JP2009080823A - Information management system, information management server, and program therefor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To surely prevent accidental outflow, leakage, and illegal use of personal information. <P>SOLUTION: The information management system comprises a plurality of clients, an information management server for managing the plurality of clients, and an IC tag reader constituted to communicate with the information management server. Each of the plurality of clients has an IC tag for discriminating individuals. If a client is to be discarded, a discard flag is recorded in the IC tag. If the client has information to be protected, a protected information flag is recorded in the IC tag, and the IC tag reader is arranged in an installation space and a disposal facility. The information management server monitors that a client with the IC tag, in which the protected information flag and the discard flag are recorded, is carried out through near the IC tag reader in the installation space and brought in through near the IC tag reader in the disposal facility. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a technology that makes it possible to place a plurality of clients (such as personal computers) under the management of a management server in a company.

  In recent years, with an increase in awareness of protection of personal information, it has been desired to reliably prevent inadvertent leakage and leakage of personal information and unauthorized use of personal information. In addition, along with the enforcement of the Personal Information Protection Law, a business operator handling personal information receives a request for disclosure or correction of personal information from each individual while preventing the leakage, leakage or unauthorized use of personal information. It is obliged to disclose and correct personal information.

  Here, the personal information is information that can identify a specific individual by itself or in combination, and includes, for example, a name, date of birth, contact information (address, address, telephone number) and the like. Customer information, business partner information, etc. stored and handled in various companies often fall under the category of personal information, and in the future, companies that handle a lot of such personal information will be obligated as above as a personal information handling business operator. Must be fulfilled.

  In order to fulfill the obligations described above, it is essential to centralize personal information by introducing a central management system for personal information. However, in reality, personal information such as customer information and business partner information is dispersed in a company's personal computer (hereinafter sometimes abbreviated as PC) and servers in each department. Often exists. More specifically, individual employees store their personal information (customer information, etc.) on their PCs for their own work, or a central database or a subset of personal information collected by each employee. It exists in various PCs.

  For this reason, when constructing the centralized management system or attempting to fulfill the above obligations in a distributed state, the administrator must first separate the personal information that is scattered within the company. It is necessary to identify where and what kind of personal information exists in the company. It will be carried out with the cooperation of the department.

For example, in Patent Document 1 below, in accordance with the enforcement of the Personal Information Protection Law, a technology for providing a personal information protection service that prevents personal information from being leaked or leaked or being used illegally is “processing of a personal information protection service business. Method and apparatus "have been proposed and disclosed. However, the following Patent Document 1 does not disclose any technique related to the identification of personal information as described above.
JP 2002-183367 A

  However, when personal information is identified with human cooperation such as reporting from each employee, not only is it time-consuming, but it is difficult to reliably identify all personal information without omission. In particular, when personal information is increasingly distributed, it is extremely difficult to identify personal information.

  In addition, if there is an omission in the identification of personal information, not only the above obligations can be fulfilled, but the status of the personal information cannot be managed, and there is a risk of inadvertent leakage or leakage of personal information or unauthorized use of personal information. is there.

  Therefore, it is desirable to ensure that all personal information distributed in the company is searched and managed. It is also strongly desired to place a personal computer having personal information in a state where it can be appropriately managed.

  In addition, with the replacement of a personal computer with a new model, it may be necessary to dispose of the old model. In this case, the internal data of the old model is erased and then discarded, but with the development of computer technology, the technology for restoring the erased data has also been advanced.

For this reason, it becomes necessary to request disposal to a reliable disposal company and to monitor the situation so that it is not thrown away and diverted.
The present invention was devised in view of such a situation, and manages a client (personal computer) existing in, for example, a company without obtaining human cooperation and applying a special load to a person in charge. The purpose is to ensure that it can be placed in a possible state and to prevent unauthorized use during disposal.

The present invention for achieving the above object will be described below.
(1) The invention described in claim 1 is connected to a plurality of clients used in a predetermined installation space so that they can communicate with each other via a network, and manage the plurality of clients. And an IC tag reader configured to be communicable with the information management server, wherein each of the plurality of clients is provided with an IC tag for identifying each of the plurality of clients. When the client receives a disposal designation, a disposal designation flag is recorded in the IC tag, and when the client has information to be protected, an information presence flag to be protected Is recorded on the IC tag, the IC tag reader is arranged in the installation space and the disposal facility, and the information management server The client with the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded is carried out through the vicinity of the IC tag reader in the installation space, and the IC of the disposal facility It is an information management system characterized by monitoring that it passes through the vicinity of a tag reader and is carried in.

  (2) In the invention according to claim 2, the information management server is configured such that the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded is attached to the installation space. 2. The information according to claim 1, wherein an alarm is issued if the vehicle does not pass near the IC tag reader of the disposal facility within a predetermined time after passing through the vicinity of the IC tag reader. It is a management system.

  (3) In the invention according to claim 3, the information management server is configured such that the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded is attached to the installation space. A predetermined person in charge is notified when the vicinity of the IC tag reader of the disposal facility is not passed within a predetermined period of time after passing through the vicinity of the IC tag reader and being carried out. The information management system according to claim 1.

  (4) In the invention according to claim 4, an IC tag reader is disposed in any place other than the installation space and the disposal facility, and the information management server includes the information presence flag to be protected and the discard 2. The method according to claim 1, further comprising monitoring whether the client to which the IC tag with the disposal designation flag is recorded passes near the IC tag reader disposed at any one of the locations. The information management system according to any one of items 3 to 4.

  (5) The invention according to claim 5 is provided with a plurality of clients used in a predetermined installation space, each of which is provided with an IC tag for identifying the individual, the installation space, and the disposal facility. An information management server that is connected to an IC tag reader that reads information recorded on an IC tag so as to be able to communicate with each other, and manages the plurality of clients. Write the disposal designation flag, write the information presence flag to be protected to the IC tag of the client having the information to be protected, and attach the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded. The client is carried out by passing near the IC tag reader in the installation space, and the IC of the disposal facility To monitor and be carried through the Gurida neighborhood is information management server, characterized in that.

  (6) In the invention described in claim 6, the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded passes near the IC tag reader in the installation space. 6. The information management server according to claim 5, wherein an alarm is issued when the vicinity of the IC tag reader of the disposal facility is not passed within a predetermined time after being carried out.

  (7) The invention according to claim 7 is provided with a plurality of clients used in a predetermined installation space, each of which is provided with an IC tag for identifying the individual, the installation space, and the disposal facility. Information for managing the plurality of clients connected to an IC tag reader that reads information recorded on the IC tag and an IC tag writer that writes a flag to the IC tag in the installation space so as to communicate with each other. An information management server program for causing a computer of the information management server to function as a management server, giving an instruction to write a disposal designation flag to the IC tag of the client that has been designated for disposal, to the IC tag writer, Instruction to write an information presence flag to be protected in the IC tag of the client having information to be protected The client to which the IC tag to which the information presence flag to be protected and the disposal designation flag to be recorded is recorded is attached to the IC tag writer and carried out near the IC tag reader in the installation space; A program for an information management server, which monitors whether it passes through the vicinity of the IC tag reader of the disposal facility.

  (8) In the invention according to claim 8, the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded passes near the IC tag reader in the installation space. An instruction for generating an alarm is given to a means for issuing an alarm if the IC tag reader does not pass near the disposal facility within a predetermined time after being unloaded. Item 8. The information management server program according to Item 7.

  (A1) Other inventions include a plurality of clients, an information management server connected to the plurality of clients via a network so as to communicate with each other, and managing information files in the plurality of clients, and the information management server, An information management system comprising an IC tag reader configured to be communicable, wherein each of the plurality of clients is configured with an IC tag for identifying each of the clients, and the client discards the client The fact that the designation of disposal is received is recorded in the IC tag, the IC tag reader is disposed in the disposal facility, and the information management server is configured so that the client that receives the designation of disposal is the IC of the disposal facility. An information management system for managing whether or not a tag reader has passed.

(A2) In another aspect of the invention, the IC tag is arranged in a plurality of components of the client, and the information management server passes the IC tag through an IC tag reader of the disposal facility.
Manages the situation in which tagged objects are carried out from the disposal facility, and issues an alarm when it is detected that the IC tags of the plurality of components are collected from the disposal facility. The information management system according to A1, characterized by:

  (A3) In another invention, a plurality of the IC tags are arranged for each of different materials constituting the storage device of the client, and the information management server passes the IC tag through an IC tag reader of the disposal facility. Is managed to manage the situation in which the object attached with the item is carried out from the disposal facility, and the plurality of IC tags for different materials constituting the storage device of the client are collected from the disposal facility. An information management system according to A1, wherein an alarm is issued when detected.

  (A4) In another invention, the IC tag is arranged in a plurality of components of the client, and the information management server is the IC tag reader arranged in any location, and the plurality of components The information management system according to A1, wherein an alarm is issued when it is sensed that a plurality of IC tags pass in a gathered state.

  (A5) Other inventions are connected to a plurality of clients each having an IC tag to which a designation of disposal can be recorded, an IC tag reader disposed in a disposal facility, and capable of communicating with each other via a network. An information management server for managing the plurality of clients, wherein the disposal designation is written in the IC tag of the client that has been designated for disposal, and the client that has received the designation for disposal has the disposal facility An information management server for managing whether or not it has passed near the IC tag reader.

  The IC tag is arranged in a plurality of components of the client, and the information management server carries out an object to which the IC tag is attached from the disposal facility via an IC tag reader of the disposal facility. It is desirable to manage the situation to be performed, and to issue an alarm when it is detected that the IC tags of the plurality of components are collected from the disposal facility.

