Legal compliance, electronic discovery and electronic document handling of online and offline copies of data

US 8,396,838 B2
Filed: 09/07/2010
Issued: 03/12/2013
Est. Priority Date: 10/17/2007
Status: Active Grant

First Claim

Patent Images

1. A system to provide data management services, wherein the system is communicatively coupled to at least one client computer and at least one third party server computer, the system comprising:

a data storage system coupled to the at least one client computer via a local area network and to the third party server computer via a wide area network or public computer network,wherein the third party server computer is associated with a company or organization unaffiliated with a company or organization controlling operation of the data storage system, and,wherein the data storage system includes;

at least one server computer,at least one data storage device, anda retention component configured toreceive data objects from the at least one client computer, wherein the data objects from the at least one client computer are associated with a first format,receive data objects from the third party server computer, wherein the data objects from the third party server computer are associated with a second format, wherein the first and second formats differ, andapply respective first and second retention policies to the data objects in the first and second formats to store the data objects in the at least one data storage device according to the first and second retention policies, andwherein at least one of the first or second retention policies requires received data objects be de-duplicated, encrypted, or both de-duplicated and encrypted, andwherein the received data objects are not converted to another format;

a data classification component configured to content index and classify the data objects in the first and second formats;

a search component configured to permit searching via the at least one client computer and the third party server computer of the data objects of the first and second formats, respectively,wherein the search component is further configured to apply searching restrictions or access control based on securities policies, and without need for data agents on the at least one client computer or on the third party server computer; and

,a reporting component configured to provide reports based on search results provided by the search component,wherein the data storage system is further configured to;

calculate a hash value for a newly received data object,determine that the calculated hash does not match a previously stored hash for a previously stored copy of the data object, andreport that contents of the data object have changed.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods of electronic document handling permit organizations to comply with legal or regulatory requirements, electronic discovery and legal hold requirements, and/or other business requirements. The systems described provide a unified approach to data management that enables compliance, legal and IT personnel to focus efforts on, e.g., a single data repository. The systems permit users to define and utilize information governance policies that help automate and systematize different compliance tasks. In some examples, organizations may push data in any third-party data format to the systems described herein. The systems may permit compliance or IT personnel to detect when a legally sensitive production file has been changed or deleted. The systems may also provide a unified dashboard user interface. From a dashboard interface, users may perform searches, participate in collaborative data management workflows, obtain data management reports, and adjust policies. Other elements and features are disclosed herein.

577 Citations

20 Claims

1. A system to provide data management services, wherein the system is communicatively coupled to at least one client computer and at least one third party server computer, the system comprising:
- a data storage system coupled to the at least one client computer via a local area network and to the third party server computer via a wide area network or public computer network,wherein the third party server computer is associated with a company or organization unaffiliated with a company or organization controlling operation of the data storage system, and,wherein the data storage system includes;
  
  at least one server computer,at least one data storage device, anda retention component configured toreceive data objects from the at least one client computer, wherein the data objects from the at least one client computer are associated with a first format,receive data objects from the third party server computer, wherein the data objects from the third party server computer are associated with a second format, wherein the first and second formats differ, andapply respective first and second retention policies to the data objects in the first and second formats to store the data objects in the at least one data storage device according to the first and second retention policies, andwherein at least one of the first or second retention policies requires received data objects be de-duplicated, encrypted, or both de-duplicated and encrypted, andwherein the received data objects are not converted to another format;
  
  a data classification component configured to content index and classify the data objects in the first and second formats;
  
  a search component configured to permit searching via the at least one client computer and the third party server computer of the data objects of the first and second formats, respectively,wherein the search component is further configured to apply searching restrictions or access control based on securities policies, and without need for data agents on the at least one client computer or on the third party server computer; and
  
  ,a reporting component configured to provide reports based on search results provided by the search component,wherein the data storage system is further configured to;
  
  calculate a hash value for a newly received data object,determine that the calculated hash does not match a previously stored hash for a previously stored copy of the data object, andreport that contents of the data object have changed.
- View Dependent Claims (2, 3)
- - 2. The system of claim 1 wherein the data storage system is further configured to provide a chain-of-custody report that identifies that contents of the data object have changed.
  - 3. The system of claim 1 wherein the data storage system is further configured to update an index to indicate that a particular data object has moved among different storage locations or among different storage media,wherein the index maintains a referential model to provide an audit trail that links metadata for the particular data object to an original data object, without need for maintaining the original data object in the data storage device, andwherein the reporting component is configured to provide a chain-of-custody report based on the updated index, wherein the report includes an audit trail to show, using metadata, differences between data objects to ensure integrity as data objects are converted from one format to another format.

4. A non-transitory computer-readable storage medium whose contents cause a data storage system to perform a method for processing a document retention request, the method comprising:
- receiving a request to retain documents that match specified criteria;
  
  automatically identifying documents stored within the data storage system that match the specified criteria;
  
  placing a hold on the identified documents by automatically associating each of the identified documents with an undelete flag;
  
  automatically monitoring the data storage system to identify new documents that match the specified criteria; and
  
  ,automatically associated each of the new documents with the undelete flag,wherein the data storage system is configured to prevent a user from deleting a document that is associated with an undelete flag andto prevent a user from encrypting a document that is associated with an undelete flag; and
  
  determining a custodian of an identified document by analyzing metadata associated with the identified document in accordance with an information governance policy; and
  
  ,automatically and electronically notifying the custodian of the identified document that the identified document is subject to a retention request.
- View Dependent Claims (5, 6, 7, 8, 9)
- - 5. The non-transitory computer-readable storage medium of claim 4, wherein the method further comprises:
    - after litigation is reasonably anticipated, determining if the user is still employed with a company or generating documents; and
      
