Legal compliance, electronic discovery and electronic document handling of online and offline copies of data
First Claim
1. A system to provide data management services, wherein the system is communicatively coupled to at least one client computer and at least one third party server computer, the system comprising:
- a data storage system coupled to the at least one client computer via a local area network and to the third party server computer via a wide area network or public computer network,wherein the third party server computer is associated with a company or organization unaffiliated with a company or organization controlling operation of the data storage system, and,wherein the data storage system includes;
at least one server computer,at least one data storage device, anda retention component configured toreceive data objects from the at least one client computer, wherein the data objects from the at least one client computer are associated with a first format,receive data objects from the third party server computer, wherein the data objects from the third party server computer are associated with a second format, wherein the first and second formats differ, andapply respective first and second retention policies to the data objects in the first and second formats to store the data objects in the at least one data storage device according to the first and second retention policies, andwherein at least one of the first or second retention policies requires received data objects be de-duplicated, encrypted, or both de-duplicated and encrypted, andwherein the received data objects are not converted to another format;
a data classification component configured to content index and classify the data objects in the first and second formats;
a search component configured to permit searching via the at least one client computer and the third party server computer of the data objects of the first and second formats, respectively,wherein the search component is further configured to apply searching restrictions or access control based on securities policies, and without need for data agents on the at least one client computer or on the third party server computer; and
,a reporting component configured to provide reports based on search results provided by the search component,wherein the data storage system is further configured to;
calculate a hash value for a newly received data object,determine that the calculated hash does not match a previously stored hash for a previously stored copy of the data object, andreport that contents of the data object have changed.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods of electronic document handling permit organizations to comply with legal or regulatory requirements, electronic discovery and legal hold requirements, and/or other business requirements. The systems described provide a unified approach to data management that enables compliance, legal and IT personnel to focus efforts on, e.g., a single data repository. The systems permit users to define and utilize information governance policies that help automate and systematize different compliance tasks. In some examples, organizations may push data in any third-party data format to the systems described herein. The systems may permit compliance or IT personnel to detect when a legally sensitive production file has been changed or deleted. The systems may also provide a unified dashboard user interface. From a dashboard interface, users may perform searches, participate in collaborative data management workflows, obtain data management reports, and adjust policies. Other elements and features are disclosed herein.
577 Citations
20 Claims
-
1. A system to provide data management services, wherein the system is communicatively coupled to at least one client computer and at least one third party server computer, the system comprising:
a data storage system coupled to the at least one client computer via a local area network and to the third party server computer via a wide area network or public computer network, wherein the third party server computer is associated with a company or organization unaffiliated with a company or organization controlling operation of the data storage system, and, wherein the data storage system includes; at least one server computer, at least one data storage device, and a retention component configured to receive data objects from the at least one client computer, wherein the data objects from the at least one client computer are associated with a first format, receive data objects from the third party server computer, wherein the data objects from the third party server computer are associated with a second format, wherein the first and second formats differ, and apply respective first and second retention policies to the data objects in the first and second formats to store the data objects in the at least one data storage device according to the first and second retention policies, and wherein at least one of the first or second retention policies requires received data objects be de-duplicated, encrypted, or both de-duplicated and encrypted, and wherein the received data objects are not converted to another format; a data classification component configured to content index and classify the data objects in the first and second formats; a search component configured to permit searching via the at least one client computer and the third party server computer of the data objects of the first and second formats, respectively, wherein the search component is further configured to apply searching restrictions or access control based on securities policies, and without need for data agents on the at least one client computer or on the third party server computer; and
,a reporting component configured to provide reports based on search results provided by the search component, wherein the data storage system is further configured to; calculate a hash value for a newly received data object, determine that the calculated hash does not match a previously stored hash for a previously stored copy of the data object, and report that contents of the data object have changed. - View Dependent Claims (2, 3)
-
4. A non-transitory computer-readable storage medium whose contents cause a data storage system to perform a method for processing a document retention request, the method comprising:
-
receiving a request to retain documents that match specified criteria; automatically identifying documents stored within the data storage system that match the specified criteria; placing a hold on the identified documents by automatically associating each of the identified documents with an undelete flag; automatically monitoring the data storage system to identify new documents that match the specified criteria; and
,automatically associated each of the new documents with the undelete flag, wherein the data storage system is configured to prevent a user from deleting a document that is associated with an undelete flag and to prevent a user from encrypting a document that is associated with an undelete flag; and determining a custodian of an identified document by analyzing metadata associated with the identified document in accordance with an information governance policy; and
,automatically and electronically notifying the custodian of the identified document that the identified document is subject to a retention request. - View Dependent Claims (5, 6, 7, 8, 9)
-
-
10. A method for performing a regulatory compliance task in a data storage system, the method comprising:
-
receiving a definition of an information governance policy, wherein receiving the definition of the information governance policy includes receiving a definition of a workflow policy that specifies a process of steps to identify and handle a set of documents in the data storage system, wherein the process of steps are defined at least in part by the classification tags, and wherein the definition of the workflow policy facilitates collaborative workflow by defining a first workflow task for at least a first user, and defining a second workflow task for at least a second user; and wherein receiving the definition of the information governance policy further comprises at least two of the following; receiving a definition of a classification policy, wherein the classification policy defines classification tags relevant to a compliance task, wherein the classification tags are for association with specified documents; receiving a definition of a reporting policy, wherein the reporting policy specifies a set of reports to provide to a user via a graphical user interface regarding a status of documents stored in the data storage system; and
,receiving a definition of a retention policy, wherein the retention policy specifies the manner in which documents should be stored within the data storage system, and wherein the retention policy is defined at least in part by the defined classification tags; and
,performing a compliance task with received documents in accordance with the received information governance information policy. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification