JP2011232883A - Information update system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a new information management program or system for transmitting and managing information for limiting an object to be disclosed by an information provider, for example, personal information such as a contact destination or private contact.SOLUTION: A storage medium of a center system is configured to store the personal information, transmission destination list and agreement destination list of a user himself or herself as user information and the personal information of others as an agreement destination personal information database for each user, and an information processor is configured to, when the personal information of the user stored by the storage medium is input or changed by the user, collate whether or not the user is registered in the agreement destination of the agreement destination list of each transmission destination registered in the transmission destination list of the user, and to write at least a part of the personal information of the user himself or herself which has been input or changed in the agreement destination personal information database of the transmission destination stored in the storage medium as long as the transmission destination is registered, and to automatically update the content of the agreement destination personal information database of the transmission destination.

Description

  The present invention relates to an information management program or system for mutually transmitting and managing information in an information processing apparatus connected to a network, and in particular, disclosed by an information provider in an information processing apparatus connected to a network. The present invention relates to an information management program or system for mutually transmitting and managing information restricting the other party, for example, personal information such as contact information. Specifically, the present invention includes an information management program or system for maintaining a personal information database of another person used as a contact list such as an address book, an address book, and a telephone book in the latest information.

  In general, contacts of acquaintances such as friends and business partners are recorded and managed in address books, address books, telephone books, etc. (hereinafter also referred to as “contact list”). In the past, each contact address was written in a paper-based address book or phone book. Recently, as personal computers and mobile phones have become popular, various software address books, address books, phone books are stored in these storage media. In many cases, each contact information is entered through electronic information and managed as electronic information. The contact information entry and entry process for these contact lists is manually entered, entered or updated in the contact list based on written or verbal information such as business cards, e-mail, postcards and faxes. Was.

  If you change your name, home address, phone number, etc. due to moving or marriage, or if your company name, company address, phone number, e-mail address, etc. change due to employment, change of job, transfer, etc. It is necessary to notify new information to the other party who has entered the address in the contact list. In this case, refer to your contact list and notify each contact of new information by e-mail, postcard, facsimile, telephone, etc., give a business card, etc. when you meet directly, or notify them verbally Was.

  However, it is cumbersome to individually notify a large number of contacts, and there is a possibility that an input error of information or a notification may be forgotten. If you use e-mail, you can send to multiple contacts at once, but the same information is not necessarily sent to all contacts. The selection and grasping work is difficult, and a great deal of time and labor are consumed. For example, if both a personal address and phone number and a company address and phone number are changed due to a transfer, only the company address and phone number will be notified according to the contact information. It was necessary to select whether to notify only the telephone number or both, and the delay or error of the notification was likely to occur. In addition, the contact information in the contact list of one's own user may not be updated to the latest information, and the contact information may be incorrect and cannot be notified.

  It is extremely cumbersome for the recipient of the information to manually enter or enter the notified information in the address book, etc., or to update the information entered or entered. Input mistakes and forgetting updates often occur. As the amount of input information increases, it takes time to search for old information related to the notified information. As described above, it is difficult in the prior art to keep the contents of the contact list in which the personal information of other people is recorded in the latest contents, and it is often impossible to make contact. These contact lists are frequently used for certain contacts, but for other contacts, they are New Year's cards, Christmas cards, greeting cards (promotion, transfer, change of job, employment, retirement, move, email address change, It is often used only a few times a year so that it can be used when sending mobile phone number changes, etc., and each time you have to check whether the address or title of the other party is correct, The total effort of each person was enormous.

  In addition, the contact list managed as electronic information includes multiple applications such as spreadsheet software, Internet browsing software, e-mail software, postcard address printing software, schedule management software, and other personal computer application software, mobile phone phone books, etc. Each software has an independent contact list, and it is very labor-intensive to keep the contents of each address book etc. consistent and up-to-date. These contact lists may be able to convert data to each other, but they still need to be converted and it is necessary to check which information is up to date. Was demanded.

  In Patent Document 1, as a method for changing and distributing personal information using a computer, a personal information provider changes related personal information, and a computer system connected via a computer network updates and stores the personal information. A method is disclosed in which, when a distribution destination set by the personal information provider requests an update, the computer system distributes only distribution permission items of the personal information to the transmission destination.

  Conventionally, as an information transmission method in an information processing apparatus connected to a network, e-mail, a bulletin board, and RSS (RDF Site Summary or Rich Site Summary) are known. An e-mail is a system in which a letter is sent electronically, and if the address of the other party is known, the sender can send information to a specific party. The information provider identifies the other party, The information receiver can be set for individual reception refusal, but is basically a system open to the whole. The bulletin board is a system in which an information provider discloses information to the whole, and an information receiver uses a search tool to browse specific information. RSS is a system that distributes information from an information provider to a registrant by registering with the information provider. The information provider publishes information throughout, and the information receiver identifies the information provider, This is a system that requests distribution.

JP 2001-243186 A

  Certainly, according to the method of Patent Document 1, when a distribution destination set by a personal information provider requests an update via a computer network, the information input by the personal information provider is distributed and can be automatically input. Therefore, the complexity of manual input is greatly eliminated.

  However, in the method of Patent Document 1, the distribution destination (information receiver) actively requests an update to pull out the personal information provided by the personal information provider, and for the first time the address book of the distribution destination is updated to the latest contents. It is a PULL type system that is updated (paragraph 0040 of Patent Document 1). The PULL type means that the distribution destination (information receiver) is the personal information storage part of all the personal information providers that are listed to check whether there is updated information before actually using the address book etc. This is a mechanism that requires confirmation and retrieval of information. For this reason, the update timing is determined by the update request operation timing of the distribution destination. Unless there is an update request operation from the distribution destination, the personal information recorded in the distribution destination is provided even if the network is always connected. Personal information is not updated. Since the distribution destination does not know when the personal information provider has input or updated the information, the update request operation may not be performed at a necessary timing, and the update request operation may be forgotten. For this reason, the method of Patent Document 1 is not yet sufficient as a system for maintaining the latest personal information.

  Even if the distribution destination (information recipient) does not wish to receive personal information of the personal information provider, personal information is provided when the personal information provider is set as the distribution destination, and the information is Since it is updated, there is a possibility that unnecessary personal information may be buried by unnecessary personal information, and there is a risk of generating a new problem similar to spam mail.

  Moreover, for distribution destinations set as distribution destinations by a large number of personal information providers, an update request signal is sent to each of a large number of personal information providers by an update request operation, and each of a plurality of personal information providers is notified. It is necessary to perform a number of processes such as determining whether or not the information has been updated in step S2 and receiving the updated information if the information has been updated. Each time an update request operation is performed, a long processing time is required due to a large number of processes, the processing capacity of the system is consumed, and a system failure may occur.

  In addition, since the update process starts after the update request operation by the distribution destination, the distribution destination cannot use the latest personal information until the update process is completed, and urgently needs personal information The latest personal information could not be obtained immediately.

  Based on the above-described conventional technology, the present invention enables information processing apparatuses connected to a network to exchange information that restricts the information disclosed by an information provider, such as personal information such as contact information and private contact. One of the purposes is to provide a new information management program or system for transmitting and managing the information. Another aspect of the present invention is an information management program or system for transmitting personal information such as contact information to each other and maintaining a personal information database of others that can be used as a contact list by each user. For other purposes. Furthermore, another aspect of the present invention is not only the management of personal information within the information management system, but also systematically incorporates other parties who have not yet joined the information management system into the information management system. An object of the present invention is to provide an information management program or system capable of expanding the users of the information management system.

  In order to solve at least one of the above objects, an information update system according to the present invention includes a center system and a client system connected via a network, and the center system includes an information processing apparatus and a storage medium connectable to the network. And the personal information of each person, the destination list and the acceptance destination list are stored as user information, and the personal information of the other person is stored as an acceptance destination personal information database for each user. An information update system for automatically updating the contents of the consent-destination personal information database by an information processing device, wherein a user uses his client system to update his / her own user information stored in the storage medium. Personal information can be entered or changed, and the user can Using the client system, at least a part of the personal information stored as user information in the transmission destination list of the user information stored in the storage medium is stored in the personal information database of another user's consent destination. It is possible to register or change the transmission destination that is permitted to transmit, and the user can use the client system to add another user's list to the consent destination list in the user information stored in the storage medium. It is possible to register or change a consent destination that is received when personal information is transmitted and is allowed to change the contents of the personal information database of the self-acceptance destination. When the personal information stored in is entered or changed by the user, the entered or changed user's personal information For each destination registered in the destination list in the user information, it is registered by checking whether or not the input or changed user is registered in the acceptance destination of the acceptance destination list in the user information of each destination. For the destination only, by writing at least a part of the personal information of the input or changed to the destination personal information database of the destination stored in the storage medium, the consent destination individual of the destination The content of the information database is automatically updated.

  Alternatively, in the information update system of the present invention, when the information processing apparatus registers a transmission destination in the transmission destination list in the user information by the user, the approval destination of the approval destination list in the user information of the registered transmission destination Whether or not the user who registered the destination is registered, and only if the user is registered, the destination is stored in the destination personal information database of the destination stored in the storage medium. By writing at least a part of the personal information in the user information of the registered user, the contents of the consent destination personal information database of the transmission destination are automatically updated.

  Alternatively, in the information update system of the present invention, when the information processing apparatus registers a consent destination in the consent destination list in the user information by the user, the transmission destination of the transmission destination list in the registered user information of the consent destination Whether or not the user who registered the acceptance destination is registered, and only when it is registered, in the consent destination personal information database of the user who registered the acceptance destination stored in the storage medium, The content of the personal information database of the user who has registered the consent destination is automatically updated by writing at least a part of the personal information of the user information of the consent destination.

  Furthermore, in the information update system, when the result of the collation is not registered, it is preferable that information indicating that the information is not registered is registered in a mismatch list of at least one of the users. In addition, a function that allows the user to register the user registered in the mismatch list as the transmission destination of the transmission destination list or the approval destination of the consent destination list in the user information by referring to the mismatch list of the user is realized. More preferably.

  Furthermore, in the information update system, after being registered in the mismatch list, it is registered as a transmission destination or a consent destination, thereby realizing a function of deleting registration of the mismatch list when registered with each other. preferable.

  Furthermore, in the information update system, if the result of the collation is registered, the relationship is registered in a match list, and the collation first refers to the match list or the mismatch list, When it is not registered in the mismatch list, it is preferable to collate with the other party's user information.

  In the information update system in the information management system realized by the information management program of the present invention, the input person registers the transmission destination in the transmission destination list, “permits disclosure of his / her personal information to the transmission destination. This means that the input person's intention is “Yes”, and that the input person registers the acceptance destination in the acceptance destination list. “Receiving the personal information from the acceptance destination, This means an intention of the input person to “permit to change”. And in this information management system, it is limited to the case where the intention of information disclosure of one user matches the intention of other users to change the information, but by the operation of the user who is the input person, It is a system that permits the change of the personal information database of the consent destination.

  Furthermore, in this information management system, it is preferable to store the result of collating the intention disclosure of information disclosure and the intention representation of information reception and rewriting as collation result information. In other words, if the information disclosure intention and the information reception and rewriting intention display match, the relationship is registered in the match list, and if they do not match, the relationship is registered in the mismatch list. . Disagreement is a situation in which the intention of the other is not expressed against the intention of the other. After that, if the other grants permission, it becomes a match and the information is disclosed and rewritten, and the other refuses. It becomes a state of refusal. Regarding the rejection status, there are several possible modes of its effect. For example, unless a canceling operation is performed by the rejecting user, information is not disclosed or rewritten between them, and a notification of inconsistency is given. You can also make it impossible. When a transmission destination is deleted from the transmission destination list or an approval destination is deleted from the approval destination list, the relationship with the transmission destination or the approval destination is in a rejected state, and information is not disclosed or rewritten.

  In general, it is dangerous for others to view, copy, or change information recorded in a personal recording area without permission, such as information leakage, diffusion, and alteration of contents. However, in this system, by registering in the transmission destination list and the consent destination list, information disclosure or information change intention display is made, information is disclosed on condition that the other party's corresponding intention display matches, and automatic He was allowed to change the information. In the information management system 1, one or more of the following effects can be obtained by inputting personal information, a transmission destination list, and a consent destination list as user information.

  First, each user can manage his / her personal information in a unified manner. In other words, if the personal information in this information management system is updated to the latest information, individual applications (for example, business card creation software and postcard creation software) and multiple information processing devices (home personal computer, mobile phone, company personal) When it is necessary to input personal information on a computer or the like, the latest personal information can be grasped by referring to or downloading the personal information registered in the information management system.

  Second, each user can collectively manage the transmission destinations by registering in the transmission destination list the transmission destinations permitted to disclose at least a part of his / her personal information. In addition, if it matches the recipient's intention to receive (registration to the consent recipient), update information can be provided to all the recipients (destination) who need to update their personal information. It is also possible to automatically rewrite the consent destination personal information database of each destination. Therefore, each user can manage the consent destination personal information database with the latest information for each transmission destination registered in the transmission destination list. In addition, by setting a transmission item for each transmission destination, items (transmission contents) of personal information transmitted for each transmission destination can be managed.

  Third, each user can collectively manage the consent destinations by registering in the acceptance destination list the consent destinations that are permitted to receive when the personal information of others is transmitted. In addition, if it agrees with the intention to disclose the personal information of the recipient (registration to the recipient), the personal information of the other person (authorization recipient) is automatically managed to the latest information as the recipient personal information database. be able to.

  In addition to storing the collation result information, the collation speed can be increased. In addition, it is possible to manage destinations that have been able to update personal information and destinations that could not be updated, and to receive personal information. It is possible to manage the acceptance destinations and the acceptance destinations that could not be received, and it is also possible to grasp whether the transmission destination and the acceptance destination are interested in themselves. Other effects will be clarified in the embodiments described below.

Schematic configuration diagram of the entire personal information management system according to the present invention Example of data structure associated with each user (A) is an example of an item of personal information of an input person, and (B) is an example of user transmission item setting. An example of a destination list An example of acceptance list An example of the destination list and acceptance list input screen displayed on the display means of the information processing apparatus of the client system Example of flowchart of personal information input change processing An example of a flowchart of the destination / sending item input change process An example of a flowchart of the consent destination input change process Example flowchart of user registration process An example of a flowchart of verification processing that includes unregistered users Example of data structure associated with each user and unregistered person Example of flowchart of unregistered person registration process An example of a flowchart of destination collation processing using collation result information Example of flowchart of information output (download) process (A) And (B) is an example of the output screen displayed on the display means of the information processing apparatus of a client system. An example of a flowchart of processing for deleting a destination An example of a flowchart of the process to delete a consent destination Configuration diagram of personal information management system according to the present invention Diagram explaining correspondence between data structure and each list The figure explaining the correspondence of the data of each list in personal information input change processing The figure explaining the correspondence of the data of each list in personal information input change processing

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. However, the present invention is not limited to the following examples. FIG. 1 is a schematic configuration diagram of an entire information management system 1 according to the present invention. First, the individual elements and basic information processing of the information management system 1 using the program of the present invention will be described, and then the information management system using the program of the present invention realizing more complicated functions. 1 will be described. In this specification, a user of the system is referred to as a “user”, a user who has entered personal information is referred to as an “input person”, and a person who has not yet used the system is referred to as an “unregistered person”. Unless otherwise specified, the user A describes the user A as the input user.

  The information management system 1 includes a client side system (hereinafter referred to as “client system”) 2 and a center side system (hereinafter referred to as “center system”) 3 connected by a network (electric communication line) 4. The network 4 is a transmission path capable of bidirectional communication between a plurality of information processing apparatuses, and examples thereof include the Internet, a WAN (Wide Area Network), and a LAN (Local Area Network).

  In FIG. 1, the client system 2 and the center system 3 are shown separately separated, but are merely distinguished as functions, and need not be configured separately. A part of the client system 2, for example, an information processing device or a storage device can be shared with the center system 3.

  The client system 2 is a system that enables input / output of personal information and the like between the center system 3 and the user. It is realized by using it. As the information processing device 21, for example, a computer, a home game machine, a television, a video recording device (DVD recorder, HDD recorder, etc.), a portable terminal (mobile phone, PDA (Personal Digital Assistant), portable game device, etc.) is used. can do.

  Input means are character / command input means such as keyboard, mouse, controller, touch pen, image input means such as scanner, camera, CD drive, DVD drive, USB memory, memory card reader, contact IC card reader, non-contact type One or a plurality of electronic information input means such as an IC card reader can be used. The input means may be input through a network line, a wireless LAN, or the like using an input means of another information processing apparatus.

  The output means is an image display device such as a display or a projector, a printing device such as a printer, an audio output means such as a speaker, one of electronic information output means such as a CD-RW drive, DVD-RW drive, USB, or e-mail software. Alternatively, a plurality can be used.

  The client software has at least (1) a function for the user to input or edit user information (including personal information, a transmission destination list, and a consent destination list) to the information processing apparatus 21 via the input means; (2) A function of transmitting input or edited user information to the center system 3, and (3) receiving at least a part of the consentee personal information database from the center system 3, and outputting at least a part of the received consentee personal information database The function to output to the user is realized. Furthermore, in addition to the above function or as part of the above function, the client software realizes a user registration / authentication function, a user information identification function, a consentee personal information input, editing or extraction function, a data conversion function, and the like. You can also.

  The client software may be used by installing a client program in the information processing apparatus 21, or by connecting to the center system 3 through a line, the function of the client program executed in the center system 3 can be processed. You may provide with the form of what is called an application service utilized in the apparatus 21. FIG. When provided in the form of an application service, the program is not duplicated in the information processing apparatus 21 of the client system 2, but since various functions can be realized by executing the program, the program is substantially provided. Can be regarded as being. In the case of the application service form, when a user connects to the center system 3 from a plurality of information processing devices or uses another person's information processing device, there is no need to install a program on each information processing device. Excellent in properties. On the other hand, when installing the program in the information processing apparatus 21, the program may be downloaded and installed online via a network, or may be installed from a storage medium such as a CD-ROM in which the program is stored. If client software is installed in the information processing apparatus 21, user information can be input, edited, etc. even when the network is offline. In this case, when connecting to the center system 3 through the line, the user information is updated so that it is the latest between the user information of the client system 2 input and edited in the offline state and the user information stored in the center system 3. Update it.

  The center system 3 is a system for accumulating, managing, etc. the information input by the client system 2, and using the information processing device 31 and the storage medium 32 having arithmetic processing means connectable to the network, the center software is installed. It is realized by using it. As the information processing device 31, for example, one or a plurality of computers, one or a plurality of servers can be used, and the information processing device 31 of the center system 3 and the information processing device 21 of the client system 2 are shared. You can also.

  The storage medium 32 stores at least user information and a consentee personal information database for each user. The storage medium 32 may be a hard disk built in the information processing apparatus 31 that is connected to the information processing apparatus 31 directly or through a network, or a data warehouse provided separately from the information processing apparatus 31. There may be. The storage medium 32 may be distributed and stored in the storage media of the plurality of information processing apparatuses 31. In addition, as a data structure in the storage medium 32, the user information of each user and the consentee personal information database should just be memorize | stored in association with each user. “Accumulating in association with each user” refers to a state in which user information and an approved personal information database for the specified user can be specified or output by inputting user specifying information. In other words, any data structure may be used as long as it is possible to extract the user information and the consentee personal information database of the user by specifying the user.

  FIG. 2 is an example of the data structure of the user information and the consentee personal information database stored in the storage medium 32 associated with each of the users A to D. User information includes user-specific information such as user-provided information provided by the client using the client software and passwords and user IDs (including those entered by the user himself / herself or automatically added by the system). More specifically, the personal information of the input person (self), the transmission destination list for registering the transmission destination permitting transmission of at least a part of the personal information of the input person, and the personal information of others are received. The user information includes a permission list for registering permitted permission destinations. The user information may include transmission items individually set for each transmission destination and transmission item setting information set in advance by the user in relation to the transmission destination list. Further, the user information may include collation result information (match list, mismatch list, or reject list) regarding the destination or acceptance destination of the destination list or acceptance destination list.

  As the user specifying information, one or a plurality of pieces of information specifying a user such as a user name, an e-mail address, and a user ID can be used. The user name may have the same name and the same name, and it cannot always be said that an individual can be identified absolutely. As for email addresses, there is only one same address, but there are cases where one person owns multiple addresses, and there are cases where multiple people share them, so that it is also possible to absolutely identify individuals. I can't say that.

  For this reason, it is preferable that a user name and an e-mail address are input as the user specifying information that the user inputs as a transmission destination or a consent destination or inputs at the time of registration. Entering the user's name is generally used as information for identifying the user, is the most basic information as personal information, and the user himself / herself remembers it. To preferred. Also, the mail address is preferable because the address itself is unique and unique, and it is possible to contact the user electronically. An individual can be specified more by combining these two pieces of information. It should be noted that it is also possible to employ a configuration with only a mail address that serves both as a user ID and a contact address.

  Since the user ID is unique to the user, it corresponds to the user on a one-to-one basis and can be used to identify and manage the user. The user ID can be set by the user or can be disclosed to the user and used by the user as user identification information. However, there is a security problem due to leakage of the user ID and a problem of complexity when inputting the ID. Also, there are problems such as forgetting ID and leaving the system due to wrong ID. For this reason, it is preferable that the center system 3 automatically sets the user ID corresponding to the user at the time of user registration. Furthermore, the user ID set by the system is not disclosed to the user and the user in the system is set. A configuration used for identification is preferable. In addition, the user ID is disclosed to the user for use as user identification information at the time of login, and the information is not disclosed to other users (a mode in which the user ID cannot be specified as a transmission destination or a consent destination). You can also.

  The user A data shown in FIG. 2 stores, as user information, own personal information, a destination list in which users B and C are registered as destinations, and a destination list in which users B and D are registered as destinations. The personal information of the user B received from the consent destination registered in the consent destination list is recorded as the prior personal information database. As shown in FIG. 2, the users B, C, and D also record the same items as the data structure, although the contents are different. Further, as necessary, collation result information such as a match list registered when the intention of transmission and the intention of reception coincide with each other, and a mismatch list registered when they do not match are also shown for each user AD. Recorded in association with.

  Items of personal information entered by the input person include, for example, the user ID entered by the input person, name, work name, department name, title, title, work address, work phone number, work place Information related to work such as fax number, work email address, work mobile phone number, work home page address, home address, home phone number, home fax number, personal email address, personal mobile phone number, personal Personal contact information such as a home page address may be included, as well as more personal information such as age, date of birth, blood type, gender, birthplace, school, hobby, family structure, etc. Also, your personal information is not only information related to your contact information, but also information that restricts who you can publish, and you want to receive information about at least some other users. included. For example, information related to the schedule, private views on certain matters (for example, sightseeing, TV programs, movies, stores, etc.) may be transmitted and received. This information management system sends your personal information to the destination, receives the personal information of the acceptance destination, creates the acceptance destination personal information database, and automatically updates the contents of the acceptance destination personal information database. Therefore, the information is not particularly limited to the above information as long as it matches the application.

  In addition, as a user, not only natural people but also corporations and organizations are the main subjects, information about the corporations and organizations themselves is made personal information, information is sent to other natural people, corporations and organizations, and other It may be a system that receives the personal information of a natural person, corporation or organization. For example, in addition to the head office, branch location, and contact information of corporations and organizations, the name and contact information of each position, such as the name and contact information of each position, the person in charge of materials, the person in charge of personnel, the person in charge of public relations, etc. shall be personal information. Can do. In addition, for corporate users, enter the decisions made at the General Meeting of Shareholders, information on product recalls, etc. as personal information, and send or notify specific users such as shareholders and purchasers. It can also be used as a system for collecting personal information regarding a specific partner such as a shareholder or purchaser.

  Further, the personal information can be checked so that the past update history can be confirmed. That is, the history of personal information can be stored by storing the content of the update every time it is updated, including the content of personal information at the time of registration. Although all personal information may be saved each time it is updated, it is preferable to save only the updated portion in order to reduce the storage capacity. By storing the history of personal information, information or contact information (for example, name and e-mail address) for specifying the transmission destination and the consent destination in the collation processing of the transmission destination or the consent destination described later (see FIG. 11), When searching for a match with a user already registered in the system, not only the latest personal information of each user but also past personal information of each user saved as history is searched. Can do. Although the e-mail address itself is unique, the e-mail address may be changed relatively frequently for reasons such as changing jobs, changing the mobile device model, changing the provider, and preventing spam mail. For this reason, for example, it is assumed that the latest email address is unknown, such as having a business card before changing jobs, but the past email address is known. If you use a process that searches for each user's past personal information, even if a name and past email address are entered, you must be a registered user from the history. Can be specified.

  FIG. 3A is an example of items of personal information of the input person. The personal information has compatibility with the input screen displayed by executing the program installed in the information processing apparatus 21 or connecting to the center system 3 through a line and executing the personal information input process, or other compatibility. Can be entered through software. Further, business cards, resumes, two-dimensional barcodes, etc. may be captured by image input means and input through a character recognition or decoding function, or an address book, address book, telephone book, etc. stored in the information processing device 21 The electronic information may be converted into a system format by a conversion function and input, or electronic information stored in a CD, DVD, IC card, or the like may be input by electronic information input means.

  In the transmission destination list, the input person registers a transmission destination that permits transmission of at least a part of his / her personal information, and inputs at least one piece of information or contact information for identifying the transmission destination. Examples of the information specifying the transmission destination include a user ID, a user name, or an e-mail address, and examples of the contact address include an e-mail address, a telephone number, and an address. It is preferable to input a name and an e-mail address as information or a contact address for specifying the transmission destination, for the same reason as described above. Here, the information (name or contact information) specifying the transmission destination should be an indispensable input item when the user registers in the system. Further, when the user ID is disclosed to the user, the user ID may be input as specifying the transmission destination.

  In the transmission destination list, items of personal information to be transmitted may be set for each transmission destination. For example, if it is a personally close friend or family member, all personal information may be transmitted. However, for business acquaintances, only information related to work may be transmitted. A configuration in which each item in FIG. 3A can be selected may be used, but since the number of items is large, it is preferable to have a function capable of setting a plurality of items collectively. As such a function, the system may set a comprehensive item of a plurality of items, for example, “all”, “personal contact”, “work-related information”, etc., and this comprehensive item can be selected. A function may be used in which a transmission item including a plurality of set items is stored, and a transmission item (user transmission item setting) set by the user can be selected. FIG. 3B shows an example of user transmission item settings. In FIG. 3B, items with circles are items to be transmitted, user transmission item setting 1 transmits all work-related information, user transmission item setting 2 transmits personal contact information and home information, Transmission item setting 3 is a setting for transmitting only personal contact information, and user transmission item setting 4 is a setting for transmitting a part of work related information and home information. Of course, it may be configured such that each item of the personal information can be selected and the comprehensive item and / or user transmission item setting can be selected. This user transmission item setting function requires the client system 2 or the center system 3 to have functions for inputting, editing, and storing user transmission item settings.

  FIG. 4 is an example of a destination list. In FIG. 4, the items input by the user are the name, mail address, and transmission item of the transmission destination, and the user ID item is input by the center system 3 in order to manage the user's correspondence in the system. . Moreover, the item of the collation result reflects the collation result with the destination's consent destination list and the intention of the destination in order to easily confirm the necessity of transmission, and the center system 3 as necessary. Is input by. In the verification result item, a circle indicates that transmission is possible with the destination (match), a triangle indicates that the destination is not indicated (inconsistency), and X indicates that the destination rejects reception (rejection). ). That is, the items of the matching result function as a match list, a mismatch list, and a rejection list. It is preferable to notify the user of the verification result item. For example, characters or symbols may be written as they are, or the destination in the destination list is color-coded (eg, blue for match, yellow for mismatch, red for rejection) May be displayed. Further, as a transmission destination, not only a user in the system but also a system that can register an unregistered person X who has not yet used the system may be used. Processing for an unregistered person will be described later.

  The acceptance destination list is for registering an acceptance destination where the input person permits reception of personal information of another person, and at least one or more information or contact information for specifying the acceptance destination is entered. The information specifying the consent destination is a user ID, a user name, or an e-mail address, and the contact address includes an e-mail address, a telephone number, an address, or the like. As information or contact information for specifying the consent destination, it is preferable to input a name and an e-mail address in the same manner as described above. Here, the information (name or contact information) for specifying the consent destination should be an essential input item when the user registers in the system. Further, when the user ID is disclosed to the user, the user ID may be input as specifying the consent destination. Since the consent destination is in a position of receiving personal information, it is not important to select an item to be received, but the item to be received may be selectable.

  FIG. 5 is an example of a consent destination list. In FIG. 5, the items input by the user are the name and mail address of the acceptance destination, and the user ID in FIG. 5 is input by the center system 3 in order to manage the correspondence between the users in the system. is there. Moreover, the item of the collation result reflects the collation result with the transmission destination list of the approval destination and the intention display of the approval destination in order to easily confirm whether or not the reception is necessary. Is input by. In the verification result item, the circle indicates that the license can be received with the consent recipient (match), the triangle indicates that the consent recipient is not indicated (mismatch), and X indicates that the consent recipient refuses to receive (rejection). ). That is, the items of the matching result function as a match list, a mismatch list, and a rejection list. It is preferable to notify the user of the verification result item. For example, characters or symbols may be written as they are, or the approval destination in the approval destination list is color-coded (eg, blue for match, yellow for mismatch, red for rejection) May be displayed. Moreover, as a consent destination, it is good also as a system which can register not only the user in a system but the unregistered person who has not used the system yet. Processing for an unregistered person will be described later.

  The transmission destination list and the consent destination list are input through an input screen displayed by executing a program installed in the information processing apparatus 21 or connecting to the center system 3 through a line and executing personal information input processing. Can do. From FIG. 4 and FIG. 5, since many input items of the transmission destination list and the consent destination list are common, it is preferable that both can be input simultaneously. FIG. 6 is an example of a transmission destination list and acceptance destination list input screen displayed on the display means of the information processing apparatus 21 of the client system 2. In FIG. 6, there are check boxes of “destination” and “acceptee” below the input fields of “name” and “email address”, and the input contact information is registered in the destination, the acceptee or both. be able to. Further, a check box for setting a transmission item is provided at the lower stage, and when the item is registered as a transmission destination, the checked item can be set as personal information transmitted to the transmission destination.

  The consent destination personal information database is a database in which items of personal information of acceptance destinations transmitted from the consent destination registered in the consent destination list are stored, and the database is recorded and stored for each input person. When registering in the acceptance destination list, even when the personal information is received from the consent recipient even if the registered consent recipient's name and contact information or user ID is recorded in the database for the time being as the consent recipient personal information (acceptee registration type) In addition, a configuration (personal information registration type) of newly registering the consent destination and its personal information in the database as the consent destination personal information may be used, but the consent destination registration type is preferable. In the case of the personal information registration type, it is registered in the database only when the relationship with the consent destination matches, so the consent destination is not registered as a contact list until it matches, and it matches the contact list desired by the input person Not done. On the other hand, in the case of the consent destination registration type, when it is registered in the consent destination list, it is registered in the contact list, so that the personal information is not received but the list is made up. If the input person can enter and change the personal information of the consent destination, the accuracy of the information is not guaranteed, but by entering the personal information that the input person knows about the inconsistent consent destination, The acceptance-destination personal information database can be used as a temporary contact list. As described above, it is preferable that the input person can also record and save personal information and other information (for example, background and personality that he / she met as remarks) regarding each consent destination. In this case, business cards, resumes, two-dimensional barcodes and the like may be captured as images and input through a character recognition function, or may be stored in electronic information such as an address book, address book, and telephone book stored in the information processing device 21. On the other hand, it may be converted into a system format by a conversion function and input.

  The acceptance-destination personal information database may be a mode in which the personal information of the acceptance destination is copied and recorded as it is, or a storage location (link) of the personal information of the acceptance destination may be recorded. The former case is disadvantageous in terms of recording capacity because a plurality of the same information exists, but it is preferable in that the data can be provided immediately when the user needs the consentee personal information database. In the latter case, it is advantageous in terms of recording capacity, but it is necessary to employ higher-performance computing means correspondingly.

  Further, in the storage medium of the center system 3, only the update information for the user ID and the unsynchronized information is stored as the consent destination personal information database, and other consent destination personal information is stored in the storage medium on the client system 2 side. The structure to do may be sufficient. In this case, when the center system 3 is accessed through the client system 2, unsynchronized update information is downloaded to the storage medium of the client system 2. According to this configuration, the burden on the center system 3 side can be greatly reduced, and the system can be constructed with inexpensive equipment. However, the configuration stored in the storage medium on the client system 2 side is not suitable for a mode in which each user uses the plurality of information processing devices 21 to access the center system 3.

  In addition, when updating the personal information of each consentee in the consentee personal information database, if the information or contact information (for example, name and e-mail address) identifying the user of each consentee is changed, it will be displayed in the consentee list. It is preferable to update the information or contact information for identifying the user of the registered consent destination to the latest information. In addition, when the user registered as the acceptance destination is also registered as the transmission destination, when the information or contact information identifying the user is updated, the user of the transmission destination registered in the transmission destination list is changed. The specified information or contact information may be updated to the latest information.

  FIG. 19 is an example of a configuration diagram of a more specific personal information management system 1 according to the present invention. In FIG. 19, the client system 2 includes an information processing device 21, and the center system 3 includes an information processing device 31 and a storage medium 32. The client system 2 gives the information processing apparatus 21 an input / edit / view function by executing the client software so that the user can register / update his / her personal information, destination list, and acceptance list. . Further, the client system 2 and the center system 3 are synchronized and accessed, and the registered / updated personal information and the like are transmitted to the center system 3, and the initial registration and the own information stored in the storage medium 32 of the center system 3 are transmitted. Allows user information to be entered and changed.

  In addition, the client system 2 can browse and download its own user information stored in the storage medium 32 of the center system 3 and the personal information database of consent destination (abbreviated as DB in the figure). Here, the consent destination personal information database may extract only necessary items and output them as a subset of an address book, a phone book, a mail address book, and the like. Furthermore, the latest consent stored in the storage medium 32 of the center system 3 can be obtained by synchronizing the contents of the subsets such as the address book, telephone directory, and mail address book in the information processing apparatus of the client system 2 with the center system 3. It can also be updated to the contents of the personal information database. The downloaded consent personal information database can be edited as appropriate in the information processing apparatus of the client system 2 or the environment (local environment) outside the center system 3 and deployed to various software and applications.

  A plurality of client systems 2 are connected to the center system 3 via a network. An external system may be interposed between the client system 2 and the center system 3. The external system has at least a user authentication system, and a part of the user authentication process for the center system 3 is executed in the external system, and the authentication process can be simplified for access to the center system 3. .

  The information processing device 31 of the center system 3 functions as a user registration / authentication system, a menu control system, a client software sending system, a DB writing / control system, a browsing / downloading system, an automatic mail sending system, for example, by the center software To do. The user registration / authentication system performs, for example, user registration processing and user authentication processing, and registers user identification information and contact information input by the user, or collates with personal information of the user information, If they match, authenticate access to the system. The menu control system controls the display on the display screen for the client system accessing the center system, and displays a necessary screen in accordance with a user operation. The client software sending system initially transmits client software to the information processing apparatus 21 of the client system 2 in response to a request from a user or system login, for example, or a version of client software already installed in the client system 2 Manage and encourage users to download the latest version if necessary. The DB writing / control system writes, for example, information input from the user as user information to the database including the user information of each user stored in the storage medium 32 and the personal information database of the consent destination, It controls the verification process of the acceptance destination, inputs the verification result into the database, and rewrites the personal information database of the acceptance destination. For example, in response to a request from the client system 2, the browsing / downloading system displays necessary information in the user information stored in the storage medium 32 or the personal information database of the consent destination or downloads it to the client system 2. For example, if the collation result does not match, the automatic mail sending system will ask each user (registered) or unregistered user to be registered in the list by other users as a destination or consent destination, and ask for consent. To be notified by email.

