获取的客户信息等。一种优选的方法是,根据《个人信息保护法》中列明的保护条目分别设置标签,然后将所述标签与用户需求数据进行关联后,以所述标签作为用户属性。The user attributes refer to the user's type, business activity mode, etc., such as the user's business items, customer information to be acquired, and the like. A preferred method is to set tags according to the protection items listed in the Personal Information Protection Law, and then use the tags as user attributes after associating the tags with user demand data.

本申请中所述用户是指服务客户的企业或者其他组织,所述用户需要通过分析客户的信息进行服务的提升和分析,以更好的提高服务。所述客户是指所述用户服务的个人。The user mentioned in this application refers to an enterprise or other organization that serves customers, and the user needs to improve and analyze the service by analyzing the information of the customer to better improve the service. The customer refers to the individual served by the user.

本申请所述技术方案是属于第三方的,在以下描述中,为简便起所述第三方统一的称为系统方。The technical solutions described in this application belong to a third party, and in the following description, the third party is collectively referred to as a system party for simplicity.

所述系统方首先根据数据合规的基础文件与用户属性建立多个管理模板,所述基础文件优选的可以是《个人信息保护法》。所述管理模板可以尽可能穷尽的对应于每个类型的用户属性,当然也可以根据用户属性进行个性化设置,在此,本领域技术人员可以根据实际情况进行选择,不再赘述。The system party first establishes a plurality of management templates according to the basic file of data compliance and user attributes, and the basic file may preferably be the "Personal Information Protection Law". The management template can correspond to each type of user attributes as exhaustively as possible, and of course can also be personalized according to the user attributes.

在建立了多个管理模板后,所述管理模板将存储到模板库中以供后续的调用。另外,当所述基础文件改变或者更新后,所述管理模板也相应的进行更新。After multiple management templates are established, the management templates will be stored in the template library for subsequent calls. In addition, when the basic file is changed or updated, the management template is also updated accordingly.

请参照图1所示,S102获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项;其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。Referring to FIG. 1, S102 obtains user information, retrieves a corresponding management template from the template library according to the user attribute in the user information, and generates a business process item through the management template; wherein, the business The process item includes a plurality of service nodes, and the service nodes have preset judgment conditions. When the data input by the user meets the preset judgment conditions, processing information corresponding to the data is recorded.

当用户需要使用时,首先输入自己的标记或者信息,根据所述标记或者信息可以提取出用户的属性信息。一种优选的方法是,用户输入自己的相关信息,系统方将根据所述相关信息自动提取其中的属性信息。另一种优选的方法是,用户只需要输入自己的标记,系统方已经存储有所述标记对应的属性数据,根据所述标记直接对应的获取用户的属性信息。还有一种优选的方式是直接根据用户信息获取管理模板。When the user needs to use it, he first inputs his own mark or information, and the attribute information of the user can be extracted according to the mark or information. A preferred method is that the user inputs his own related information, and the system automatically extracts the attribute information according to the related information. Another preferred method is that the user only needs to input his own mark, the system has already stored the attribute data corresponding to the mark, and directly correspondingly obtains the user's attribute information according to the mark. Another preferred way is to obtain the management template directly according to the user information.

图2是本申请中直接获取管理模板流程图。FIG. 2 is a flow chart of directly obtaining a management template in this application.

请参照图2所示,S201调取预训练的AI模型;Referring to Figure 2, S201 retrieves the pre-trained AI model;

所示AI模型是预训练的,其训练方法是,首先将所述AI模型存储到云端,当用户进行模板选择时,下载该AI模型,该AI模型获取该用户的数据信息和最终确定的模板,进行训练,并由用户进行最终的模板确定,根据所述用户确定的模板更新参数,将训练好的AI模型的参数上传到云端更新云端的AI模型,等待并重复下一个训练。本申请所述AI模型可以不断优化。The AI model shown is pre-trained. The training method is to first store the AI model in the cloud, download the AI model when the user selects a template, and obtain the user's data information and the finalized template. , perform training, and the user determines the final template, updates the parameters according to the template determined by the user, uploads the parameters of the trained AI model to the cloud to update the AI model in the cloud, and waits and repeats the next training. The AI model described in this application can be continuously optimized.

