Abstract: Systems and methods for restricting access and visibility to sensitive personal data during ingestion and storing within a data repository are disclosed. In one embodiment, a process for determining whether to grant access to protected data includes defining risk thresholds for predetermined data access patterns of a data repository, monitoring new data access patterns to build a security data profile based on quantifiable characteristics as risk factors, receiving a second request for data from a client device at the data repository, determining if any access control policies applies to the second request generating a risk score for the second request for data based on the security data profile, determining whether to grant access to the second request for data based upon at least one applicable access control policy and the risk score, and providing the requested data in response to the second request for data when access is granted.

Abstract: Systems and methods for restricting access and visibility to sensitive personal data during ingestion and storing within a data repository are disclosed. In one embodiment, a process for determining whether to grant access to protected data includes defining risk thresholds for predetermined data access patterns of a data repository, monitoring new data access patterns to build a security data profile based on quantifiable characteristics as risk factors, receiving a second request for data from a client device at the data repository, determining if any access control policies applies to the second request generating a risk score for the second request for data based on the security data profile, determining whether to grant access to the second request for data based upon at least one applicable access control policy and the risk score, and providing the requested data in response to the second request for data when access is granted.

Abstract: Systems and methods for restricting access and visibility to sensitive personal data during ingestion and storing within a data repository are disclosed. In one embodiment, a process for protecting personal data includes establishing a connection from a personal data protection system to a data source, retrieving raw data comprising personal data from the data source, classifying pieces of information within the personal data into one or more levels of sensitivity, storing the raw data in a data repository, enforcing one or more privacy policies on the personal data by obfuscating pieces of information that are at one of the levels of sensitivity using the personal data protection system, and enforcing one or more access control policies for one or more user accounts having access to the data repository by limiting visibility of the personal data to a subset of the personal data, based upon attributes of the user account.