  The storage medium 32 of the center system 3 stores at least user information and an approved personal information database for each user. Further, a temporary ID and a mismatch list may be stored for each unregistered person. Furthermore, a database obtained by extracting only part of the user information may be stored. For example, a user DB that stores information for identifying a user in the user information may be provided and used for user authentication.

  FIG. 20 is a diagram for explaining the correspondence between the data structure of FIG. 2 and the lists of FIGS. 3 to 5. 20, the data structure of FIG. 2 is shown on the left side, and the list of personal information items shown in FIG. 3, the destination list shown in FIG. 4 and the consent destination list shown in FIG. It is shown. As the personal information of the user information in the data structure of the user A on the left side of FIG. 20, the personal information input by the user A is recorded for all or a part of each item of the personal information shown in FIG. ing. Further, as the destination list of the user information, as described in the destination list in the right middle of FIG. 20, the name, mail address and transmission item of the destination are recorded. As the list, as described in the acceptance destination list at the lower right of FIG. 20, the name and mail address of the acceptance destination are recorded. As consent destination personal information in the data structure, all or a part of each item of personal information shown in FIG. 3 in the upper right of FIG. 20 is recorded for items set by the consent destination in the personal information of the consent destination. In the data structure, the personal information of the user information is distinguished from the consentee personal information so as to be different from each other, but may be a single table as shown in the upper right table of FIG. Furthermore, the matching list and the mismatching list of the data structure are recorded as matching results in the transmission destination list in the right middle of FIG. 20 and the consent destination list in the lower right.

  Note that the specific structure and correspondence of the data structure and each list are not limited to those shown in FIG. 20, and any user information and consent-destination personal information database can be extracted for each user. It may be a data structure.

  Hereinafter, each information processing of the information processing system will be described in detail.

(Personal information input or change processing: FIG. 7, FIG. 21 and FIG. 22)
FIG. 7 is an example of a flowchart of processing when personal information is input or changed, and FIGS. 22 and 23 are diagrams for explaining the correspondence between data in each list that is input, changed, or referenced by the processing. is there.

  When the user A uses the client system 2 to input or change the “personal information” of the user A (S1), the center system 3 is registered in the transmission destination list in the user information of the user A who is the input person. One of the transmission destinations is referred to (S2), and it is checked whether or not the user A who is the input person is registered as the approval destination in the approval destination list in the user information of each transmission destination (S3). Only when it is (Yes in S3 in FIG. 7), the personal information of the input person A is written in the consent destination personal information database of the transmission destination (S5). Thereafter, the presence / absence of another transmission destination is confirmed (S8). If there is another transmission destination (Yes in FIG. 7, S8), the acceptance destination list of the transmission destination is referred again (S2), and the other transmission destination If there is no (No), the process is terminated.

  For example, in FIGS. 2, 21, and 22, users B and C are registered as transmission destinations in the transmission destination list of user A, and the user B's consent destination list is first collated (S <b> 3). As a result of the collation, since the user A is registered as the acceptance destination in the acceptance destination list of the user B, the center system 3 stores the personal information of the user A that has been input or changed in the personal information database of the user B. Write (S5, see FIG. 21). Next, the presence / absence of another transmission destination is confirmed (S8). Since user C exists as another transmission destination, the acceptance destination list of user C is again checked (S3). As a result of the collation, since the user A is not registered as an acceptance destination in the acceptance destination list of the user C, the center system 3 does not write the personal information of the user A into the acceptance destination personal information database of the user C (FIG. 22). reference).

  Furthermore, in order to effectively use the collation result from the next time, it is preferable to record the collation result or notify the user. For example, since user A is registered as an acceptance destination as a result of collation of user B's acceptance destination list, center system 3 is user B in user A's destination list and / or a user in user B's acceptance destination list. A is registered in the match list (S4, see FIG. 21). Further, as a result of checking the acceptance destination list of the user C, the user A is not registered as the acceptance destination. Therefore, for example, the user C and the contents of the inconsistency are registered in the inconsistency list regarding the transmission destination that can be viewed by the user A (S6). 22) or / and it is preferable to notify the user A that the personal information of the user A has not been transmitted because the consent destination is not registered and is not written in the personal information database of the user C (S7). . Furthermore, in order to inform the user C that there was a transmission request from the user A who was not registered as the acceptance destination, the user A and the content of the inconsistency are registered in the inconsistency list regarding the acceptance destination of the user C (S6, It is preferable to notify the user C that there is a transmission request from the user A who has not been registered as a consent destination (S7). At the time of the next update of personal information, it is possible to confirm whether or not user A is registered in the consent destination list by simply referring to the match list and the mismatch list for the destination in the destination list. You can quickly identify possible destinations and speed up the process. Also, based on the mismatch list, it is possible to identify opponents who do not agree with their intentions. You can request them to register with the system by e-mail or verbally, or manage opponents whose information has not been sent be able to.

(Destination list input processing: FIG. 8)
FIG. 8 is an example of a flowchart of processing when a transmission destination or transmission item is input or changed. When the user A uses the client system 2 to input or change the “transmission destination” of the user A or the “transmission item” of each transmission destination (S11), the center system 3 inputs the input or changed “transmission” One of "destination" or one of the destinations to which "transmission item" has been input or changed is referred to (S12), and the user A who is the input person is registered as an acceptance destination in the acceptance destination list in the user information of the destination. If it is registered (S13), and if it is registered (FIG. 8, Yes in S13), refer to the transmission item (S15), and the person who entered the consent destination personal information database of the destination A's personal information is written (S16). Thereafter, the presence / absence of another transmission destination is confirmed (S19). If there is another transmission destination (FIG. 8, Yes in S19), the acceptance destination list of the transmission destination is referred again (S12), and the other transmission destination If there is no (No), the process is terminated.

  For example, in FIG. 2, when the user A uses the client system 2 to newly register the user D as a transmission destination in the “transmission destination list” of the user A, the center system 3 The user information is referred to (S12), and it is checked whether or not the user A who is the input person is registered as an acceptance destination in the acceptance destination list of the user D (S13). Since the user A is registered in the consent destination list of the user D, the center system 3 writes the personal information of the user A in the consent destination personal information database of the user D (S16). Also, as described above, if the result of the collation is registered as an acceptance destination, it is registered in the match list (S14), and if not registered, it is registered in the mismatch list (S17) and notified to each user. (S18) is preferred. Further, when the user D is registered in the user A mismatch list, or when the user A is registered in the user D mismatch list, the center system 3 deletes them from the mismatch list.

  Note that the transmission destination can be registered in the transmission destination list based on the above-described mismatch list. For example, if user D refers to the disagreement list and registers user A registered in the disagreement list in the destination list, user A has already confirmed the intention to transmit, so refer to the user information of user A Without having to do so. Further, instead of registering in the transmission list, it may be registered in the rejection list. In these cases, the disagreement list can identify the other party whose intentions do not match, and it is possible to manage personal information in a more appropriate state simply by selecting whether to match or reject the registrants in the disagreement list. It is preferable because it can be updated.

(Acceptance list input process: Fig. 9)
FIG. 9 is an example of a flowchart of processing when the consent destination is input or changed. When the user A uses the client system 2 to input or change the “acceptance destination” of the user A (S21), the center system 3 refers to one of the input or changed “acceptance destination” ( S22), it is checked whether or not the user A who is the input person is registered as a transmission destination in the transmission destination list in the user information of the approval destination (S23), and if it is registered (Yes in FIG. 9, S23) As long as the personal information of the consent destination is written into the personal information database of user A's consent destination (S25). Thereafter, the presence / absence of another consent destination is confirmed (S28). If there is another consent destination (FIG. 9, Yes in S28), the destination list of the next consent destination is referred again (S22) If there is no consent destination (No), the process is terminated.

  For example, in FIG. 2, users B and D are registered as user A's consent destinations, and user B's destination list is collated first (S23). As a result of the collation, since the user A is registered as a transmission destination in the transmission destination list of the user B, the center system 3 writes the personal information of the user B in the personal information database of the user A (S25). Next, when the destination list of user D is collated (S23), since user A is not registered as a destination, the center system 3 does not write the personal information of user D in the personal information database of user A's consent destination. . Therefore, in FIG. 2, not only user B but also user D is registered in user A's consent destination list, but user A is not registered in the transmission destination list in user information of user D. The personal information of user B is recorded in the personal information database, but the personal information of user D is not recorded. In addition, when the consent destination personal information database is the consent destination registration type, the personal information in the user information of the user D is not written, but the user A is informed of the specific information (name and ID) of the user D input as the consent destination. The destination (mail address) is written in the personal information database of the user A's consent destination. Further, the configuration may be such that information regarding the user D input by the user A can also be written in the personal information database of the user A's consent destination.

  Furthermore, as described above, it is preferable to record or notify the collation result in order to effectively use the collation result from the next time. As a result of the collation, if it is registered as a transmission destination, it is preferably registered in the match list (S24). If it is not registered, it is registered in the mismatch list (S26) and notified to each user (S27). For example, since user A is registered as a transmission destination as a result of collating user B's transmission destination list, center system 3 is user B of user A's acceptance list or / and user of user B's transmission list. A is registered in the match list (S24).