  In addition, a plurality of the IC tags are arranged for each different material constituting the storage device of the client, and the information management server is configured such that the object to which the IC tag is attached is passed through an IC tag reader of the disposal facility. Manages the status of being transported from the disposal facility, and issues an alarm when it is detected that a plurality of IC tags for different materials constituting the storage device of the client are gathered from the disposal facility. It is desirable to emit.

  Further, the IC tag is arranged in a plurality of components of the client, and the information management server collects the IC tags of the plurality of components by the IC tag reader arranged in any place. It is desirable to issue an alarm when it is sensed that the condition has been passed.

  (A6) In other inventions, a plurality of clients each having an IC tag on which designation of disposal can be recorded is connected to an IC tag reader placed in a disposal facility so that they can communicate with each other via a network. A program that causes a computer to function as an information management server that manages the plurality of clients, and that gives instructions to write the disposal designation to the IC tag of the client that has received the disposal designation. The information management server program is configured to manage whether or not the client that has received the message has passed through the vicinity of the IC tag reader of the disposal facility.

The IC tag is arranged in a plurality of components of the client, and the information management server program is configured such that the object to which the IC tag is attached passes through the IC tag reader of the disposal facility. It is desirable to manage the status of being transported from the site, and to issue an alarm when it is detected that the IC tags of the plurality of components are gathered from the disposal facility.

  In addition, a plurality of the IC tags are arranged for each different material constituting the storage device of the client, and the information management server program is attached with the IC tag via the IC tag reader of the disposal facility. When managing the situation in which an object is carried out from the disposal facility and detecting that a plurality of IC tags for different materials constituting the storage device of the client are gathered are sensed to be carried out from the disposal facility It is desirable to issue an alarm.

  The IC tag is arranged in a plurality of components of the client, and the information management server program is the IC tag reader arranged in any location, and the IC tags of the plurality of components are It is desirable to issue an alarm when it is sensed that the vehicle has passed in a gathered state.

According to the present invention, the following effects can be obtained.
(1) In the invention of the information management system according to claim 1, each of the plurality of clients is configured with an IC tag for identifying the individual, and the client has been designated for disposal. In this case, a disposal designation flag is recorded on the IC tag, and when the client has information to be protected, an information presence flag to be protected is recorded on the IC tag.

  Then, the information management server is configured such that the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag is recorded is carried out through the vicinity of the IC tag reader in the installation space, and the disposal facility The IC tag reader is monitored for being carried in through the vicinity.

  As a result, the client (personal computer) having the information to be protected within the company can be managed without any human cooperation and without placing a special burden on the person in charge. It will be possible to confirm the delivery to the disposal facility and reliably prevent unauthorized use.

  (2) In the invention of the information management system according to claim 2, the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded passes through the vicinity of the IC tag reader in the installation space. An alarm is issued if the vehicle does not pass near the IC tag reader in the disposal facility within a predetermined time after being unloaded.

  As a result, the client (personal computer) having the information to be protected within the company can be managed without any human cooperation and without placing a special burden on the person in charge. It will be possible to confirm the delivery to the disposal facility and reliably prevent unauthorized use.

  (3) In the invention of the information management system according to claim 3, the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded passes through the vicinity of the IC tag reader in the installation space. A notification is given to a predetermined person in charge when the vicinity of the IC tag reader of the disposal facility is not passed within a predetermined time period after being carried out.

As a result, the client (personal computer) having the information to be protected within the company can be managed without any human cooperation and without placing a special burden on the person in charge. It will be possible to confirm the delivery to the disposal facility and reliably prevent unauthorized use.

  (4) In the invention of the information management system according to claim 4, the IC tag reader is disposed in any place other than the installation space and the disposal facility, and the information management server includes the information presence flag to be protected and the disposal It is monitored whether a client to which an IC tag having a designation flag recorded passes through the vicinity of an IC tag reader placed at any location.

  As a result, the client (personal computer) having the information to be protected within the company can be managed without any human cooperation and without placing a special burden on the person in charge. It will be possible to confirm the delivery to the disposal facility and reliably prevent unauthorized use.

  (5) In the invention of the information management server according to claim 5, each of the plurality of clients is configured with an IC tag for identifying each client, and the information management server disposes of the client. Is received, the disposal designation flag is recorded on the IC tag. When the client has information to be protected, the information presence flag to be protected is recorded on the IC tag.

  Then, the information management server is configured such that the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag is recorded is carried out through the vicinity of the IC tag reader in the installation space, and the disposal facility The IC tag reader is monitored for being carried in through the vicinity.

  As a result, the client (personal computer) having the information to be protected within the company can be managed without any human cooperation and without placing a special burden on the person in charge. It will be possible to confirm the delivery to the disposal facility and reliably prevent unauthorized use.

  (6) In the invention of the information management server according to claim 6, the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded passes through the vicinity of the IC tag reader in the installation space. An alarm is issued if the vehicle does not pass near the IC tag reader in the disposal facility within a predetermined time after being unloaded.

  As a result, the client (personal computer) having the information to be protected within the company can be managed without any human cooperation and without placing a special burden on the person in charge. It will be possible to confirm the delivery to the disposal facility and reliably prevent unauthorized use.

  (7) In the invention of the information management server program according to claim 7, each of the plurality of clients is configured with an IC tag for identifying each of the clients. When a disposal designation is received, a disposal designation flag is recorded on the IC tag, and when the client has information to be protected, an information presence flag to be protected is recorded on the IC tag.

  Then, the information management server causes the information management server to unload the client with the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded and pass through the vicinity of the IC tag reader in the installation space. And that it is carried in through the vicinity of the IC tag reader of the disposal facility.

  As a result, the client (personal computer) having the information to be protected within the company can be managed without any human cooperation and without placing a special burden on the person in charge. It will be possible to confirm the delivery to the disposal facility and reliably prevent unauthorized use.

  (8) In the information management server program according to claim 8, the client with the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded passes near the IC tag reader in the installation space. If the information management server program does not pass through the vicinity of the IC tag reader in the disposal facility within a predetermined time after being carried out, the information management server instructs the information management server to generate an alarm.

  As a result, the client (personal computer) having the information to be protected within the company can be managed without any human cooperation and without placing a special burden on the person in charge. It will be possible to confirm the delivery to the disposal facility and reliably prevent unauthorized use.

  (A1) In the information management system invention described in A1, each of the plurality of clients is configured with an IC tag for identifying the individual, and the client has been designated for disposal. The information management server, which is recorded on the IC tag, manages whether or not a client that has been designated for disposal passes through the vicinity of the IC tag reader in the disposal facility.

  As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It is possible to confirm delivery and to prevent illegal misappropriation.

  (A2) In the invention of the information management system according to A2, the IC tag is arranged in a plurality of components of the client, and the information management server detects that the object to which the IC tag is attached via the IC tag reader of the disposal facility. It manages the status of being carried out from the disposal facility, and issues an alarm when it is detected that the IC tags of a plurality of components have been collected from the disposal facility.

  As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It will be possible to confirm delivery, and to monitor unauthorized removal from the disposal facility to reliably prevent unauthorized use.

  (A3) In the invention of the information management system according to A3, a plurality of IC tags are arranged for each of different materials constituting the storage device of the client, and the information management server uses the IC tag reader of the disposal facility, When managing the situation where objects marked with are managed to be transported from the disposal facility and detecting that multiple IC tags for different materials that make up the storage device of the client are gathered, are detected to be transported from the disposal facility Alarm.

  As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It is possible to confirm the carrying-in and to monitor the state in which the storage device such as the hard disk drive is taken out from the disposal facility without being disassembled, and to prevent unauthorized use.

(A4) In the invention of the information management system according to A4, the IC tag is arranged in a plurality of components of the client, and the information management server is an IC tag reader arranged in any place and has a plurality of configurations. An alarm is issued when it is sensed that the IC tag of the element has passed in a gathered state.

  As a result, the client (personal computer) existing in the company or the like can be managed without obtaining human cooperation and without placing a special burden on the person in charge, and the client that should have been disposed of It is possible to monitor the state of use at any location and reliably prevent unauthorized use.

  (A5) In the information management server invention described in A5, each of the plurality of clients is configured with an IC tag for identifying the individual, and the client has been designated for disposal. The information management server, which is recorded on the IC tag, manages whether or not a client that has been designated for disposal passes through the vicinity of the IC tag reader in the disposal facility.

  As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It is possible to confirm delivery and to prevent illegal misappropriation.

  In this information management server invention, the IC tag is arranged in a plurality of components of the client, and the information management server allows the object to which the IC tag is attached from the disposal facility via the IC tag reader of the disposal facility. It manages the situation of being carried out, and issues an alarm when it is detected that the IC tags of a plurality of constituent elements are gathered and are taken out from the disposal facility. As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It will be possible to confirm delivery, and to monitor unauthorized removal from the disposal facility to reliably prevent unauthorized use.

  In this information management server invention, a plurality of IC tags are arranged for each different material constituting the storage device of the client, and the information management server is attached with the IC tag via the IC tag reader of the disposal facility. The situation where the collected objects are transported from the disposal facility, and a warning is issued when it is detected that a plurality of IC tags for different materials constituting the storage device of the client are collected from the disposal facility. To emit. As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It is possible to confirm the carrying-in and to monitor the state in which the storage device such as the hard disk drive is taken out from the disposal facility without being disassembled, and to prevent unauthorized use.

  In this information management server invention, the IC tag is arranged in a plurality of components of the client, and the information management server is an IC tag reader arranged in any place, and the IC tags of the components are arranged. An alarm is issued when it is detected that tags have passed in a gathered state. As a result, the client (personal computer) existing in the company or the like can be managed without obtaining human cooperation and without placing a special burden on the person in charge, and the client that should have been disposed of It is possible to monitor the state of use at any location and reliably prevent unauthorized use.