S202在所述AI模型中输入用户信息,通过所述AI模型的计算获取对应的管理模板。S202 Input user information in the AI model, and obtain a corresponding management template through the calculation of the AI model.

当获取到所述属性数据后,即可根据所述属性数据从所述模板库中调取对应的管理模板,然后根据所述管理模板生成业务流程项。After the attribute data is acquired, a corresponding management template can be retrieved from the template library according to the attribute data, and then a business process item can be generated according to the management template.

具体的,所述模板是提供了数据合规管理的类型和方式,其中的数据管理项需要用户自己进行设置。在本申请中,所述数据管理项构建为可拖拽的图形化模块,用户只需要进行模块的选择和拖拽即可完善所述管理模板。Specifically, the template provides the type and method of data compliance management, and the data management items in the template need to be set by the user. In the present application, the data management item is constructed as a draggable graphical module, and the user only needs to select and drag the module to complete the management template.

在本申请中,所述数据管理项是单独设置的,根据所述基础文件中的每一条作为一类,设置不同用户的数据管理项,其特点是根据用户使用场景的不同设置的不同管理项。In the present application, the data management items are set separately, and each item in the basic file is regarded as a category, and data management items for different users are set, which is characterized by different management items set according to different usage scenarios of users .

当选择好管理模板后,根据所述模板,会关联出所述管理模板对应的每一类数据管理项,然后用户从每一个类别中选择一个数据管理项,最终生成管理模板的完整版。After selecting the management template, each type of data management item corresponding to the management template is associated with the template, and then the user selects a data management item from each category, and finally generates a complete version of the management template.

最后,根据所述模板的数据管理项生成业务流程项,该业务流程项具有多个业务节点,分别对应每个数据管理项。具体的,每个所述业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。例如,当用户调取一个客户的信息时,对应的一个业务节点将判断该信息是否可被调用,若是则运行调用,并记录到日志中。Finally, a business process item is generated according to the data management item of the template, and the business process item has a plurality of business nodes corresponding to each data management item respectively. Specifically, each of the service nodes has preset judgment conditions, and when the data input by the user meets the preset judgment conditions, processing information corresponding to the data is recorded. For example, when a user retrieves a customer's information, a corresponding service node will determine whether the information can be invoked, and if so, run the invocation and record it in the log.

在本申请中,所述判断条件的设置可以通过计算机程序进行。一种优选的方法是,首先将数据合规的依据,即各种确定的法律法规进行裁剪,分为多个合规模块,例如:身份模块、信用模块、隐私模块,具体的,本领域技术人员可以根据实际情况进行拆分。在拆分完成后,为每个所述模型设置标签,所述标签是根据客户的数据信息中提取出来的。优选的,预先设置多个信息类别标签,将用户的信息中不同类别进行标签标记,获得带有标签的客户数据信息。In the present application, the setting of the judgment condition can be performed by a computer program. A preferred method is to first cut the basis for data compliance, that is, various determined laws and regulations, and divide it into multiple compliance modules, such as: identity module, credit module, and privacy module. Specifically, those skilled in the art Personnel can be divided according to the actual situation. After the split is completed, a label is set for each of the models, and the label is extracted according to the customer's data information. Preferably, a plurality of information category tags are preset, and different categories in the user's information are tagged with tags to obtain customer data information with tags.

另一方面,将所述标签对应的设置在每个法条中,这样就将每个法条设置为标签标记的法条,并且每个法条可以设置多个标签。接下来,制作标签对应表,即将全部标签进行组合,将组合后的每个标签组关联到对应的法条。On the other hand, the label is correspondingly set in each law, so that each law is set as the law marked by the label, and each law can be set with multiple labels. Next, make a label correspondence table, that is, combine all the labels, and associate each label group after the combination with the corresponding law.

