US Patent 10049227 Data field masking and logging system and method

A computer-implemented method for controlling the expression of a block of data from a sensitive data storage device, the method including the steps of receiving from a software application a request to transfer the block of data from the source sensitive data storage device for expression at a destination device, determining a data mask indicator for the block of data, applying a limited expression format based upon the data mask indicator, and expressing the block of data at the destination device in the limited expression format, such as to facilitate protecting or masking sensitive data. The method may further include allowing a user to request revelation of a masked portion of the block of data, recording in a memory log user activity relating to such revelation request(s) of the user, and providing regular reports and/or administrative alerts relating to such logged user activity.