(A6) In the invention of the information management server program described in A6, a plurality of clients each having an IC tag on which designation of disposal can be recorded, an IC tag reader disposed in the disposal facility, and a network When the computer functions as an information management server that is communicably connected to each other and manages the plurality of clients, it gives an instruction to write the disposal designation to the IC tag of the client that has been designated for disposal. It manages whether or not a client that has been designated for disposal passes through the vicinity of the IC tag reader in the disposal facility.

  As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It is possible to confirm delivery and to prevent illegal misappropriation.

  In this information management server program invention, the IC tag is arranged in a plurality of components of the client, and the information management server disposes of the object attached with the IC tag via the IC tag reader of the disposal facility. It manages the status of being carried out from the facility, and issues an alarm when it is detected that the IC tags of a plurality of components are gathered from the disposal facility. As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It will be possible to confirm delivery, and to monitor unauthorized removal from the disposal facility to reliably prevent unauthorized use.

  In this information management server program invention, a plurality of IC tags are arranged for each different material constituting the storage device of the client, and the information management server receives the IC tag via the IC tag reader of the disposal facility. When the attached object is managed to be carried out from the disposal facility, and when it is detected that a plurality of IC tags for different materials constituting the storage device of the client are gathered, it is sensed that the object is carried out from the disposal facility. Raise an alarm. As a result, the client (personal computer) existing in the company, etc. can be managed without obtaining human cooperation and without placing a special burden on the person in charge. It is possible to confirm the carrying-in and to monitor the state in which the storage device such as the hard disk drive is taken out from the disposal facility without being disassembled, and to prevent unauthorized use.

  In this information management server program invention, the IC tag is arranged in a plurality of components of the client, and the information management server is an IC tag reader arranged in any location, and the plurality of components An alarm is issued when it is sensed that the IC tags have passed in a gathered state. As a result, the client (personal computer) existing in the company or the like can be managed without obtaining human cooperation and without placing a special burden on the person in charge, and the client that should have been disposed of It is possible to monitor the state of use at any location and reliably prevent unauthorized use.

Embodiments of the present invention will be described below with reference to the drawings.
In the following embodiment, a case where information is stored in a client to be managed will be described as a specific example. For this reason, a personal information management system will be described as an information management system, a personal information management server as an information management server, and a personal information management program as an information management program.

  In the following specific examples, personal information is taken as an example of management, but various other information, for example, corporate (organization) information, building and other construction information, various facilities / deployment information, security information, etc. It is possible to manage plant information in nature parks, animal information in zoos, and other various information to be protected.

[1] Configuration of personal information management system of this embodiment:
FIG. 1 is a block diagram showing a functional configuration of a personal information management system as a first embodiment of the present invention.

  In the personal information management system shown in FIG. 1, a plurality of clients (information processing device with a personal information management function; a terminal device such as a personal computer) 10, these clients 10 and a network [for example, a LAN (Local Area Network)] 30. And a personal information management server 20 that manages personal information files in these clients 10 and is connected to each other via a personal computer.

  Further, an IC tag writer 40 that is connected to the network 30 and writes to the IC tag is provided in the vicinity of the client 10. Further, an IC tag reader 50 connected to the network 30 and an alarm device 60 connected to the network 30 are provided at the gate 100 provided at the entrance / exit of the installation space 2 where the client 10 is installed. The alarm device 60 may be built in the IC tag reader 50.

  Further, in the present embodiment, the installation space 2 of the client 10 is a place determined that the client 10 having the personal information file should exist, and is a specific room, a specific floor, a specific building, a specific It means one of the premises in a facility such as a factory or laboratory.

  Further, in the personal information management system shown in FIG. 1, each of a plurality of clients is configured with an IC tag for identifying the individual, and the client has been designated for disposal. When recorded on the IC tag, the disposal facility 200 performs a predetermined disposal. Further, an IC tag reader 250 connected to the network 32 and an alarm device 260 also connected to the network 32 are arranged near the gate 201 of the disposal facility 200. Here, in the disposal facility 200, the client 10 is disassembled and disassembled for recycling purposes according to materials such as metal and plastic. The network 32 is a kind of various networks and is connected to the network 30.

  In the present embodiment, the personal information file (personal information file) holds a predetermined number or more of records including personal information. As described above, the personal information includes a specific individual by a single unit or a combination. Information that can be identified includes, for example, name, date of birth, contact information (address, address, telephone number, e-mail address). In addition to these, personal information includes titles, basic resident register numbers, account numbers, credit card numbers, license numbers, passport numbers, and the like.

[1-1] Configuration of the client of this embodiment:
FIG. 2 is a block diagram showing the functional configuration of each client 10 of this embodiment. The client 10 shown in FIG. 2 includes a CPU (arithmetic processing unit) 10a that executes various processes and a data aggregate (such as personal information) ( A storage unit 10b capable of holding a file), a quarantine table 10c provided from the personal information management server 20, and a P mark (privacy level mark) of a data aggregate (data file) held in the storage unit 10b; A P mark table 10d that holds a level indicating the high possibility of being a personal information file and is determined by a determination value to be described later, and an IC tag 10e (10e−) for managing each client 10 a, 10e-b, 10e-c,), location information acquisition means 1 for acquiring location information of each client via GPS or a network It is configured by including a f, and.

Here, the storage unit 10 b is a storage device that uses a recording medium such as a hard disk or a large-capacity nonvolatile memory built in the client 10.
Further, the quarantine table 10c and the P mark table 10d are held in a RAM (Random Access Memory), a hard disk or the like constituting the client 10.

  The CPU 10a functions as a personal information search means 11, a CPU usage rate monitoring means 12, an input / output monitoring means 13, an activation control means 14, an access monitoring means 15 and a transmission / reception means 16, and these functions are performed by the CPU 10a. As will be described later, this is realized by executing a personal information search program installed from the personal information management server 20.

  The personal information search means 11 operates as described later with reference to FIG. 6 by executing a personal information search program installed from the personal information management server 20, and a data file (stored in the storage unit 10b ( It functions as a text extraction engine that converts a target file) into a text file, and also functions as a search engine that specifies and searches a personal information file from data in the storage unit 10b using the quarantine table 10c. That is, the personal information search means 11 searches various files (data aggregates) existing in the storage unit 10b of the client 10 according to the condition (quarantine table 10c) instructed from the personal information management server 20, and the target file ( A file determined to be a personal information file) is written to a log (local cache database). The P mark determined based on the search result (determination value) obtained by the personal information search means 11 is registered in the P mark table 10d. Details of the function of the personal information search means 11 will be described later.

  The CPU usage rate monitoring unit 12 monitors the usage rate of the CPU 10a that executes various processes in the client 10, and the input / output monitoring unit 13 is a data input / output operation (I / O operation) in the storage unit 10b. Is to monitor.

  The activation control unit 14 operates as described later with reference to FIGS. 7 and 8 by executing a personal information search program installed from the personal information management server 20, and is monitored by the CPU usage rate monitoring unit 12. The personal information search means 11 is activated when the usage rate of the CPU 10a is less than or equal to a predetermined threshold, while the operation of the personal information search means 11 is stopped when the usage rate exceeds the predetermined threshold. The personal information retrieval unit 11 is activated when the monitoring unit 13 detects the occurrence of an input / output operation. In other words, the activation control unit 14 basically activates the personal information search unit 11 with the lowest threshold and puts the personal information search unit 11 in an idle state (search hold) with the highest usage rate. 11 is operated like a screen saver.

  The access monitoring unit 15 monitors the data file (data file to which the P mark is assigned) determined to be a personal information file by the personal information search unit 11 and accesses (eg, rename, copy, delete) the data file. , Data change due to movement, etc.) is written as log information and transmitted to the personal information management server 20 by the transmission / reception means 16.

  The transmission / reception means 16 transmits / receives various information to / from the personal information management server 20 via the network 30. The result of self-search by the personal information search means 11 and the acquired position information are sent to the personal information management server 20. It functions as a transmission means for transmitting. When the transmission / reception unit 16 functions as the transmission unit, a difference between the search result (link destination information of the personal information file, determination value, etc.) and the search result transmitted last time is obtained, and the difference is sent to the personal information management server 20. In addition to sending, the information to be sent is encrypted.

  The IC tag 10e-a is affixed to the main circuit board on which the CPU 10a and the like are mounted. The IC tag 10e-b is affixed inside the storage unit 10b such as a hard disk drive. The IC tag 10e-c is affixed to the body (housing) of the client 10.

[1-2] Configuration of personal information management server of this embodiment:
FIG. 3 is a block diagram showing a functional configuration of the personal information management server 20 of the present embodiment. The personal information management server 20 shown in FIG. 3 includes a CPU 20a that executes various processes, log information from each client 10, and personal information. A database (RDB: Relational DataBase) 20b that stores and saves information files and the like, and a display unit 20c that displays various information including log information and personal information stored in the database 20b are configured.

  The CPU 20a functions as client information collection means 21, installation means 22, collection means 23, management console 24, personal information management means 25, display control means 26, and transmission / reception means 27. These functions are provided by the CPU 20a. This is realized by executing a personal information management server program.

  The client information collecting means 21 collects client information (host information) from a plurality of clients 10 connected to be communicable via the network 30 when searching and managing personal information. The client 10 to be managed is recognized.

The installation unit 22 installs a personal information search program that causes each client 10 to perform a self-search of personal information via the network 30.
The collection unit 23 receives and collects the results of self-searches (link destination information and determination values of personal information files) executed by each client 10 via the network 30 and the transmission / reception unit 27, and stores them in the database 20b. Is.

  The management console 24 sets and manages search conditions (such as the quarantine table 10c, a predetermined threshold necessary for determining a personal information file and a P mark) to be instructed to each client 10. The quarantine table 10c is for designating a characteristic character or characteristic character string that is a character or character string that appears characteristically in personal information, and details thereof will be described later with reference to FIG.

