The invention entails identifying the parties involved in a process of
handling personally identifiable information; identifying the data
involved in said process; classifying the data; expressing each
relationship between each pair of said parties in terms of a privacy
agreement; and representing the parties, data, and privacy agreements
graphically in one or more privacy agreement relationship diagrams. The
invention has the advantage of identifying opportunities to reduce
privacy-related risks, including identifying unnecessary exchanges of
data, for possible elimination, and identifying opportunities to
transform data into a less sensitive form. Privacy agreements are based
on a limited set of privacy-related actions: access, disclose, release,
notify, utilize, update, withdrawConsent, giveConsent, delete, anonymize,
depersonalize, and repersonalize. One aspect of the present invention is
a method for improving the handling of personally identifiable
information. Another aspect of the present invention is a system for
executing the method of the present invention. A third aspect of the
present invention is as a set of instructions on a computer-usable
medium, or resident in a computer system, for executing the method of the
present invention.