当获取到客户的数据信息后,从所述数据信息中提取多个标签,生成查询标签组,通过该查询标签组从所述标签表中查询对应的法条,并提取所述法条,将所述法条的限制性描述作为判断条件。具体的,根据所述限制性描述建立数据集,判断所述用户对客户的数据信息进行操作的步骤是否在所述数据集中或数据集外,进而判断是否合规。After acquiring the customer's data information, extract a plurality of tags from the data information, generate a query tag group, query the corresponding law from the tag table through the query tag group, extract the law, and The restrictive description of the said statute serves as a judgment condition. Specifically, a data set is established according to the restrictive description, and it is judged whether the steps of the user operating on the customer's data information are in the data set or outside the data set, and then judge whether it is compliant.

优选的,所述预设判断条件包括:合规规则,用于定义所示客户的信息以及信息的处理是否违规。所述合规规则是根据确定的一种或者多种规章制度设置的。Preferably, the preset judgment conditions include: compliance rules, which are used to define whether the information of the displayed customer and whether the processing of the information violates the rules. The compliance rules are set according to the determined one or more rules and regulations.

所述合规规则通过包括正则表达式、数值范围、数值特征矩阵中的一种或多种方式进行描述。The compliance rules are described in one or more ways including regular expressions, numerical ranges, and numerical feature matrices.

当采用正则表达式或数值范围进行合规规则描述时,需要人工对正则表达式或数值范围根据确定的一种或者多种规章制度进行预定义,并存储至系统数据库中。When a regular expression or a numerical range is used to describe a compliance rule, the regular expression or numerical range needs to be manually predefined according to one or more determined rules and regulations, and stored in the system database.

当采用数值特征矩阵对合规规则描述进行描述时,将用户数据信息与数值特征矩阵进行相似度计算得到合规相似度值;当所述合规相似度值大于预设相似度阈值时,所述用户数据信息合规,否则不合规。When using the numerical feature matrix to describe the compliance rule description, calculate the similarity between the user data information and the numerical feature matrix to obtain the compliance similarity value; when the compliance similarity value is greater than the preset similarity threshold, the The above user data information is compliant, otherwise it is not compliant.

本申请还提供一种数据合规管理装置,包括:模板模块301,调取模块302。The present application also provides a data compliance management device, including: a template module 301 and a retrieval module 302 .

图3是本申请中数据合规管理装置的示意图。FIG. 3 is a schematic diagram of the data compliance management apparatus in the present application.

请参照图3所示,模板模块301,用于根据不同的用户属性预制多个管理模板。Referring to FIG. 3 , the template module 301 is used to pre-create multiple management templates according to different user attributes.

所述用户属性是指,用户的类型,商业活动方式等,例如用户的经营项目,需要获取的客户信息等。一种优选的方法是,根据《个人信息保护法》中列明的保护条目分别设置标签,然后将所述标签与用户需求数据进行关联后,以所述标签作为用户属性。The user attributes refer to the user's type, business activity mode, etc., such as the user's business items, customer information to be acquired, and the like. A preferred method is to set tags according to the protection items listed in the Personal Information Protection Law, and then use the tags as user attributes after associating the tags with user demand data.

本申请中所述用户在指服务客户的企业或者其他组织,所述用户需要通过客户的信息进行服务的提升和分析,以更好的提高服务。所述客户是指所述用户服务的个人。The user mentioned in this application refers to an enterprise or other organization that serves customers, and the user needs to improve and analyze the service through the information of the customer to better improve the service. The customer refers to the individual served by the user.

本申请所述技术方案是属于第三方的,在以下描述中,为简便起所述第三方统一的称为系统方。The technical solutions described in this application belong to a third party, and in the following description, the third party is collectively referred to as a system party for simplicity.

所述系统方首先根据数据合规的基础文件与用户属性建立多个管理模板,所述基础文件优选的可以是《个人信息保护法》。所述管理模板可以尽可能穷尽的对应于每个类型的用户属性,当然也可以根据用户属性进行个性化设置,在此,本领域技术人员可以根据实际情况进行选择,不再赘述。The system party first establishes a plurality of management templates according to the basic file of data compliance and user attributes, and the basic file may preferably be the "Personal Information Protection Law". The management template can correspond to each type of user attributes as exhaustively as possible, and of course, can also be personalized according to the user attributes. Here, those skilled in the art can select according to the actual situation, and details are not repeated here.

在建立了多个管理模板后,所述管理模板将存储到模板库中以供后续的调用。另外,当所述基础文件改变或者更新后,所述管理模板也相应的进行更新。After multiple management templates are established, the management templates will be stored in the template library for subsequent calls. In addition, when the basic file is changed or updated, the management template is also updated accordingly.

请参照图1所示,调取模块302,用于获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项;其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。Referring to FIG. 1, the retrieval module 302 is configured to acquire user information, retrieve a corresponding management template from the template library according to the user attribute in the user information, and generate a business process item through the management template ; wherein, the business process item includes a plurality of business nodes, the business nodes have preset judgment conditions, and when the data input by the user meets the preset judgment conditions, the processing information corresponding to the data is recorded.

当用户需要使用时,首先输入自己的标记或者信息,根据所述标记或者信息可以提取出用户的属性信息。一种优选的方法是,用户输入自己的相关信息,系统方将根据所述相关信息自动提取其中的属性信息。另一种优选的方法是,用户只需要输入自己的标记,系统方已经存储有所述标记对应的属性数据,根据所述标记直接对应的获取用户的属性信息。还有一种优选的方式是直接根据用户信息获取管理模板,包括:调取预训练的AI模型;在所述AI模型中输入用户信息,通过所述AI模型的计算获取对应的管理模板。When the user needs to use it, he first inputs his own mark or information, and the attribute information of the user can be extracted according to the mark or information. A preferred method is that the user inputs his own related information, and the system automatically extracts the attribute information according to the related information. Another preferred method is that the user only needs to input his own mark, the system has already stored the attribute data corresponding to the mark, and directly correspondingly obtains the user's attribute information according to the mark. Another preferred way is to obtain the management template directly according to the user information, including: retrieving a pre-trained AI model; inputting user information into the AI model, and obtaining the corresponding management template through the calculation of the AI model.

所述AI模型通过以下方式得到:The AI model is obtained in the following ways:

选取用户信息样本并根据用户信息进行人工标注,标注所述用户信息样本中每一条数据对应的管理模板编号;Selecting a user information sample and manually marking it according to the user information, marking the management template number corresponding to each piece of data in the user information sample;

对所述用户信息样本进行数据特征提取,并与对应的管理模板编号打包组成管理模板样本数据集;Perform data feature extraction on the user information sample, and package it with the corresponding management template number to form a management template sample data set;

将所述管理模板样本数据集拆分成管理模板模型训练集及管理模板模型测试集;splitting the management template sample data set into a management template model training set and a management template model test set;

采用机器学习算法依靠所述管理模板模型训练集集训练管理模板模型,并利用管理模板模型测试集对管理模板模型进行评估;Adopt a machine learning algorithm to train the management template model by relying on the management template model training set, and use the management template model test set to evaluate the management template model;

调整参数不断训练模型直到召回率和准确率满足预设阈值,输出管理模板模型;Adjust the parameters to continuously train the model until the recall rate and accuracy rate meet the preset thresholds, and output the management template model;

所输出的管理模版模型即为所述AI模型。The output management template model is the AI model.

可以理解的是,所述AI模型训练时所采用的机器学习算法包括:逻辑回归算法、决策树、遗传算法、支持向量机(SVN)、K-means算法、随机森林和朴素贝叶斯算法,采用不同算法时其程序设计有所差异,但均为成熟技术手段,本领域的技术人员根据上述实施例的描述,完全可顺利实现该算法,在此不赘述。It can be understood that the machine learning algorithms used in the training of the AI model include: logistic regression algorithm, decision tree, genetic algorithm, support vector machine (SVN), K-means algorithm, random forest and naive Bayes algorithm, When different algorithms are used, their program designs are different, but they are all mature technical means, and those skilled in the art can completely implement the algorithm smoothly according to the description of the above-mentioned embodiment, which is not repeated here.

当获取到所述属性数据后,即可根据所述属性数据从所述模板库中调取对应的管理模板,然后根据所述管理模板生成业务流程项。After the attribute data is acquired, a corresponding management template can be retrieved from the template library according to the attribute data, and then a business process item can be generated according to the management template.