  In addition, the management console 24 controls to issue an alarm via the alarm device 60 when each client 10 determined to have a personal information file attempts to go out of the installation space 2 through the IC tag reader 50. When the client 10 who has obtained permission to take out passes the IC tag reader 50 and goes out of the installation space, control is performed to collect position information from the client 10 and track and manage it.

  The personal information management means 25 manages personal information files in each client 10 based on the search results collected by the collection means 23 and stored in the database 20b. The personal information search means 11 of each client 10 uses the personal information search means 11 to manage personal information files. A data file (a data file to which a P mark is assigned) determined to be a file is a management target. As will be described later, the personal information management unit 25 notifies the user (holder) of the data file of the caution information / warning information according to the determination value (or P mark) of each data file. The data file is forcibly captured and collected from the client 10 storing the data file. Further, the personal information management means 25 has a function of searching the personal information file stored in each client 10 or the database 20b with various accuracy, and a function of causing the display control means 26 to display the search result on the display unit 20c. Have.

Further, the personal information management means 25 has functions for the designation of disposal and management of clients designated for disposal as part of personal information management.
The display control means 26 controls the display state of the display unit 20c so that various types of information are displayed on the display unit 20c. The transmission / reception means 27 transmits / receives various information to / from each client 10 via the network 30.

[2] Operation of the personal information management system of this embodiment:
[2-1] Basic operation:
Next, the operation of the personal information management system 1 (client & server) of the present embodiment configured as described above will be described with reference to FIG.

  First, a personal information file search method by the personal information search means 11 (personal information search program) of this embodiment will be described with reference to FIGS. 4 is a diagram showing an example of the quarantine table 10c of this embodiment, FIG. 5 is a diagram showing a specific example of the title header, and FIG. 6 is an operation of the personal information search means 11 in each client 10 of this embodiment. It is a flowchart for demonstrating.

In the personal information search means 11 of this embodiment, the appearance frequency of an address, a telephone number, an e-mail address, and a name is quantified and the personal information file is specified as follows.
More specifically, in the counting step executed by the personal information search means 11, first, a character or character string included in the data file and a characteristic character preset as a character / character string characteristically appearing in the personal information / Feature character string is collated and the number of times the characteristic character / feature character string appears in the data file is counted. However, in the present embodiment, when collation / recognition using character strings is performed, the load on the CPU 10a becomes extremely large. Therefore, collation / recognition for each character is performed. Therefore, one character character is set in the quarantine table 10c, as will be described later with reference to FIG. In addition, when the arithmetic processing capability of the CPU 10a is sufficiently high, collation / recognition by a character string may be performed.

  Then, characters extracted from the target file (text file) are collated one by one with the characteristic characters in the quarantine table 10c, and if they match, it is determined that the characteristic characters have appeared, The count value of the characteristic character is incremented by “1”. After counting the number of appearances of characteristic characters in all characters included in the target file in this way, the personal information file is identified based on the count result (determination of whether the target file is a personal information file) ).

Here, the characteristic characters preset in the quarantine table 10c will be specifically described.
In general personal information, an address is usually required. Therefore, as shown in FIG. 4, characters that characteristically appear at addresses in Japan are set and registered in the quarantine table 10c as characteristic characters. For example, the address information may include “city”, “road”, “fu”, “prefecture”, “city”, “ward”, “town”, “village”, “county”, etc. In the case of “Tokyo”, the characters “East” and “Kyo” appear in ordinary documents, but in the case of address information, they will appear in combination with “City”. It becomes possible to regard the number of appearances as the number of addresses. Similarly, “prefecture”, “prefecture”, and “road” are considered as address information, and “@” can be used as e-mail address information.

In the quarantine table 10c shown in FIG. 4, the following characteristic characters and points are set.
(1) Address information (characters) as “East”, “Kyo”, “Miyako”, “Large”, “Osaka”,
“Fu”, “North”, “Sea”, “Road” are set, and the total of the count values of these characteristic characters is counted and calculated as address point 1.

(2) As presumed address information (characteristics), prefecture names other than address point 1, that is, “mountain”, “form”, “god”, “na”, “river”, “saki”, “tama”, ..., "Fuku", "Oka", "Prefecture", etc. are set, and the total of the count values of these characteristic characters is counted and calculated as address point 2.

(3) “City”, “District”, “Town”, “Village” and “County” are set as address disregard information (characteristic characters), and the total of the count values of these characteristic characters is calculated as address point 3 Is done.
(4) “@” is set as the mail address deemed information (characteristic character), and the count value of “@” is used as the mail address point.

(5) “N” (numeric string with a predetermined number of digits consisting of numerals and hyphens) is set as the telephone number deemed information (characteristic character string), and the counted value is used as the telephone number point. More specifically, the phone number is a specific number string corresponding to the mobile phone area code or area code, such as “090-XXXX-XXXX”, “03-XXXX-XXXX”, “048-XXX-XXXX”. It consists of “090”, “03”, “048” followed by an 8-digit or 7-digit numeric string. When such a numeric string appears, the telephone number point is incremented by “1”. . At this time, the count-up is performed regardless of the presence or absence of a hyphen in the numeric string.

(6) As name disregard information (characters), for example, the 50 best surnames in Japan
The characters “sa”, “wisteria”, “field”, “middle”, “high”, “bridge”,..., “Mountain”, “field” are set, and the sum of the count values of these characteristic characters Is calculated as a name point.

(7) As the quarantine total points, the total value of each point of the items (1) to (6) described above is counted and calculated.
Here, in FIG. 4, a count value indicating the number of appearances of each characteristic character or each point (total value of the number of appearances) is written in “”, and can be counted up to, for example, about 10 million. It has become.

  Moreover, when calculating the appearance rate of each prefecture name based on the counting result (number of appearances) obtained using the quarantine table 10c as described above, handling in the case where duplicate characters exist will be described. For example, if “Tokyo” and “Kyoto Prefecture” are mixed in a text file, “Metropolitan” is duplicated. Therefore, the “Metropolitan” count is the same as the “Tokyo” count. It will be mixed. Since “Fu” in “Kyoto” overlaps with “Fu” in “Osaka”, first calculate the appearance rate of “Osaka” and subtract that appearance rate from the appearance rate of “Fu”. It is possible to predict the appearance rate of “fu”. The appearance rate of “Tokyo” can be obtained by subtracting the appearance rate of “Kyoto Prefecture” predicted in this manner from the appearance rate of “Miyako”. If the prefecture name and city name overlap (for example, Osaka City, Osaka Prefecture), the appearance rate of “Osaka” will double, but based on the Japanese address book published by the Ministry of Posts and Telecommunications. It is possible to estimate the actual appearance rate by calculating the duplication rate for each prefecture name and adjusting the appearance rate based on the calculated duplication rate.

  Furthermore, the handling when there is no state display will be described. In the data file, when the title header as shown in FIG. 5 is used for the prefecture name, or in the address display using the decree-designated city or the postal code, “city”, “road”, “prefecture”, “ The appearance rate of “prefecture” will be extremely reduced. Instead, since the name appearance rate such as the prefecture name becomes high, it is possible to specify that the data file is a personal information file including address information from the name appearance rate.

In the quarantine table 10c described above, characters / character strings that appear characteristically in addresses, e-mail addresses, telephone numbers, and names are set as feature characters / character strings, but the present invention is not limited to these. Characters / character strings that appear characteristically in the date of birth, title, personal identification information (for example, Basic Resident Register Number, Account Number, Credit Card Number, License Number, Passport Number, etc.) It may be set as a character / characteristic character string.

Then, in the calculation step executed by the personal information search means 11, a determination value indicating the degree to which the target file is a personal information file is calculated based on the counting result obtained using the quarantine table 10c described above. As the judgment value,
(a) The value of the quarantine total point (see item (7) above) in the quarantine table 10c may be used as it is,
(b) A determination point that increases as the appearance rate of the characteristic character / characteristic character string increases may be calculated as the determination value.
(c) Based on the count result obtained for each characteristic character / characteristic character string, the characteristic character / characteristic character string appearance pattern in the target file is obtained, and the obtained appearance pattern and the characteristic character / characteristic character string appearance pattern are obtained. A degree of coincidence indicating a degree of coincidence with a preset feature appearance pattern may be calculated as the determination value,
(d) Two or more of these three kinds of determination values may be combined, and a value calculated by substituting two or more determination values into a predetermined function may be used as the determination value.

  At this time, when there are characteristic characters / characteristic character strings related to plural types of information (for example, four types of address, e-mail address, telephone number, and name) in the target file, the target file relates to one type of information. The count result is weighted so that the determination value is larger than when a characteristic character / characteristic character string exists. In other words, when a data file includes a plurality of types of information that can identify an individual, the possibility that the data file is a personal information file includes only one type of information that can identify an individual. Therefore, weighting is performed so that the determination value (importance) for the data file becomes large. Further, weighting may be performed so that the determination value increases as the number of types of information increases. This makes it possible to specify the personal information file more reliably.

  When the determination value as described above is calculated, it is determined in the determination step executed by the personal information search means 11 based on the determination value whether the target file is a personal information file. For example, if the determination value exceeds a predetermined threshold, it is determined that the target file is a personal information file. When making such a determination, in this embodiment, a P mark (private level mark) corresponding to the size of the determination value is added to the target file, set and registered in the P mark table 10d, and ranked. Is doing. As described above, the P mark is a level indicating the high possibility that the target file is a personal information file. The larger the determination value, the higher the P mark is set.