  Further, as a result of collating the transmission destination list of the user D, the user A is not registered as a transmission destination. For example, the user D is registered in the mismatch list that can be viewed by the user A and / or “transmission” to the user A “The personal information of user D could not be obtained because the destination was not registered” (S26, 27). Further, for the user D, in order to inform that there is a transmission request from the user A who has not been registered as the transmission destination, the user A is registered in the mismatch list of the user D or / and the user D is notified of the “transmission destination”. It is preferable to notify that there was a reception request from the unregistered user A (S26, 27). At the next entry of the consent destination list and when the personal information of the consent destination is updated, the user A is registered in the consent destination list simply by referring to the match list and the disagreement list for the accept destination of the accept destination list. Since it is possible to confirm whether or not the information can be rewritten, it is possible to quickly identify the rewritable consent destination, and the processing speeds up.

  The basic processing of the personal information management system 1 has been described above. In the personal information management system 1, the registration of the transmission destination in the transmission destination list by the input person A is as follows. For example, it means the intention of the input person A that “permits disclosure to users B and C, unregistered persons X and Y)”, and that the input person A registers the approval destination in the approval destination list. , The input person A's “Accept permission to change the contents of the personal information database of the input party A by receiving personal information from the consent destinations (for example, users B and D, unregistered persons X and Z)” Meaning of intention. And in this personal information management system 1, although it is limited when the intention display of a certain user's information disclosure and the intention display of another user's information change correspond, by operation of the user A who is an input person This is a system that permits the change of the personal information database of the user B who is another person.

  Furthermore, in this personal information management system 1, it is preferable to store the result of collating the intention disclosure of information disclosure with the intention representation of information reception and rewriting as collation result information. In other words, if the information disclosure intention and the information reception and rewriting intention display match, the relationship is registered in the match list, and if they do not match, the relationship is registered in the mismatch list. . Disagreement is a situation in which the intention of the other is not expressed against the intention of the other. After that, if the other grants permission, it becomes a match and the information is disclosed and rewritten, and the other refuses. It becomes a state of refusal. Regarding the rejection status, there are several possible modes of its effect. For example, unless a canceling operation is performed by the rejecting user, information is not disclosed or rewritten between them, and a notification of inconsistency is given. You can also make it impossible. When a transmission destination is deleted from the transmission destination list or an approval destination is deleted from the approval destination list, the relationship with the transmission destination or the approval destination is in a rejected state, and information is not disclosed or rewritten.

  In general, it is dangerous for others to view, copy, or change information recorded in a personal recording area without permission, such as information leakage, diffusion, and alteration of contents. However, in this system, by registering in the transmission destination list and the consent destination list, information disclosure or information change intention display is made, information is disclosed on condition that the other party's corresponding intention display matches, and automatic He was allowed to change the information. In the personal information management system 1, one or more of the following effects can be obtained by inputting personal information, a transmission destination list, and a consent destination list as user information.

  First, each user can manage his / her personal information in a unified manner. That is, if the personal information in the personal information management system 1 is updated to the latest information, individual applications (for example, business card creation software and postcard creation software) and a plurality of information processing devices (home personal computer, mobile phone, If you need to enter your personal information at a company personal computer, etc., you can obtain the latest personal information by referring to or downloading your personal information registered in this personal information management system 1. it can.

  Second, each user can collectively manage the transmission destinations by registering in the transmission destination list the transmission destinations permitted to disclose at least a part of his / her personal information. In addition, if it matches the recipient's intention to receive (registration to the consent recipient), update information can be provided to all the recipients (destination) who need to update their personal information. It is also possible to automatically rewrite the consent destination personal information database of each destination. Therefore, each user can manage the consent destination personal information database with the latest information for each transmission destination registered in the transmission destination list. In addition, by setting a transmission item for each transmission destination, items (transmission contents) of personal information transmitted for each transmission destination can be managed.

  Third, each user can collectively manage the consent destinations by registering in the acceptance destination list the consent destinations that are permitted to receive when the personal information of others is transmitted. In addition, if it agrees with the intention to disclose the personal information of the recipient (registration to the recipient), the personal information of the other person (authorization recipient) is automatically managed to the latest information as the recipient personal information database. be able to.

  Furthermore, since each user has two types of lists, a transmission destination list and a consent destination list, the disclosure of personal information can be made one-way. In other words, the same person can be registered in the destination list but not registered in the acceptance destination list, or not registered in the destination list, but can be registered in the acceptance destination list. In this case, even if the other party publishes his / her personal information and wants to update the other party's consent destination personal information database (two-way relationship), only one-way publishing and the accompanying update relationship It does not hold. In the so-called network society, various information is flooded, and it is impossible to grasp all of the information. Rather, it is important to extract necessary information from countless information. In this respect, the same applies to personal information, and the transmission destination registered as an object of disclosure of own personal information and the approval destination registered as the object of the approval personal information database do not necessarily match. A user who has registered a large number of destinations does not always have to manage the same number of consent destinations and consent destination personal information databases as the destinations. Since the personal information management system 1 can also realize the one-way relationship as described above, it is possible to provide an appropriate information management mode corresponding to the diversified human relationships. If both parties register with both the transmission destination and the consent destination, a bidirectional relationship can be established.

  In addition to storing the collation result information, the collation speed can be increased. In addition, it is possible to manage destinations that have been able to update personal information and destinations that could not be updated, and to receive personal information. It is possible to manage the acceptance destinations and the acceptance destinations that could not be received, and it is also possible to grasp whether the transmission destination and the acceptance destination are interested in themselves.

  Hereinafter, the personal information management system 1 using the program of the present invention in which more complicated functions are implemented, including ancillary processes of the personal information management system 1 and processes that can be selectively employed, will be described.

(registration process)
First, when using the system for the first time, user registration processing is performed. FIG. 10 is an example of a flowchart of user registration processing. The user A accesses the center system 3 from the information processing apparatus 21 constituting a part of the client system 2 using the network, and inputs at least one piece of information and contact information for identifying the user A (S31). Information identifying the user includes a user ID, a user name, or an e-mail address. Examples of the contact information include an e-mail address, a telephone number, and an address. In FIG. 10, the user name, mail address, and password are entered. Although not shown in FIG. 10, in order to prevent double registration by the same user identification information, the user name and the mail address of the user information already registered for the combination of the entered user name and the mail address are displayed. It is preferable to provide a step of notifying that it has already been registered in the case of matching. In the input process of S31, when the user ID is input as the information for identifying the user A, the user ID of the user information that has already been registered is checked after that. The same user ID is already registered, and a step for instructing to input another user ID is required. However, this effect does not prevent one individual from registering as a plurality of users. This information management system can be used as one user for both work and private use, but it can be registered as another user by changing the e-mail address. It is also possible to register private users independently.

  In addition, by specifying a password at the time of registration, individual identification and security can be enhanced. The password may be set by the user at the time of registration, or may be provisionally registered by inputting a name and an email address, and the password issued by the center system 3 may be notified to the entered email address.

  Furthermore, part or all of other user information may be input at the time of registration. Of course, although user information can be added or changed later, it is preferable to input at least personal information at the time of registration.

  Next, the center system 3 searches for whether the input person A is registered as an unregistered person in the transmission destination list or the consent destination list from the existing user, so that the input user name or / and email address is entered. The temporary ID is searched using (S32). Temporary ID, which will be described later, is given when it is entered as a destination or consent destination, but is not stored in the user-specific information of user information. The contact information entered as is stored. When the user A is a new user who is not registered in the temporary ID (No in S32), the center system 3 sets a new user ID (S33). If the name and e-mail address of the temporary ID match (Yes in S32), the contents of the temporary ID are directly or changed and registered as a user ID (S34). Thereafter, the system registered notification is sent to the mail address input by the user A (S35). The user A is allowed to input user information (own personal information, transmission destination list and reception destination list) through the client system 2 (S36: see FIGS. 2 to 6), and the center system 3 stores the user information in the storage medium 32. To do. Based on the input destination list of the user information, a destination list collation process is performed to update the consent destination personal information of the destination whose intention display matches (S37: see FIGS. 7 and 8). Furthermore, based on the consent destination list of the input user information, a consent destination list matching process is performed for registering the personal information of the consent destination whose intention expression is matched in the consent destination personal information of the user A (S38: see FIG. 9). . The registration process may be completed at the stage of S35, the remaining user information input process (S36) and thereafter may be performed at a timing convenient for the user, or temporarily registered at the stage of S35. The official registration may be performed when the user inputs predetermined user information in S36. Further, it may be requested to provide identification information of the input person during the system registration. For example, a copy of an electronic certificate, a basic resident register card, a driver's license, an insurance card or a student ID card may be sent.