具体的,所述模板是提供了数据合规管理的类型和方式,其中的数据管理项需要用户自己进行设置。在本申请中,所述数据管理项构建为可拖拽的图形化模块,用户只需要进行模块的选择和拖拽即可完善所述管理模板。Specifically, the template provides the type and method of data compliance management, and the data management items in the template need to be set by the user. In the present application, the data management item is constructed as a draggable graphical module, and the user only needs to select and drag the module to complete the management template.

在本申请中,所述数据管理项是单独设置,根据所述基础文件中的每一条作为一类,设置不同用户的数据管理项,其特点是根据用户使用场景的不同设置的不同管理项。In the present application, the data management items are set separately, and data management items for different users are set according to each item in the basic file as a category, which is characterized by different management items set according to different usage scenarios of users.

当选择好管理模板后,根据所述模板,会关联出所述管理模板对应的每一类数据管理项,然后用户从每一个类别中现在一个数据管理项,最终生成管理模板的完整版。After selecting the management template, each type of data management item corresponding to the management template will be associated according to the template, and then the user will create a data management item from each category, and finally generate a complete version of the management template.

最后,根据所述模板的数据管理项生成业务流程项,该业务流程项具有多个业务节点,分别对应每个数据管理项。具体的,每个所述业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。例如,当用户调取一个客户的信息时,对应的一个业务节点将判断该信息是否可被调用,若是则运行调用,并记录到日志中。Finally, a business process item is generated according to the data management item of the template, and the business process item has a plurality of business nodes corresponding to each data management item respectively. Specifically, each of the service nodes has preset judgment conditions, and when the data input by the user meets the preset judgment conditions, processing information corresponding to the data is recorded. For example, when a user retrieves a customer's information, a corresponding service node will determine whether the information can be invoked, and if so, run the invocation and record it in the log.

在本申请中,所述判断条件的设置可以通过计算机程序进行。一种优选的方法是,首先将数据合规的依据,即各种确定的法律法规进行裁剪,分为多个合规模块,例如:身份模块、信用模块、隐私模块,具体的,本领域技术人员可以根据实际情况进行拆分。在拆分完成后,为每个所述模型设置标签,所述标签是根据客户的数据信息中提取出来的。优选的,预先设置多个信息类别标签,将用户的信息中不同类别进行标签标记,获得带有标签的客户数据信息。In the present application, the setting of the judgment condition can be performed by a computer program. A preferred method is to first cut the basis for data compliance, that is, various determined laws and regulations, and divide it into multiple compliance modules, such as: identity module, credit module, and privacy module. Specifically, those skilled in the art Personnel can be divided according to the actual situation. After the split is completed, a label is set for each of the models, and the label is extracted according to the customer's data information. Preferably, a plurality of information category tags are preset, and different categories in the user's information are tagged with tags to obtain customer data information with tags.

另一方面,将所述标签对应的设置在每个法条中,这样就将每个发条设置为标签标记的法条,并且每个法条可以设置多个标签。接下来,制作标签对应表,即将全部标签进行组合,将组合后的每个标签组关联到对应的法条。On the other hand, the labels are correspondingly set in each law, so that each clockwork is set as the law marked by the label, and each law can be set with multiple labels. Next, make a label correspondence table, that is, combine all the labels, and associate each label group after the combination with the corresponding law.

当获取到客户的数据信息后,从所述数据信息中提取多个标签,生成查询标签组,通过该查询标签组从所述标签表中查询对应的法条,并提取所述法条,将所述法条的限制性描述作为判断条件。具体的,根据所述限制性描述建立数据集,判断所述用户对客户的数据信息进行操作的步骤是否在所述数据集中或数据集外,进而判断是否合规。After acquiring the customer's data information, extract a plurality of tags from the data information, generate a query tag group, query the corresponding law from the tag table through the query tag group, extract the law, and The restrictive description of the said statute serves as a judgment condition. Specifically, a data set is established according to the restrictive description, and it is judged whether the steps of the user operating on the customer's data information are in the data set or outside the data set, and then judge whether it is compliant.