  For example, when the determination value is 10 or more, it is determined that the target file is a personal information file. When the determination value is 10 or more and less than 100, “P1” is assigned as the P mark, and when the determination value is 100 or more and less than 1000, “P2” is assigned as the P mark. When it is 1000 or more and less than 10,000, “P3” is assigned as the P mark, and when the determination value is 10000 or more, “P4” is assigned as the P mark. The predetermined threshold for determining the personal information file and the reference value for determining the P mark are appropriately set by the management console 24 of the personal information management server 20. In addition, although the P mark is ranked into four “P1” to “P4” here, the number of ranks is not limited to this.

As described above, the P mark (P mark table 10 d) assigned to the target file is transmitted to the personal information management server 20 via the transmission / reception unit 16 and the network 30, and is stored in the database 20 b by the collection unit 23. The data file to which the P mark is assigned is managed as a personal information file by the personal information management server 20 (personal information management means 25) as follows according to the rank of the P mark.

  For example, when the rank of the P mark is “P1”, the recommendation based on the warning information is not performed, but the fact that the data file of “P1” exists is recorded as a log. When the rank of the P mark is “P2”, notice information in a pop-up display is notified to alert the user of the data file. When the rank of the P mark is “P3”, the system administrator is notified by e-mail as warning information that there is a user storing the data file, and the return of the data file is instructed. To do. When the rank of the P mark is “P4”, the data file is forcibly captured and collected from the client 10. Even if the rank of the P mark is not “P4”, if the data file of “P3” is left for a predetermined number of days, the data file is forcibly captured and collected from the client 10.

  A series of procedures for personal information search (personal information file specification) executed by the personal information search means 11 will be described with reference to the flowchart (steps S11 to S18) shown in FIG.

  When constructing the personal information management system 1 of the present embodiment, first, a personal information management program is installed in a computer that should function as the personal information management server 20, and the computer executes the personal information management program. Thus, the personal information management server 20 functions (client information collection means 21, installation means 22, collection means 23, management console 24, personal information management means 25, display control means 26, and transmission / reception means 27). When the search / management of personal information is started, client information is collected from a plurality of clients 10 connected to be communicable via the network 30 by the client information collection unit 21, and personal information search / management targets are collected. The personal information search program is installed via the network 30 by the installation means 22 on the client 10 that is recognized as a personal information search / management target. When this personal information search program is executed by the CPU 10a of the client 10, the CPU 10a causes the personal information search means 11, CPU usage rate monitoring means 12, input / output monitoring means 13, activation control means 14, access monitoring means 15 and transmission / reception means 16 to be transmitted. Serves as a function. When installing the personal information search program, the quarantine table 10c is also transmitted. The personal information search program is included in advance in the personal information management program.

  In the client 10, when the personal information retrieval unit 11 is activated at a timing described later with reference to FIGS. 7 and 8, the P mark table 10d and the storage unit 10b are referred to, and the P mark is not set in the storage unit 10b. The presence or absence of the data file is determined (step S11). When there is a data file with no P mark set (YES route in step S11), one data file with no P mark set is selected and read from the storage unit 10b as a target file (step S12). Is converted into a text file by the text extraction engine (step S13).

  Then, the characters extracted from the text file are collated one by one with the characteristic characters in the quarantine table 10c, and if they match, it is determined that the characteristic characters have appeared, and the characteristic characters are counted. The value is incremented by “1” (step S14; counting step). In this way, after counting the number of appearances of characteristic characters in all characters included in the target file, based on the count result, a determination value indicating the degree to which the target file is a personal information file (for example, the above item ( a) to (d)) is calculated (step S15; calculation step).

  Based on the determination value calculated in step S15, as described above, it is determined whether or not the target file is a personal information file and ranks the P mark (step S16; determination step). The personal information file determination result and the P mark ranking result are registered in the P mark table 10d, and also transmitted to the personal information management server 20 via the transmission / reception means 16 and the network 30 (step S17). In the personal information management server 20, the data is stored in the database 20 b by the collection unit 23.

  Thereafter, it is determined again whether or not there is a data file in which the P mark is not set in the storage unit 10b (step S18). Returning, the same processing as described above is executed. On the other hand, if there is no data file with no P mark set (NO route in step S18), the personal information search operation is terminated.

  Next, the activation timing of the personal information search means 11 (personal information search program) will be described with reference to FIGS. Here, FIG. 7 and FIG. 8 are flowcharts for explaining the operation of the activation control unit 14 in each client 10 of the present embodiment.

  The activation control means 14 of the present embodiment includes activation control based on the CPU usage rate according to the flowchart (steps S21 to S27) shown in FIG. 7, and input / output operation (I / O operation) according to the flowchart (steps S31 to S33) shown in FIG. ) Start control.

  In the activation control based on the CPU usage rate, the CPU usage rate monitoring unit 12 monitors the usage rate of the CPU 10a (step S21), determines whether or not the usage rate is equal to or less than a predetermined threshold (step S22), and the usage rate is If it is equal to or less than the predetermined threshold value (YES route in step S22), the personal information search means 11 is activated (step S23). After the activation, it is determined whether or not the search is finished (step S24). If not finished (NO route of step S24), the process returns to step S21. If it is determined in step S24 that the search is completed (YES route), after the search result is notified (step S25), the process returns to step S21.

  If it is determined in step S22 that the usage rate is greater than the predetermined threshold (NO route), it is determined whether or not the personal information search means 11 is activated (step S26), and if not activated (NO in step S26). On the other hand, if it is activated (YES route in step S26), the search operation by the personal information search means 11 is interrupted (step S27), and then the process returns to step S21. In this way, the personal information search means 11 can be operated like a screen saver.

  In the start control by the input / output operation, the input / output monitoring means 13 monitors the data input / output operation (I / O operation) in the storage unit 10b (step S31), and detects the occurrence of the input / output operation (step S31). YES route), the personal information search means 11 is immediately activated (step S32), and after the search result is notified (step S33), the process returns to step S31.

It should be noted that the activation control based on the two types of timings described above may be adopted and executed simultaneously in parallel, or only one of them may be adopted and executed.
In each client 10, the access monitoring means 15 monitors the data file to which the P mark is given (the data file determined to be a personal information file by the personal information searching means 11), and accesses the data file. When (for example, data change by renaming, copying, erasing, moving, etc.) occurs, the fact is written as log information, and the personal information management server 20 is transmitted via the transmission / reception means 16 and the network 30.
And is stored in the database 20b by the collecting means 23 in the personal information management server 20.

[2-2] Processing at client disposal:
Next, with reference to FIG. 9, a description will be given of the disposal confirmation and unauthorized diversion monitoring for the client 10 that has been designated for disposal by the personal information management server 20. FIG.

  Here, FIG. 9 is a flowchart regarding the disposal management of the client 10 in the personal information management server 20. In this embodiment, the management console 24 of the personal information management server 20 controls the disposal management of each client 10 shown in the flowchart of FIG. Here, the disposal management means confirmation of loading of the client 10 into the disposal facility, detection of unauthorized removal from the disposal facility, management of tracking of the location of the client that has been illegally carried out, and the like.

First, it is assumed that any client 10 is determined to be disposed of (step S41).
Here, based on the instruction from the personal information management server 20, the IC tag 10e-a, the IC tag 10e-b, and the IC tag 10e-c are A unique ID for identifying each client 10 and a flag indicating that it has been designated for disposal are written by the IC tag writer 40 using a signal of a predetermined radio frequency (for example, 13.56 MHz).

  For the above unique ID, a device serial number or the like that has been assigned in advance may be used as it is, and only the disposal designation flag may be written via the IC tag writer 40.

That is, here, the flag corresponding to the designation of disposal is changed from “0” to “1” (step S42).
Note that if there is only one IC tag 10e attached to the client 10, the plurality of IC tags 10e is attached to the single IC tag 10e if there are a plurality of IC tags 10e attached to the client 10. The above writing is performed. When a plurality of IC tags 10e are attached, it is desirable that part information ●● indicating whether each IC tag 10e is in the body, main board, or HDD is attached.

  Further, regarding the normal client 10 that is not disposed of, the IC tag writer 40 determines whether or not the personal information file is allowed to be taken out and whether or not the personal information file exists, by an IC tag writer 40 based on a predetermined radio frequency signal. To 10e-c). For example, when the initial value “0” indicating prohibition of taking out the personal information file is obtained, the corresponding flag is changed from “0” to “1”.

  The personal information management server 20 then reads the reading result of the IC tag reader 50 so that each client 10 that is not designated for disposal remains in the installation space 2 or each client 10 receives the personal information management server 20. The global IP address when accessing is monitored.

  That is, the personal information management server 20 monitors the reading result of the IC tag reader 50 as to whether any of the clients 10 passes through the gate 100 (step S43 in FIG. 9).

If no client 10 passes through the gate 100 (N in step S43)
O), the IC tag reader 50 and the personal information management server 20 continue to monitor.
If there is a client 10 that has passed or is about to pass through the gate 100 as a result of reading by the IC tag reader 50 (YES in step S43 in FIG. 9), the client 10 that has passed through the gate 100 receives a designation of disposal. Whether the value is “1” or not is read by reading the disposal designation flag recorded in the IC tag 10e (10e-a to 10e-c) (step S44). Alternatively, the personal information management server 20 that has received the notification of gate passage from the IC tag reader 50 via the network 30 may check the database 20b with reference to the unique ID.

  As to whether a personal information file exists, a flag related to the presence of the personal information file recorded in the IC tag 10e (10e-a to 10e-c) is read to check whether the value is “1” (step S44). ). Alternatively, the personal information management server 20 that has received a notification of gate passage from the IC tag reader 50 via the network 30 may perform confirmation using the database 20b.

  If any client 10 has passed through the gate 100 (YES in step S43), and the client 10 that has passed through the gate 100 is not designated for disposal (NO in step S44), the personal information management server 20 checks whether or not the take-out permission exists for the client 10 that has passed through the gate 100 (step S45).