(Processing including unregistered persons)
When the user A inputs the transmission destination and the consent destination, it is preferable that the present registrant who has not yet registered in the system can be targeted, and as a result, the number of system registrants is increased. For this reason, when an unregistered person is inputted as a transmission destination or a consent destination, a temporary ID is issued, and the unregistered person is regarded as a temporary user and incorporated in the system. The temporary ID is not different from a normal user ID as a function for specifying a user, and therefore a code may be assigned by the same encoding method as the user ID. However, since the temporary ID is not registered in the system from itself, the result of the collation is that the intention display does not match and it is issued due to an input error of the transmission destination or acceptance destination, and the number of IDs increases. It is preferable to assign a code by a different coding method from the user ID. For example, as a normal user ID encoding method, a combination of six alphanumeric characters is sequentially assigned, and as a temporary ID encoding method, a seven character alphanumeric combination is sequentially assigned. The ID can be distinguished by adding a specific character string. As described above, when the user ID and the temporary ID are distinguished, when referring to the transmission destination or the consent destination, first, the user ID is searched for whether or not the transmission destination or the consent destination exists. If it is searched whether or not there is a transmission destination or a consent destination, it is possible to speed up the identification of the transmission destination or the consent destination that matches the intention expression. In other words, if the input destination or acceptance destination is present in the temporary ID, the intention indications do not match. Therefore, by searching only within the user ID excluding the temporary ID, the matching destination or You can specify the consent destination.

  FIG. 11 is an example of a flowchart of a destination or consent destination collation process (including provisional ID issuance process) in a system including an unregistered person. The temporary ID issuance process is performed when referring to the transmission destination or the consent destination, and is performed, for example, in step 2 in FIG. 7, step 12 in FIG. 8, and step 22 in FIG. First, referring to the transmission destination or consent destination (S41 (corresponding to the processing of S2, S12, S22)), the user identification information and contact information in the personal information of each user information stored in the storage medium 32 is the transmission destination or consent destination. (S42), and if there is a match, the matching user is recognized as a transmission destination or a consent destination, and their acceptance destination list or destination list is collated (S43). (Equivalent to the processing of S3, S13, and S23) In addition, in S42, the past history is stored as the personal information of each user information, and the past personal information of each user stored as the history is also searched. If no personal information that completely matches the personal information of the user information has been registered, it is next determined whether or not it matches the user identification information and contact information of the temporary ID. If there is a match, user A and the contents of the mismatch are registered in the mismatch list of the matching temporary ID (S46), and the matching ID is also registered. If not, it is regarded as an unregistered person who has not yet been registered, a temporary ID is set, and the user identification information and the contact information input as the transmission destination or the consent destination are stored as personal information of the user information of the temporary ID ( S45) Further, the user A and the contents of the mismatch are registered in the temporary ID mismatch list (S46) Note that in step 46, the transmission destination or the consent destination and the contents of the mismatch may be registered in the user A mismatch list. In addition, it is preferable to notify the temporary ID contact to notify the system registration or to notify that personal information is to be transmitted (S47).

  For example, in FIG. 12, when the user X is registered as a transmission destination in the transmission destination list of the user A, the combination of the user identification information (name, user ID) and contact information (email address) of the user X is the user of each user. It is searched whether or not it exists in the personal information in the information (S42). Since the user X is an unregistered person and does not exist in the personal information in the user information, the center system 3 searches for the combination in the temporary ID (S44). If the same combination of user identification information and contact information exists in the temporary ID, the user A is registered in the temporary ID mismatch list (S46). If the temporary ID does not exist, the temporary ID is set (S45), and the user A is registered in the temporary ID mismatch list (S46). Then, a notification for prompting system registration and a notification to send personal information are sent to the mail address of user X (S47). The same applies to the user X in the user A's consent list in FIG.

  FIG. 13 is an example of a flowchart of a registration process when registering a user from a notification to an unregistered person (user X). In the notification (S47) to the contact information of the unregistered person, a link (web address) to the system is described, and when the user X accesses from the link, the user specifying information (name) input screen through the client system 2 Is displayed, and the user X is made to input his / her specific information (name) (S52). The center system 3 collates the specific information (name) input by the user X with the specific information stored as the user specific information of the temporary ID (S53). When the input specific information (name) and the user specific information of the temporary ID do not match (No in S53 in FIG. 13), the user X is made to select whether or not to end the registration process (S54). When the registration process is terminated, the process is terminated as it is, but when the registration process is not terminated, the process proceeds to a normal user registration process (S55: FIG. 10). When the input specific information (name) matches the user ID of the temporary ID (FIG. 13, Yes in S53), the contents of the temporary ID, for example, the temporary ID number, the user ID of the temporary ID, and the mismatch list are displayed. The user ID is registered as it is or after changing (S56). By using the contents of the temporary ID, a part of the user input work at the time of registration can be omitted. In this way, in step 52, by allowing the user X to input the user specifying information, it is possible to confirm that the notified partner (user X) is the same person that is input as the transmission destination or acceptance destination. it can. In this case, the user identification information of the temporary ID is not described in the notification to the user X. However, the user identification information of the user A input as the transmission destination or the consent destination may be described in the notification to the user X.

  Thereafter, the user specifying information, the contact information, and the mismatch list stored in association with the temporary ID are displayed (S57), and the user information is added as necessary (S58). Then, the center system 3 performs a destination list matching process (S59) and a consent destination list matching process (S60). Basically, as described in S38 of FIG. 10 (see FIG. 9) and S37 of FIG. 10 (see FIGS. 7 and 8), the user information of the transmission destination and the consent destination is collated. When registering a user who has been registered in the mismatch list stored in association with as a destination or consent destination, the intention of the other party has already been made clear. There is no need to access.

(Processing using verification result information)
As already described, it is preferable to store the result of collating the intention disclosure of information disclosure with the intention representation of information reception and rewriting as match list, mismatch list, and rejection list comparison result information. Such collation result information is preferably registered so that information relating to the transmission destination and information relating to the consent destination can be distinguished from each other, and is used in collation processing and input processing of the transmission destination or consent destination.

  The inconsistent state is that the input person registered as the destination, but the other party has not registered as the acceptance destination (first state), and the input person has registered as the acceptance destination, but the other party has registered as the destination. There are two types of states (second state) that are not, but since the position differs between the input person and the other party, there are four types in total. In other words, the first state is a state in which the input person is registered in the transmission destination but cannot be transmitted (hereinafter referred to as “unsent”), but is not received in the other party because it is not registered in the consent destination. It is in a state (hereinafter, “unauthorized party is not registered”). In addition, the second state is a state in which the input person has registered with the consent destination but has not been able to receive (hereinafter, “unreceived”), but the other party has not registered as the transmission destination and thus has not been able to transmit. State (hereinafter, “destination not registered”). Unsent and unregistered destination are mismatches regarding the destination, and unreceived and unregistered destination are unmatched regarding the destination.

  FIG. 14 is an example of a flowchart of a portion using the collation result information in the collation processing of the transmission destination. The flowchart in FIG. 14 is performed, for example, before S3 in FIG. 7, S13 in FIG. 8, or S42 in FIG. First, referring to the transmission destination (S61 (corresponding to S2, S12, S41)), it is searched whether or not the transmission destination is registered in the match list regarding the transmission destination of the user A (S62), and registered in the match list. If this is the case (Yes in S62 in FIG. 14), the personal information is transmitted without referring to the user information of the transmission destination (S63). If it is not registered (No in S62 in FIG. 14), it is searched whether or not it is registered in the mismatch list regarding the transmission destination of the user A (S64), and if it is registered in the mismatch list (FIG. 14). It is determined whether or not the mismatched content is unregistered as the destination (S65). If the destination has not been registered (Yes in S65 in FIG. 14), since the other party's consent is already displayed, the personal information is transmitted without referring to the user information of the destination (S63). If the destination is not unregistered (No in S65 in FIG. 14), that is, if the content of the mismatch is not transmitted, the user A or / or without transmitting the personal information without referring to the destination user information. In addition, the contents of the mismatch in the destination mismatch list are updated (S66) and notified to the user A or / and the destination (S67). The update of the mismatch content in S66 is, for example, updating the collated date and time or updating the transmission content, but may not be performed. If it is not registered in the mismatch list (No in S64 in FIG. 14), it is searched whether it is registered in the rejection list (S68), and if it is registered in the rejection list (Yes in S68 in FIG. 14). Then, without referring to the user information of the transmission destination and not transmitting the personal information, only the user A is notified that it is registered in the rejection list (S69). If it is not registered in the rejection list (No in S68 in FIG. 14), a process for searching whether the transmission destination is registered in the user information or the temporary ID (S70), for example, S3 in FIG. 7, FIG. In S13 of FIG. 11 or S42 of FIG. 11, the transmission destination is specified, and the consent destination list in the user information is referred to. The same processing is performed at the time of verification of the consent destination.

  The mismatch between the transmission destination unregistered and the consent destination unregistered can be used when inputting the transmission destination or the consent destination. That is, for users who are unregistered or unregistered with the recipient in the mismatch list, the recipient's consent has already been indicated by registering the recipient or the recipient, so the user information of the recipient or the recipient You can send or receive personal information without referring to

(Output processing)
Through the client system 2, the user identifies and browses, downloads, or synchronizes with the center system 3 all or necessary items in the personal information database that is stored in the center system 3, and synchronizes with the center system 3. It is possible to update the contents of the approved personal information, address book, address book, telephone book, etc. recorded to the latest information. It is possible to use the consentee personal information as an address book, an address book, a telephone book, etc., and by synchronizing the user terminal device with the center system 3, the user terminal device can be used according to the consentee personal information. It is also possible to implement a configuration for updating to the latest information recorded in. Further, not only the consentee personal information database but also other user information may be output.