优选的,所述预设判断条件包括:合规规则,用于定义所示客户的信息以及信息的处理是否违规。所述合规规则是根据确定的一种或者多种规章制度设置的。Preferably, the preset judgment conditions include: compliance rules, which are used to define whether the information of the displayed customer and whether the processing of the information violates the rules. The compliance rules are set according to the determined one or more rules and regulations.

Claims (10)

1.一种数据合规管理方法,其特征在于,包括:1. A data compliance management method, comprising: 根据不同的用户属性预制多个对应于每个类型的用户属性的管理模板;Pre-made multiple management templates corresponding to each type of user attributes according to different user attributes; 获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项,包括关联出所述管理模板对应的每一类数据管理项,从每一个类别中选择一个数据管理项生成管理模板;Obtain user information, retrieve the corresponding management template from the template library according to the user attributes in the user information, and generate business process items through the management template, including associating each type of data corresponding to the management template Management item, select a data management item from each category to generate a management template; 其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。The business process item includes a plurality of business nodes, and the business nodes have preset judgment conditions. When the data input by the user meets the preset judgment conditions, processing information corresponding to the data is recorded. 2.根据权利要求1所述数据合规管理方法,其特征在于,所述根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,包括:2 . The data compliance management method according to claim 1 , wherein the retrieving the corresponding management template from the template library according to the user attribute in the user information comprises: 2 . 调取预训练的AI模型;Retrieve the pre-trained AI model; 在所述AI模型中输入用户信息,通过所述AI模型的计算获取对应的管理模板。Enter user information in the AI model, and obtain a corresponding management template through the calculation of the AI model. 3.根据权利要求1所述数据合规管理方法,其特征在于,所述预设判断条件包括:合规规则。3 . The data compliance management method according to claim 1 , wherein the preset judgment conditions comprise: compliance rules. 4 . 4.根据权利要求3所述数据合规管理方法,其特征在于,所述合规规则是根据确定的一种或者多种规章制度设置的。4 . The data compliance management method according to claim 3 , wherein the compliance rules are set according to one or more determined rules and regulations. 5 . 5.根据权利要求1所述数据合规管理方法,其特征在于,所述管理模板存储在模板库中。5. The data compliance management method according to claim 1, wherein the management template is stored in a template library. 6.一种数据合规管理装置,其特征在于,包括:6. A data compliance management device, comprising: 模板模块,用于根据不同的用户属性预制多个对应于每个类型的用户属性的管理模板;The template module is used for prefabricating multiple management templates corresponding to each type of user attributes according to different user attributes; 调取模块,用于获取用户信息,根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,并通过所述管理模板生成业务流程项,包括关联出所述管理模板对应的每一类数据管理项,从每一个类别中选择一个数据管理项生成管理模板;a retrieval module, configured to acquire user information, retrieve a corresponding management template from the template library according to the user attribute in the user information, and generate a business process item through the management template, including associating the management template For each type of data management item, select a data management item from each category to generate a management template; 其中,所述业务流程项包括多个业务节点,该业务节点内具有预设判断条件,当用户输入的数据符合所述预设的判断条件,则记录所述数据对应的处理信息。The business process item includes a plurality of business nodes, and the business nodes have preset judgment conditions. When the data input by the user meets the preset judgment conditions, processing information corresponding to the data is recorded. 7.根据权利要求6所述数据合规管理装置,其特征在于,所述根据所述用户信息中的用户属性从所述模板库中调取对应的管理模板,包括:7 . The data compliance management device according to claim 6 , wherein the retrieving a corresponding management template from the template library according to the user attribute in the user information comprises: 8 . 调取预训练的AI模型;Retrieve the pre-trained AI model; 在所述AI模型中输入用户信息,通过所述AI模型的计算获取对应的管理模板。Enter user information in the AI model, and obtain a corresponding management template through the calculation of the AI model. 8.根据权利要求6所述数据合规管理装置,其特征在于,所述预设判断条件包括:合规规则。8 . The data compliance management device according to claim 6 , wherein the preset judgment conditions comprise: compliance rules. 9 . 9.根据权利要求3所述数据合规管理装置,其特征在于,所述合规规则是根据确定的一种或者多种规章制度设置的。9 . The data compliance management device according to claim 3 , wherein the compliance rules are set according to one or more determined rules and regulations. 10 . 10.根据权利要求1所述数据合规管理装置,其特征在于,所述管理模板存储在模板库中。10. The data compliance management apparatus according to claim 1, wherein the management template is stored in a template library.
CN202210585637.6A 2022-05-26 2022-05-26 Data compliance management method and device Pending CN114840727A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210585637.6A CN114840727A (en) 2022-05-26 2022-05-26 Data compliance management method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210585637.6A CN114840727A (en) 2022-05-26 2022-05-26 Data compliance management method and device