  If there is a take-out permission for the client 10 that has passed through the gate 100 (YES in step S45), there is no problem and the process ends. If no take-out permission exists for the client 10 that has passed through the gate 100 (NO in step S45), it is a take-out permission violation, and the personal information management server 20 instructs the alarm device 60 to issue an alarm ( Step S46).

  If any client 10 passes through the gate 100 (YES in step S43), the personal information management server 20 refers to the reading result by the IC tag reader 50, and the client 10 that has passed through the gate 100 designates disposal. (YES in step S44), the personal information management server 20 determines whether or not the client 10 passes through the gate 210 of the disposal facility 200 and is carried into the disposal facility within a predetermined time. Monitoring is performed (steps S47 and S48).

  If the client 10 has not passed through the gate 210 of the disposal facility 200 and has not been carried into the disposal facility even after a predetermined time has elapsed (Y in step S48), the client 10 designated for disposal is illegally Since there is a possibility that the personal information has been diverted, the personal information management server 20 notifies each unit of an error (step S49). The manager or the person in charge who has received this error notification confirms with the disposal facility or the carrier and tracks the client 10.

  If the client 10 passes through the gate 210 of the disposal facility 200 and is carried into the disposal facility within a predetermined time (Y in step S47), the management server 20 starts the disposal of the client 10 Is registered in the database 20b (step S50).

  In addition, when there are a plurality of contractors and a plurality of facilities as the disposal facility 200, information for designating a specific contractor or a specific facility is specified in the IC tag 10e (IC tag 10e-a to IC tag 10e-c). It may be stored. As a result, it is also possible to start alarm alerting and tracking when brought into an undesignated contractor or an undesignated disposal facility.

In addition, before the decision on disposal is made, the IC tag 1
Information may be stored in 0e (IC tag 10e-a to IC tag 10e-c). In addition, when the client 10 is used as a lease, a situation in which the client 10 continues to be used illegally after the end of the lease period can be avoided by predetermining the contractor and the disposal facility in this way. In this case, information on the disposal company and the disposal facility is stored as non-rewritable read-only attribute information, and the disposal decision information is stored at the IC tag 10e (IC tag 10e-a˜) at the end of the lease period. What is necessary is just to write in IC tag 10e-c).

  In addition, even after the client 10 is carried into the disposal facility 200, the client 10 may be illegally carried out of the disposal facility 200 without being disassembled and recycled for each material. The reading status of the IC tag reader 250 is monitored for the carry-out status at the gate 210 (step S51).

  For example, not when the client 10 is disassembled and collected by material, but when the client 10 is illegally taken out of the disposal facility 200 without being disassembled, or the HDD of the client 10 named A is removed. Even if the HDD of the client 10 called B is connected and one new client 10 'is recreated, the personal information management server 20 does not change the IC tags 10e-a, 10e-b, 10e- When it is detected that the IC tags of a plurality of components are collected and collected from the disposal facility with reference to the unique ID and component information ●● of c, etc. (YES in step S51), the alarm device 260 An alarm is issued (step S52).

  Note that the alarm includes notification from the personal information management server 20 to the network administrator, display of a warning message in the personal information management server 20 and other terminal devices, generation of warning sound and warning light in the alarm device 60, personal Various alarms such as warning message output and notification to guards in the sound system connected to the information management server 20 are applicable.

  Here, by arranging a plurality of IC tags 10e for each different material that constitutes the storage device of the client 10, the IC tag 10e can be disassembled for each material and then recycled, or without being disassembled for each material. It is possible to distinguish whether to carry out illegally.

  In addition, when the storage unit 10b is a hard disk drive, the hard disk drive is disassembled for each material by attaching different IC tags 10e to the plastic part and the metal part inside the hard disk drive. It can be distinguished whether it is sent to recycling afterwards, or it is illegally carried out without disassembling each material.

  As a result, the client (personal computer) existing in the company or the like can be managed without obtaining human cooperation and without placing a special load on the person in charge, and to the disposal facility 200 at the time of disposal. Can be confirmed, and unauthorized removal from the disposal facility 200 can be monitored to reliably prevent unauthorized use.

  Further, the personal information management server 20 determines whether or not the IC tag 10e of a plurality of components passes by the IC tag reader disposed in any place other than the installation space 2 and the disposal facility 200 described above. Monitor. As a result, it is possible to monitor the state where the client that should have been disposed of is being used in any place while tracking it (step S52), and to reliably prevent unauthorized use. In this case, the personal information management server 20 notifies the manager or the person in charge of the location of the IC tag reader that has passed in a state where the IC tags 10e of a plurality of components are gathered.

[3] Effects of the personal information management system of this embodiment:
(3-1) In the above embodiment, each of the plurality of clients 10 is configured by being attached with an IC tag 10e (10e-a to 10e-c) for identifying each client 10. Is received in the IC tag 10e (10e-a to 10e-c), and the personal information management server 20 allows the client 10 receiving the disposal designation to receive the tag reader 250 of the disposal facility 200. It manages whether it passed the neighborhood. Thereby, the client 10 (personal computer) existing in the company or the like is placed in a manageable state without obtaining human cooperation and applying a special load to the person in charge, and the disposal facility 200 at the time of disposal. It is possible to confirm the carry-in to and prevent unauthorized diversion.

  (3-2) In the above embodiment, the IC tag 10e (10e-a to 10e-c) is arranged in a plurality of components of the client 10, and the personal information management server 20 is connected to the IC tag of the disposal facility 200. 10e (10e-a to 10e-c) The situation where an object with an IC tag 10e (10e-a to 10e-c) is carried out from the disposal facility 200 via a reader is managed, and a plurality of components When it is detected that the IC tags 10e (10e-a to 10e-c) are unloaded from the disposal facility 200, an alarm is issued. Thereby, the client 10 (personal computer) existing in the company or the like is placed in a manageable state without obtaining human cooperation and applying a special load to the person in charge, and the disposal facility 200 at the time of disposal. It is possible to confirm the carry-in to the site, and to monitor unauthorized removal from the disposal site to reliably prevent unauthorized use.

  (3-3) In the above embodiment, a plurality of IC tags 10e (10e-a to 10e-c) are arranged for different materials constituting the storage device of the client 10, and the personal information management server 20 Manage the situation in which the object with the IC tag 10e (10e-a to 10e-c) is carried out of the disposal facility 200 via the IC tag 10e (10e-a to 10e-c) reader of the disposal facility 200 When a plurality of IC tags 10e (10e-a to 10e-c) for different materials constituting the storage device of the client 10 are detected to be carried out from the disposal facility 200, an alarm is issued. Thereby, the client 10 (personal computer) existing in the company or the like is placed in a manageable state without obtaining human cooperation and applying a special load to the person in charge, and the disposal facility 200 at the time of disposal. In addition, it is possible to check whether the storage device such as the hard disk drive is illegally taken out of the disposal site without being disassembled, and to reliably prevent unauthorized use.

  (3-4) In the above embodiment, the IC tag 10e (10e-a to 10e-c) is arranged in a plurality of components of the client 10, and the personal information management server 20 When the IC tag 10e (10e-a to 10e-c) reader arranged in the device senses that the IC tags 10e (10e-a to 10e-c) of a plurality of components have passed together, Raise an alarm. As a result, the client 10 (personal computer) existing in the company or the like is placed in a manageable state without obtaining human cooperation and applying a special load to the person in charge, and the client that should have been disposed of. It is possible to monitor the state where 10 is used in any place, and to prevent illegal misappropriation.

  (3-5) Further, according to the above embodiment, for each data file in the storage unit 10b of each client 10, the data file is a personal information file according to a determination value based on the number of appearances of characteristic characters and characteristic character strings. It is possible to automatically identify and search personal information files, so that there is no human cooperation and no special load on the person in charge, for example, within a company. It is possible to reliably search for personal information files (data files that are highly likely to be personal information files) existing in a distributed manner and put them in a state where they can be managed. Accordingly, it is possible to reliably respond to requests for disclosure and correction of personal information, and to reliably prevent inadvertent leakage and leakage of personal information and unauthorized use of personal information.

  At this time, the usage rate (usage load) of the CPU 10a is monitored in each client 10, and when the usage rate is equal to or lower than a predetermined threshold, the personal information search means (search engine) 11 is activated to apply a load to the CPU 10a. The personal information file can be identified without any problems.

  Then, when the client 10 having the personal information file is disposed of in this way, the client 10 (personal computer) existing in the company or the like is obtained without obtaining human cooperation and applying a special load to the person in charge. ) In a manageable state, it is possible to monitor the state where the client 10 that should have been disposed of is used in any place, and to prevent illegal misappropriation.

  (3-6) Also, by monitoring the data input / output operation (I / O operation) with respect to the storage unit 10b in each client 10, and starting the personal information search means (search engine) 11 when the input / output operation occurs When new data is input to the storage unit 10b in the client 10, or when data is output from the storage unit 10b in the client 10 (for example, only when data is output from the storage unit 10b to be attached to an email). If the data is output from the storage unit 10b to be written to an external recording medium such as a CD-R, CD-RW, DVD, magnetic disk, optical disk, magneto-optical disk), the data file included in the input / output data Can determine whether the file is a personal information file and monitor the movement of the personal information file It is possible to more reliably prevent the inadvertent outflow-leakage of personal information.

  Further, when the client 10 having the personal information file is disposed of in this way, the client 10 (personal computer) existing in the company or the like without obtaining human cooperation and applying a special load to the person in charge. ) In a manageable state, it is possible to monitor the state where the client 10 that should have been disposed of is used in any place, and to prevent illegal misappropriation.