      ,automatically and electronically notifying the custodian that the identified document was attempted to be deleted, modified or encrypted.
  - 6. The non-transitory computer-readable storage medium of claim 4, wherein the method further comprises electronically notifying a custodian of an identified document that the identified document is subject to a legal hold.
  - 7. The non-transitory computer-readable storage medium of claim 4, wherein:
    - the data storage system manages production copies of data, online secondary copies of data, offline secondary copies of data, and third-party archive data;
      
      the data storage system includes an index that stores metadata associated with the production copies of data, online secondary copies of data, offline secondary copies of data, and third-party archive data; and
      
      ,wherein identifying documents stored within the data storage system that match the specified criteria comprises searching the metadata stored in the index.
  - 8. The non-transitory computer-readable storage medium of claim 4, wherein:
    - the data storage system manages production copies of data and online secondary copies of data;
      
      the data storage system includes an index that stores metadata associated with the production copies of data and online secondary copies of data; and
      
      , wherein identifying documents stored within the data storage system that match the specified criteria comprises searching the metadata stored in the index.
  - 9. The non-transitory computer-readable storage medium of claim 4, wherein the method further comprises:
    - determining that an identified document is a production copy located on a client, and that the identified document has not been copied to a secondary copy in secondary storage; and
      
      ,copying the identified document from the client to a secondary copy in secondary storage.

10. A method for performing a regulatory compliance task in a data storage system, the method comprising:
- receiving a definition of an information governance policy, wherein receiving the definition of the information governance policy includesreceiving a definition of a workflow policy that specifies a process of steps to identify and handle a set of documents in the data storage system,wherein the process of steps are defined at least in part by the classification tags, andwherein the definition of the workflow policy facilitates collaborative workflow by defining a first workflow task for at least a first user, and defining a second workflow task for at least a second user; and
  
  wherein receiving the definition of the information governance policy further comprises at least two of the following;
  
  receiving a definition of a classification policy, wherein the classification policy defines classification tags relevant to a compliance task, wherein the classification tags are for association with specified documents;
  
  receiving a definition of a reporting policy, wherein the reporting policy specifies a set of reports to provide to a user via a graphical user interface regarding a status of documents stored in the data storage system; and
  
  ,receiving a definition of a retention policy, wherein the retention policy specifies the manner in which documents should be stored within the data storage system, and wherein the retention policy is defined at least in part by the defined classification tags; and
  
  ,performing a compliance task with received documents in accordance with the received information governance information policy.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 11. The method of claim 10, wherein at least one of the defined classification tags is an entity tag that is associated with data content in a document that matches a specific data mask format.
  - 12. The method of claim 10, wherein the workflow policy specifies thatthe set of documents should be exported to a dedicated archive file;
    - or,custodians of a document in the set of documents should be notified that the document is not to be deleted.
  - 13. The method of claim 10, further comprising generating in the graphical user interface, in accordance with the reporting policy:
    - a report that indicates whether data in the data storage system is stored in compliance with a regulation, and wherein compliance with the regulation is determined in part by a specified performance metric;
      
      a report that indicates how the set of data objects has progressed through stages of a workflow defined by the workflow policy;
      
      or,a report that indicates a quantity of data objects in the data storage system that match a classification tag defined by the classification policy.
  - 14. The method of claim 10, wherein a user provides the received definition of an information governance policy via a policy template.
  - 15. The method of claim 10, further comprising:
    - receiving an indication of a previous point in time from a user; and
      
      ,presenting in the graphical user interface an indication of the state of data in the data storage system as it existed at the indicated previous point in time.
  - 16. The method of claim 10, further comprising detecting that a file stored on a client computer that matches a defined classification tag has been deleted, wherein the system detects the deletion by comparing two different data copy operations of the client that occurred at different times.
  - 17. The method of claim 10, further comprising receiving a modification to the retention policy in response to changed regulatory retention requirements.
  - 18. The method of claim 10 wherein the information governance policy is related to electronic discovery for a legal action, Sarbanes-Oxley reporting/auditing, or Health Insurance Portability and Accounting Act (HIPAA).
  - 19. The method of claim 10, further comprising indexing content of production data before secondary copy operations are performed, and associating a tag with a selected document in the production data to prevent deletion or encryption of the selected document.
  - 20. The method of claim 10, further comprising providing access to indexed content of off-line copies of data, wherein the off-line copies of data stored on magnetic tape and not available by the data storage system via a network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CommVault Systems Incorporated
Original Assignee
CommVault Systems Incorporated
Inventors
Brockway, Brian, Bunte, Alan, Van Wagoner, Christie J., Taylor, Simon, Muller, Marcus S., DeMeno, Randy, Reddy, Rammohan G., Prahlad, Anand
Primary Examiner(s)
Trujillo, James
Assistant Examiner(s)
Mamillapalli, Pavan

Application Number

US12/876,916
Publication Number

US 20110093471A1
Time in Patent Office

917 Days
Field of Search

707/608, 707/665, 707/662
US Class Current

707/662
CPC Class Codes

G06F 16/125   characterised by the use of...

G06F 16/313   Selection or weighting of t...

G06F 21/10   Protecting distributed prog...

G06F 21/6209   to a single file or object,...

G06F 21/6227   where protection concerns t...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2147   Locking files

G06Q 10/10   Office automation; Time man...

G06Q 50/18   Legal services

H04L 63/101   Access control lists [ACL]

H04L 63/20   for managing network securi...

Legal compliance, electronic discovery and electronic document handling of online and offline copies of data

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

577 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Legal compliance, electronic discovery and electronic document handling of online and offline copies of data

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

577 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links