  FIG. 15 is an example of a flowchart of an output (download) process of information stored in the storage medium 32. The user A can access and browse the user information and the personal information database of the user who has been stored in the storage medium 32 of the center system 3 through the client system 2 of the information processing apparatus 21, It is preferable that at least part of the information (particularly the consentee personal information database) can be output to the information processing apparatus 21. First, the user A specifies one or more pieces of information desired to be output (S71). For example, as shown in FIG. 16A, an output screen is displayed on the information processing apparatus 21 of the client system 2, and a check box for information to be output is selected, as shown in FIG. The configuration may be such that the output button 16 is provided and specified on the target information browsing screen. If the selected output information is other than the acceptance-destination personal information database (personal information, transmission destination list, reception destination list, verification result information, etc.) (No in S72), the selected information is extracted from the storage medium 32. (S74) and output (S75).

  If the selected information includes the consent-destination personal information database (Yes in S72), an output item is further set before output (S73). As an output item setting, an item of personal information and an approval destination to be output can be set. For example, check boxes such as “all”, “address book”, and “phone book” are arranged below the consentee personal information database in FIG. 16A. , Output all of the personal information database of the recipient, or output items related to the address book (address, name, title, etc.) in the personal information database of the recipient, or items related to the phone book (name, phone number, email address, etc.) ) Or can be selected at once. Thus, it is preferable to have a function capable of setting a plurality of items collectively. A plurality of output items may be set by the user in the same manner as the transmission items. Further below that, there is a check box for selecting whether to output individual items. In addition, it may be configured such that it is possible to set which consent destination personal information is to be output in the consent destination personal information database. For example, the approval destination may be divided into several groups, for example, a company relationship, a university relationship, a relative relationship, etc., and the group may be selected and output, or the approval destination to be output may be specified and output. Note that output items may also be set for information other than the consentee personal information database.

(Delete processing)
Furthermore, in this system, when the transmission destination or the reception destination is deleted, the consent destination personal information can be deleted in conjunction with the deletion. FIG. 17 is an example of a flowchart of processing for deleting a transmission destination. When the user A deletes one of the transmission destinations (S81), it is confirmed whether or not the transmission destination is a user (S82). When the user A is a user (Yes in S82), the destination approval destination list is further determined. (S83). As a result, if it is registered in the consent destination list (Yes in S83), the user A registered in the destination consent destination list is deleted (S84). Further, the collation result in the user information of the transmission destination is changed, and the user A is registered in the rejection list of the transmission destination (S87), and the transmission destination is registered in the rejection list of the user A (S88). If user A is not registered in the destination acceptance list (No in S83), user A is deleted from the destination mismatch list (S86), and user A is added to the destination rejection list. At the same time as registration (S87), the transmission destination is registered in the rejection list of user A (S88). On the other hand, if the deleted transmission destination is not a user (No in S82), the temporary ID is further searched (S85). If the transmission destination exists in the temporary ID (Yes in S85), the transmission destination does not match. User A is deleted from the list (S86), user A is registered in the rejection list of the transmission destination (S87), and the transmission destination is registered in the rejection list of user A (S88). When there is no transmission destination in the temporary ID (No in S85), the transmission destination is registered in the rejection list of the user A (S88).

  FIG. 18 is an example of a flowchart of processing for deleting a consent destination. When the user A deletes one of the consent destinations (S91), it is confirmed whether the acceptance destination is the user (S92). If the user A is a user (Yes in S92), the destination list of the acceptance destinations is further confirmed. (S93). As a result, if it is registered in the transmission destination list (Yes in S93), the user A registered in the transmission destination list of the approval destination is deleted (S94). Furthermore, the collation result in the user information of the acceptance destination is changed, and the user A is registered in the rejection list of the acceptance destination (S97), and the acceptance destination is registered in the rejection list of the user A (S98). If the user A is not registered in the transmission destination list of the approval destination (No in S93), the user A is deleted from the mismatch list of the approval destination (S96), and the user A is added to the rejection list of the approval destination. At the same time as registration (S97), the acceptance destination is registered in the rejection list of user A (S98). On the other hand, if the deleted consent destination is not a user (No in S92), the temporary ID is further searched (S95), and if there is an approval destination in the temporary ID (Yes in S95), the consent destination does not match. User A is deleted from the list (S96), user A is registered in the rejection list of the acceptance destination (S97), and the acceptance destination is registered in the rejection list of user A (S98). If there is no approval destination in the temporary ID (No in S95), the approval destination is registered in the rejection list of the user A (S98).

  In the above description, the system mainly intended for updating personal information related to the contact list has been described. However, the scope of the present invention is not limited to such a configuration, and a specific user can interact with each other. It can be used in a system for transmitting and receiving information. Moreover, the flowchart in the above description is only one embodiment and can be changed as appropriate.

1 Information management system 2 Client system 3 Center system 4 Network (telecommunications line)
21, 31 Information processing apparatus 32 Storage medium

Claims (7)

The center system includes an information processing apparatus and a storage medium that can be connected to a network, and the center system includes a personal information and a transmission destination. A list and a list of consent destinations are stored as user information, and personal information of others is stored as a permission destination personal information database for each user, and the contents of the consent destination personal information database are automatically updated by the information processing apparatus. An information update system,
The user can input or change his / her personal information in his / her user information stored in the storage medium using the client system,
The user uses the client system to transfer at least a part of his / her personal information stored as user information in the transmission destination list in the user information stored in the storage medium to another user's consent destination individual. It is possible to register or change the destination that is allowed to send to the information database,
The user receives the personal information database of his / her own consent when another user's personal information is transmitted to the consent destination list in the user information stored in the storage medium using the client system. It is possible to register or change the consent destination that is allowed to change the contents of
When the personal information stored in the storage medium is input or changed by the user, the information processing apparatus, for each transmission destination registered in the transmission destination list in the user information of the input or changed user, It is checked whether or not the input or changed user is registered in the approval destination of the approval destination list in the user information of the transmission destination, and the transmission destination stored in the storage medium only for the registered transmission destination The contents of the personal information database of the recipient are automatically updated by writing at least a part of the personal information entered or changed in the personal information database of the recipient. Update system. The center system includes an information processing apparatus and a storage medium that can be connected to a network, and the center system includes a personal information and a transmission destination. A list and a list of consent destinations are stored as user information, and personal information of others is stored as a permission destination personal information database for each user, and the contents of the consent destination personal information database are automatically updated by the information processing apparatus. An information update system,
The user can input or change his / her personal information in his / her user information stored in the storage medium using the client system,
The user uses the client system to transfer at least a part of his / her personal information stored as user information in the transmission destination list in the user information stored in the storage medium to another user's consent destination individual. It is possible to register or change the destination that is allowed to send to the information database,
The user receives the personal information database of his / her own consent when another user's personal information is transmitted to the consent destination list in the user information stored in the storage medium using the client system. It is possible to register or change the consent destination that is allowed to change the contents of
When the transmission destination is registered in the transmission destination list in the user information by the user, the information processing apparatus registers the transmission destination in the approval destination of the approval destination list in the user information of the registered transmission destination. The personal information in the user information of the user who registered the transmission destination in the consent destination personal information database of the transmission destination stored in the storage medium only if it is registered and is registered. An information updating system for automatically updating the contents of the consent destination personal information database of the transmission destination by writing at least a part of the information. The center system includes an information processing apparatus and a storage medium that can be connected to a network, and the center system includes a personal information and a transmission destination. A list and a list of consent destinations are stored as user information, and personal information of others is stored as a permission destination personal information database for each user, and the contents of the consent destination personal information database are automatically updated by the information processing apparatus. An information update system,
The user can input or change his / her personal information in his / her user information stored in the storage medium using the client system,
The user uses the client system to transfer at least a part of his / her personal information stored as user information in the transmission destination list in the user information stored in the storage medium to another user's consent destination individual. It is possible to register or change the destination that is allowed to send to the information database,
The user receives the personal information database of his / her own consent when another user's personal information is transmitted to the consent destination list in the user information stored in the storage medium using the client system. It is possible to register or change the consent destination that is allowed to change the contents of
In the information processing apparatus, when a consent destination is registered in the consent destination list in the user information by the user, the user who has registered the consent destination is registered in the transmission destination of the destination list in the user information of the registered acceptance destination. Only if it is registered and registered, the personal information in the personal information database of the user who has registered the consent destination stored in the storage medium is stored in the personal information database of the consent destination. An information updating system for automatically updating the contents of a personal information database of a user who has registered the consent destination by writing at least a part of the information.   4. The information according to claim 1, wherein if the result of the collation is not registered, information indicating that the information is not registered is registered in a mismatch list of at least one of the users. 5. Information update system described in 1.   Realizing a function that allows a user to register a user registered in the mismatch list as a transmission destination of the transmission destination list or an approval destination of the approval destination list in the user information by referring to the mismatch list of the user. The information update system according to claim 4, wherein the system is an information update system.   6. A function of deleting registration of the mismatch list when registered with each other by registering as a transmission destination or an acceptance destination after being registered in the mismatch list. Information update system described in 1.   If registered as a result of the collation, the relationship is registered in the match list, and the collation first refers to the match list or the mismatch list and is not registered in the match list or the mismatch list The information updating system according to claim 4, wherein the information is collated with the other party's user information.

Images