  (3-7) Further, a data file determined to be a personal information file (a file given a P mark in this embodiment) is monitored, and access to the data file (for example, rename, copy, delete, move) Data change due to, etc.) is transmitted to the personal information management server 20 as log information, so that access (operation / change history) to a data file that is likely to be a personal information file is Tracking management (tracking) is performed by the information management server 20, and unauthorized use of personal information can be more reliably prevented.

  (3-8) Also, by managing each data file according to the P mark given to each data file, for example, the user of the data file according to the rank (size of the judgment value) of the P mark It is possible to notify caution information / warning information to the system administrator and forcibly capture and collect the data file from the client 10 (storage unit 10b), and inadvertent leakage or leakage of personal information. And unauthorized use of personal information can be prevented more reliably.

  In addition, when disposing of the client 10 having the personal information file with the P mark in this way, it exists in the company without obtaining human cooperation and placing a special load on the person in charge. The client 10 (personal computer) to be managed is placed in a manageable state, and the state where the client 10 that should have been disposed of is used in any place can be reliably prevented. Become.

(3-9) For the client 10 determined to have a personal information file,
If an item that does not have permission to take out is to be taken out, an alarm is issued, and if it has been taken out, the personal information is illegally collected by collecting and tracking location information from the client 10 Use can be prevented more reliably.

[4] Other variations:
The present invention is not limited to the above-described embodiment, and various modifications can be made without departing from the spirit of the present invention.

  Further, for example, in the above-described embodiment, the case of searching / managing personal information has been described. However, the present invention also applies to the case of searching / managing confidential information (information with confidentiality obligation) in a company or the like. It is applied in the same manner, and the same effects as those of the above-described embodiment can be obtained, and it is possible to reliably prevent inadvertent outflow / leakage of confidential information and unauthorized use of confidential information. In that case, a character or character string that appears characteristically in the confidential information is set as the characteristic character or characteristic character string (keyword), and a characteristic character or characteristic character string in the confidential information is set as the characteristic appearance pattern. An appearance pattern will be set.

  Further, while the search by the personal information search means 11 of each client 10 (search for all data files stored in the storage unit 10b) is not completed, access to the data file in the storage unit 10b of the client 10 (for example, Data change by renaming, copying, erasing, moving, etc .; more specifically, output to an external recording medium, mail attachment, etc.) may be prohibited. In this case, until the data file that is determined to be a personal information file is confirmed and the data file that is highly likely to be a personal information file is placed under the management of the personal information management server 20, the storage unit of the client 10 Since access to the data file in 10b is prohibited, it becomes possible to more reliably prevent the leakage and leakage of personal information.

  Furthermore, the functions as the above-described personal information search means 11, CPU usage rate monitoring means 12, input / output monitoring means 13, activation control means 14, access monitoring means 15 and transmission / reception means 16 in each client 10 (all or As described above, a part of the functions) is performed by a computer (including a CPU, an information processing apparatus, and various terminals) executing a predetermined application program (personal information search program) installed from the personal information management server 20. Realized.

  In addition, the functions of the client information collection means 21, installation means 22, collection means 23, management console 24, personal information management means 25, display control means 26, and transmission / reception means 27 in the personal information management server 20 (each of the means) All or some of the functions are realized by a computer (including a CPU, an information processing apparatus, and various terminals) executing a predetermined application program (a program for a personal information management server) as described above.

  The personal information management server program including the personal information search program is provided in a form recorded on a computer-readable recording medium such as a flexible disk, CD-ROM, CD-R, CD-RW, or DVD. In this case, the computer reads the personal information management server program from the recording medium, transfers it to the internal storage device or the external storage device, and uses it. Further, the program may be recorded in a storage device (recording medium) such as a magnetic disk, an optical disk, or a magneto-optical disk, and provided from the storage device to a computer via a communication line.

Here, the computer is a concept including hardware and an OS (operating system), and means hardware operating under the control of the OS. Further, when the OS is unnecessary and the hardware is operated by the application program alone, the hardware itself corresponds to the computer. The hardware includes at least a microprocessor such as a CPU and means for reading a computer program recorded on a recording medium. The personal information search program and the application program as the personal information management server program are stored in the computer as described above on the personal information search means 11, the CPU usage rate monitoring means 12, the input / output monitoring means 13, the activation control means 14, Program codes for realizing the functions as the access monitoring means 15, transmission / reception means 16, client information collection means 21, installation means 22, collection means 23, management console 24, personal information management means 25, display control means 26 and transmission / reception means 27. Contains. Also, some of the functions may be realized by the OS instead of the application program.

  Further, the recording medium in the present embodiment includes the above-mentioned flexible disk, CD-ROM, CD-R, CD-RW, DVD, magnetic disk, optical disk, magneto-optical disk, IC card, ROM cartridge, magnetic tape, Various computer-readable media such as punch cards, computer internal storage devices (memory such as RAM and ROM), external storage devices, and printed materials on which codes such as bar codes are printed can also be used.

[Appendix]:
Note that the following supplementary note is also included in one aspect of the embodiment of the present invention.
(Appendix 1)
A plurality of clients each having an IC tag attached thereto, a personal information management server connected to the plurality of clients via a network so as to be able to communicate with each other, and managing personal information files in the plurality of clients; Personal information comprising: an IC tag writer for writing to the IC tag based on an instruction from the server; and an IC tag reader configured to communicate with the personal information management server and disposed in the installation space of the client A management system,
The personal information management server installs a personal information search program for causing each client to execute self-search for personal information via the network, and performs self-search performed by each client via the network. Collecting means for receiving the results and storing them in a database,
Each of the plurality of clients executes a personal information search program installed from the personal information management server to identify and search a personal information file from data in the storage unit of each client. Means, a transmission means for transmitting a result of self-search by the personal information search means to the personal information management server via the network, and an IC tag for identifying individual clients,
The personal information search means is for causing each client to realize a personal information search function for specifying and searching for a personal information file from data in the storage unit of each client, and a data aggregate included in the data Each name, date of birth, address, residence, telephone number, e-mail address, title, personal identification as a character or character string that appears characteristically in the data or character string and personal information included in the data aggregate Collating with at least one of the information, counting the number of times the feature character or the feature character string appears in the data aggregate, and based on the counting result, the feature character or the feature A determination value that increases as the appearance rate of the character string increases is calculated, and if the determination value exceeds a predetermined threshold, the data aggregate is an individual Is intended to operate each client to determine that the broadcast file,
When it is determined that the data aggregate is a personal information file, the determination result is recorded on the IC tag by the IC tag writer,
It is recorded in the IC tag that the client has been designated for disposal, the IC tag reader is disposed in a disposal facility, and the information management server has the client designated for disposal disposed of by the disposal. Managing whether the facility has passed near the IC tag reader;
A personal information management system characterized by that.
(Appendix 2)
A plurality of clients each having an IC tag attached thereto, a personal information management server connected to the plurality of clients via a network so as to be able to communicate with each other, and managing personal information files in the plurality of clients; Personal information comprising: an IC tag writer for writing to the IC tag based on an instruction from the server; and an IC tag reader configured to communicate with the personal information management server and disposed in the installation space of the client A management system,
The personal information management server installs a personal information search program for causing each client to execute self-search for personal information via the network, and performs self-search performed by each client via the network. Collecting means for receiving the results and storing them in a database,
Each of the plurality of clients executes a personal information search program installed from the personal information management server to identify and search a personal information file from data in the storage unit of each client. Means, a transmission means for transmitting a result of self-search by the personal information search means to the personal information management server via the network, and an IC tag for identifying individual clients,
The personal information search means is for causing each client to realize a personal information search function for specifying and searching for a personal information file from data in the storage unit of each client, and a data aggregate included in the data Each name, date of birth, address, residence, telephone number, e-mail address, title, personal identification as a character or character string that appears characteristically in the data or character string and personal information included in the data aggregate The number of times that the characteristic character or the characteristic character string appears in the data aggregate is compared with information related to at least one of the information, and is obtained for each characteristic character or each characteristic character string. Based on the counting result, an appearance pattern of the characteristic character or the characteristic character string in the data aggregate is obtained, and A degree of coincidence indicating a degree of coincidence between the appearance pattern and a feature appearance pattern preset as an appearance pattern of the characteristic character or the characteristic character string is calculated as a determination value, and the degree of coincidence exceeds a predetermined threshold Each client is operated so as to determine that the data aggregate is a personal information file,
When it is determined that the data aggregate is a personal information file, the determination result is recorded on the IC tag by the IC tag writer,
It is recorded in the IC tag that the client has been designated for disposal, the IC tag reader is disposed in a disposal facility, and the information management server has the client designated for disposal disposed of by the disposal. Managing whether the facility has passed near the IC tag reader;
A personal information management system characterized by that.
(Appendix 3)
The personal information management server issues an alarm when the client determined to have a personal information file attempts to go out of the installation space through the IC tag reader.
The personal information management system according to Supplementary Note 1 or Supplementary Note 2, wherein
(Appendix 4)
The personal information management server is the client that has been determined to have a personal information file and that has been granted permission to take out the alarm, if the client tries to go out of the installation space through the IC tag reader. Does not emit,
The personal information management system according to any one of Supplementary Note 1 to Supplementary Note 3, wherein
(Appendix 5)
Each of the clients includes position information acquisition means for acquiring position information,
Transmitting the position information acquired by the position information acquisition means to the personal information management server via the transmission means;
The personal information management system according to any one of Supplementary Note 1 to Supplementary Note 4, wherein:
(Appendix 6)
Each of the plurality of clients
Usage rate monitoring means for monitoring the usage rate of the arithmetic processing unit that executes processing in each client;
The personal information search unit is activated when the usage rate monitored by the usage rate monitoring unit is equal to or less than a predetermined threshold value, and the personal information search unit operates when the usage rate exceeds the predetermined threshold value. And a start control means for stopping
The personal information management system according to any one of Supplementary Note 1 to Supplementary Note 5, wherein:
(Appendix 7)
Each of the plurality of clients
Input / output monitoring means for monitoring data input / output operations in the storage unit of each client;
A start control means for starting the personal information search means when the input / output monitoring means detects the occurrence of the input / output operation;
The personal information management system according to any one of Supplementary Note 1 to Supplementary Note 6, wherein:
(Appendix 8)
When the characteristic information or the characteristic character string related to a plurality of types of information is present in the data aggregate, the personal information search means may include the characteristic character or the characteristic character related to one type of information in the data aggregate. Each client is operated so as to weight the counting result so that the determination value is larger than the case where the characteristic character string exists.
The personal information management system according to any one of Supplementary Note 1 to Supplementary Note 7, wherein:
(Appendix 9)
The personal information management server further comprises personal information management means for managing personal information files in the plurality of clients based on the search results received by the collection means;
The personal information management system according to any one of Supplementary Note 1 to Supplementary Note 8, wherein:
(Appendix 10)
The personal information management means manages the data aggregate searched as a personal information file by the personal information search means,
Each of the plurality of clients monitors the data aggregate retrieved as a personal information file by the personal information retrieval means, and when access to the data aggregate occurs, the transmission means informs that fact. It further comprises access monitoring means for sending to the management server,
The personal information management system according to supplementary note 9, wherein
(Appendix 11)
The personal information managing means manages the data aggregate according to the determination value for each data aggregate included in the search result;
The personal information management system according to Supplementary Note 9 or Supplementary Note 10, wherein
(Appendix 12)
The personal information management means notifies warning information to a user of the data aggregate according to the determination value for each data aggregate included in the search result.
The personal information management system according to appendix 11, which is characterized by the above.
(Appendix 13)
The personal information managing means forcibly collects the data aggregate from the client storing the data aggregate according to the determination value for each data aggregate included in the search result;
14. A personal information management system according to appendix 11 or appendix 12.
(Appendix 14)
A plurality of clients each having an IC tag attached thereto, an IC tag writer for writing to the IC tag based on an instruction from the personal information management server, an IC tag reader arranged in the installation space of the client, and a network A personal information management server that is connected to be communicable with each other and manages personal information files in the plurality of clients,
Installation means for installing a personal information search program that causes each client to perform self-search of personal information via the network;
A collection means for receiving the result of the self-search performed by each client via the network and storing the result in a database;
The personal information search program causes each client to realize a personal information search function for specifying and searching a personal information file from data in the storage unit of each client, and a data aggregate included in the data Each name, date of birth, address, residence, telephone number, e-mail address, title, personal identification as a character or character string that appears characteristically in the data or character string and personal information included in the data aggregate Collating with at least one of the information, counting the number of times the feature character or the feature character string appears in the data aggregate, and based on the counting result, the feature character or the feature A determination value that increases as the appearance rate of the character string increases is calculated, and when the determination value exceeds a predetermined threshold, the data set There are those to be executed by the client to determine that the personal information file,
When it is determined that the data aggregate is a personal information file, an instruction to write the determination result to the IC tag is given to the IC tag writer,
The IC tag records that the client has been designated for disposal, the IC tag reader is located in a disposal facility, and the information management server is configured to allow the client that has received the designation for disposal to A personal information management server for managing whether or not the vicinity of the IC tag reader of a facility is passed.
(Appendix 15)
A program that causes a computer to function as a personal information management server that manages personal information files in a plurality of clients connected to each other via a network,
Each client includes a personal information search program for executing a self-search of personal information, and installation means for installing the personal information search program on each client via the network, and each network via the network Receiving the results of the self-search performed on the client and making the computer function as a collecting means for storing in the database,
The personal information search program installed in each client by the installation means causes each client to implement a personal information search function for specifying and searching for a personal information file from data in the storage unit of each client. And
For each data aggregate included in the data, characters, character strings included in the data aggregate, and characters or character strings that appear characteristically in personal information, such as name, date of birth, address, residence, telephone number, A counting step of collating with at least one of an e-mail address, title, and personal identification information, and counting the number of times the feature character or the feature character string appears in the data aggregate; and the counting step In the determination step, a determination value that increases as the appearance rate of the characteristic character or the characteristic character string increases is determined, and the data aggregate is a personal information file when the determination value exceeds a predetermined threshold value. Is executed by the client,
If it is determined that the data aggregate is a personal information file, an instruction is given to the IC tag writer to write the determination result to the IC tag writer.
The IC tag records that the client has been designated for disposal, the IC tag reader is located in a disposal facility, and the information management server is configured to allow the client that has received the designation for disposal to A personal information management server program for managing whether or not the vicinity of the IC tag reader of a facility is passed.

It is a block diagram which shows the function structure of the personal information management system as one Embodiment of this invention. It is a block diagram which shows the function structure of the client (information processing apparatus with a personal information management function) of this embodiment. It is a block diagram which shows the function structure of the personal information management server of this embodiment. It is a figure which shows the example of the quarantine table of this embodiment. It is a figure which shows the specific example of a title header. It is a flowchart for demonstrating operation | movement of the starting control means in each client of this embodiment. It is a flowchart for demonstrating operation | movement of the personal information search means in each client of this embodiment. It is a flowchart for demonstrating operation | movement of the starting control means in each client of this embodiment. It is a flowchart which shows operation | movement of the personal information management system as one Embodiment of this invention.

Explanation of symbols

1 personal information management system 10 client (information processing device with personal information management function)
10a CPU (arithmetic processing unit)
10b Storage unit 10c Quarantine table 10d P mark table 10e IC tag 11 Personal information search means (search engine, text extraction engine)
12 CPU usage rate monitoring means 13 Input / output monitoring means 14 Startup control means 15 Access monitoring means 16 Transmission / reception means (transmission means)
20 Personal information management server 20a CPU
20b database 20c display unit 21 client information collection unit 22 installation unit 23 collection unit 24 management console 25 personal information management unit 26 display control unit 27 transmission / reception unit 30 network (LAN)
40 IC tag writer 50 IC tag reader 60 Alarm device 100 Gate 200 Disposal facility

Claims (8)

A plurality of clients used in a predetermined installation space, an information management server connected to the plurality of clients to communicate with each other via a network, and managing the plurality of clients; and the information management server; An information management system comprising an IC tag reader configured to be communicable,
Each of the plurality of clients is configured with an IC tag for identifying the individual,
When the client receives a disposal designation, a disposal designation flag is recorded in the IC tag,
If the client has information to be protected, an information presence flag to be protected is recorded in the IC tag,
The IC tag reader is disposed in the installation space and the disposal facility,
The information management server
The client with the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded is carried out through the vicinity of the IC tag reader in the installation space, and the IC of the disposal facility Monitors passing through the vicinity of the tag reader,
An information management system characterized by that. The information management server
The client with the IC tag in which the information presence flag to be protected and the disposal designation flag is recorded is unloaded after passing through the vicinity of the IC tag reader in the installation space. An alarm is issued when the vicinity of the IC tag reader of the disposal facility is not passed within a certain time.
The information management system according to claim 1. The information management server
The client with the IC tag in which the information presence flag to be protected and the disposal designation flag is recorded is unloaded after passing through the vicinity of the IC tag reader in the installation space. Notifying a predetermined person in charge when the vicinity of the IC tag reader of the disposal facility is not passed within a certain time,
The information management system according to claim 1. IC tag readers are placed in any place other than the installation space and the disposal facility,
The information management server allows the client to which the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded passes through the vicinity of the IC tag reader disposed in any one of the locations. To monitor,
The information management system according to claim 1, wherein the information management system is an information management system. An IC tag reader, which is provided with an IC tag for identifying each individual, is used in a predetermined installation space, and is arranged in the installation space and the disposal facility and reads information recorded in the IC tag And an information management server for managing the plurality of clients connected to each other so that they can communicate with each other,
Write a disposal designation flag to the IC tag of the client that has been designated for disposal,
Write an information presence flag to be protected to the IC tag of the client having information to be protected,
The client with the IC tag in which the information presence flag to be protected and the disposal designation flag are recorded is carried out through the vicinity of the IC tag reader in the installation space, and the IC of the disposal facility Monitors passing through the vicinity of the tag reader,
An information management server characterized by that. The client with the IC tag in which the information presence flag to be protected and the disposal designation flag is recorded is unloaded after passing through the vicinity of the IC tag reader in the installation space. An alarm is issued when the vicinity of the IC tag reader of the disposal facility is not passed within a certain time.
The information management server according to claim 5, wherein: An IC tag reader, which is provided with an IC tag for identifying each individual, is used in a predetermined installation space, and is arranged in the installation space and the disposal facility and reads information recorded in the IC tag And an IC tag writer that writes a flag to the IC tag in the installation space, and an information management server connected to the IC tag writer so as to communicate with each other and manage the plurality of clients. A program for an information management server to function,
An instruction to write a disposal designation flag to the IC tag of the client that has been designated for disposal is given to the IC tag writer.
An instruction to write an information presence flag to be protected to the IC tag of the client having information to be protected is given to the IC tag writer.
The client with the IC tag recorded with the information presence flag to be protected and the disposal designation flag is carried out through the vicinity of the IC tag reader in the installation space, and the IC of the disposal facility Monitors passing through the vicinity of the tag reader,
An information management server program characterized by the above. The client with the IC tag in which the information presence flag to be protected and the disposal designation flag is recorded is unloaded after passing through the vicinity of the IC tag reader in the installation space. An instruction to generate an alarm is given to a means for issuing an alarm if the vicinity of the IC tag reader of the disposal facility is not passed within a certain time.
The information management server program according to claim 7, wherein:

Images