Publications (1)

Publication Number Publication Date
CN114840727A true CN114840727A (en) 2022-08-02

Family

ID=82573171

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210585637.6A Pending CN114840727A (en) 2022-05-26 2022-05-26 Data compliance management method and device

Country Status (1)

Country Link
CN (1) CN114840727A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040205528A1 (en) * 2000-02-15 2004-10-14 Vlad Alexander System and process for managing content organized in a tag-delimited template using metadata
CN110991157A (en) * 2019-11-25 2020-04-10 长江勘测规划设计研究有限责任公司 Engineering quality evaluation system design method based on electronic file credible technology
CN113947468A (en) * 2021-12-20 2022-01-18 鲁信科技股份有限公司 Data management method and platform
CN114416958A (en) * 2022-03-29 2022-04-29 数安信(北京)科技有限公司 Data compliance self-checking method and device
CN114492360A (en) * 2022-03-31 2022-05-13 数安信(北京)科技有限公司 Authorization compliance management method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040205528A1 (en) * 2000-02-15 2004-10-14 Vlad Alexander System and process for managing content organized in a tag-delimited template using metadata
CN110991157A (en) * 2019-11-25 2020-04-10 长江勘测规划设计研究有限责任公司 Engineering quality evaluation system design method based on electronic file credible technology
CN113947468A (en) * 2021-12-20 2022-01-18 鲁信科技股份有限公司 Data management method and platform
CN114416958A (en) * 2022-03-29 2022-04-29 数安信(北京)科技有限公司 Data compliance self-checking method and device
CN114492360A (en) * 2022-03-31 2022-05-13 数安信(北京)科技有限公司 Authorization compliance management method and device

Similar Documents

Publication Publication Date Title
US12166919B2 (en) Tool for annotating and reviewing audio conversations
CN111160992A (en) Marketing system based on user portrait system
US12079573B2 (en) Tool for categorizing and extracting data from audio conversations
US20250045306A1 (en) Transition-driven transcript search
CN113971527A (en) Data risk assessment method and device based on machine learning
US20230134796A1 (en) Named entity recognition system for sentiment labeling
CN113420018A (en) User behavior data analysis method, device, equipment and storage medium
CN108038052A (en) Automatic test management method, device, terminal device and storage medium
CN118154031B (en) A multimodal method for evaluating the uniqueness of entrepreneurial project products and improving them
CN109800354B (en) Resume modification intention identification method and system based on block chain storage
CN115114073A (en) Alarm information processing method and device, storage medium and electronic equipment
CN110610193A (en) Method and device for processing labeled data
US11308102B2 (en) Data catalog automatic generation system and data catalog automatic generation method
CN109816220A (en) Service quality monitoring and processing method and device based on intelligent decision
CN113641838A (en) Apparatus and method for data labeling, electronic device, and readable storage medium
JP2023120862A (en) Data management device, data management method, and program
CN110062112A (en) Data processing method, device, equipment and computer readable storage medium
CN113987186B (en) Method and device for generating marketing scheme based on knowledge graph
CN114840727A (en) Data compliance management method and device
CN114266496A (en) Policy landing effect evaluation method and system based on policy completeness analysis
CN119647674A (en) Information trigger channel optimization method and system, electronic device, and storage medium
KR20100006458A (en) User defined type information security service system and method
CN111241821A (en) Method and apparatus for determining behavioral characteristics of users
CN116385045A (en) Data processing method, device and equipment for receiving and hosting additional service
CN113934769A (en) Intelligent data analysis method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination