DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is in response to Amendment filed 08/18/2022.
Claims 1-3, 5-7, 11, 12 and 19 have been amended, and claim 4 has been canceled.  Currently, claims 1-3 and 5-22 are pending.

Remarks

Amendments to claim are effective to overcome the claim objection and the 112(b) rejection presented in the previous Office action.  Therefore, the previous claim objection and the previous 112(b) rejection have been withdrawn.

Applicant’s arguments, see Remarks, pages 22-27, filed 08/18/2022, with respect to amended independent claim 1 have been fully considered and are persuasive.  In addition to further search and consideration, the prior art rejection of claims 1-3 and 5-10 has been withdrawn. 

Applicant's arguments, see Remarks, page 32, filed 08/18/2022, with respect to independent claim 11 have been fully considered but they are not persuasive.  Therefore, the previous prior art rejection of claims 11-22 is maintained.

To expedite the patent examination, Examiner contacted Applicant’s representative to discuss proposed amendments to independent claim 11 to place remaining claims in condition for allowance (see attached Interview Summary and the following Examiner’s Amendment section).

Claims 1-3, 5-11 and 13-22, as presented and/or amended in the following Examiner’s Amendment section, are allowed.

EXAMINER'S AMENDMENT

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in an interview with Mr. Randy R. Schoen (Reg. No. 62,440) on 08/31/2022.

The application has been amended as follows: 



Amendment to Specification:
Please amendment paragraph [0001] of the Specification filed on 08/18/2022 as follows:

[0001]	This application is a continuation application which claims priority to, and the benefit of, U.S. Non-Provisional application Ser. No. 17/079,937, filed Oct. 26, 2020 and issued as U.S. Patent No. 11,087,225 on August 10, 2021, which claims priority to U.S. Provisional Application No. 62/925,569, filed Oct. 24, 2019; and which is a continuation of International Application No. PCT/US2020/057245, filed Oct. 24, 2020, which claims priority to U.S. Provisional Application No. 62/925,569, filed Oct. 24, 2019, all of which are hereby incorporated by reference in their entireties.

Amendment to Claims:
Please amend claims 5, 8, 11, 13-16 and 19-22, and cancel claim 12 as presented in the following complete listing of claims as follows:

(Previously Presented) A method of identifying protected information elements associated with unique entities in data file collections comprising:
receiving, by a computer, a first data file collection comprising a plurality of data files stored on or associated with an enterprise IT network, wherein;
the first data file collection includes the plurality of data files comprising structured, unstructured, and semi-structured file types; and
at least a portion of the plurality of data files comprises one or more protected information elements associated with one or more unique entities having one or more entity identifications;
analyzing, by the computer, the plurality of data files to identify a presence of protected information elements;
generating, by the computer, information about the first data file collection comprising:
a count of data files;
a listing of data file types;
a listing of protected information element types in the plurality of data files;
a count of protected information element types;
a count of protected information elements in the plurality of data files;
a count of protected information elements in each data file;
a count of protected information elements per each data file type;
a count of data files including at least one protected information element; and
an entity count, wherein the entity count includes more than one entity identification associated with some unique entities; and 
configuring, by the computer, the generated information about the first data file collection for use in machine learning information for use in evaluating additional data file collections;
e.	generating, by the computer, a second data file collection comprising each first collection data file identified by the computer as including one or more protected information elements; 
f.	configuring, by the computer, a plurality of identified data files in the second data file collection for display and selection on a user device;
g.	displaying, by the computer, one or more of the plurality of identified data files on the user device;
h.	analyzing, by a human reviewer, the one or more displayed data files to confirm the computer identification of the one or more protected information elements in each of the one or more displayed data files, wherein:
i.	if the human reviewer confirms that the one or more protected information elements are not present in the displayed data file, the method further comprises:
1.	selecting, by the human reviewer, that displayed data file for removal from the second data file collection; and
2.	removing, by the computer, that displayed data file from the second data file collection; or
ii.	if the human reviewer confirms that the one or more protected information elements are present in the displayed data file, the method further comprises:
1.	selecting, by the human reviewer, that displayed data file to remain in the second data file collection; and
2.	linking, by either or both the human reviewer or the computer, each of the one or more protected information elements with a unique entity having one or more entity identifications; and
i.	recording, by the computer, information associated with the human reviewer’s actions; and
j.	incorporating, by the computer, information derived from the human reviewer’s actions into the machine learning information for use in subsequent data file analyses. 

(Previously Presented) The method of claim 1 further comprising generating a data file review plan associated with human review of at least a portion of the plurality of data files in the first data file collection for identification, by one or more human reviewers, of protected information element types associated with the one or more unique entities having one or more entity identifications.

(Previously Presented) The method of claim 1, wherein the generated information about the first data file collection is configured for use in a dashboard, and wherein the dashboard is configured for display of at least the following generated information on a user device:
the count of data files;
the listing of data file types;
the listing of protected information element types in the plurality of data files;
the count of protected information element types;
the count of protected information elements;
the count of protected information elements in each data file;
the count of protected information elements per each data file type;
the count of data files including at least one protected information element; and
the entity count. 

(Cancelled)

(Currently Presented) The method of claim 1, further comprising: 
identifying, by the computer, additional data files in either or both of the first and second data file collections having a presence of: 
one or more protected information elements associated with one or more unique entities having one or more entity identifications; or
one or more entity identifications associated with a unique entity; 
determining, by the computer or by the human reviewer, whether one or more identified protected information elements or one or more entity identifications [[is]] are associated with a unique entity;
generating, by the computer, data file linkage information for each protected information element determined to be associated with a unique entity; and
configuring, by the computer, the data file linkage information for use in one or more of:
[[the]] a user notification;
[[the]] a report; 
[[the]] a dashboard; or
the machine learning information for use in subsequent data file analyses.

(Previously Presented) The method of claim 1, wherein the first and second data file collections include data files comprising tabular data associated with a plurality of unique entities having one or more entity identifications, and the method further comprises:
identifying, by the computer, a first data file comprising tabular data having one or more rows or columns including either or both of one or more protected information elements and one or more entity identifications associated with a unique entity;
configuring, by the computer, the first data file for display and selection on the user device;
displaying, by the computer, the first data file on the user device;
identifying, by the human reviewer, one or more columns or rows on the displayed first data file as corresponding to a protected information element type or an entity identification; 
generating, by the computer, linkage information for the protected information element type and a corresponding entity identification;
recording, by the computer, information derived from the human reviewer’s actions in:
identifying the protected information element type;
identifying the entity identification; and
generating the linkage information; and 
incorporating, by the computer, the recorded information into the machine learning information for use in subsequent data file analyses.


(Previously Presented) The method of claim 1, wherein a plurality of entity identifications for a unique entity are present in at least a portion of the data files of the first and second data file collections and the method further comprises performing, by the computer, an entity resolution step, thereby generating resolved unique entity identifications for at least a portion of the unique entities in the first and second data file collections. 

(Currently Amended) The method of claim 7, wherein each resolved unique entity identification is linked to one or more protected information elements, and wherein linkage information for the resolved unique entity identification and the one or more protected information elements is configured for use in one or more of:
[[the]] a user notification;
[[the]] a report; 
[[the]] a dashboard; 
the machine learning information for use in subsequent data file analyses; or 
a notification to a unique entity having one or more protected information elements present in one or more data files in the first or second data file collections.

(Original) The method of claim 1, wherein the generated information about the first data file collection is derived from analysis, by the computer, of the enterprise IT network after receipt of a notification of a data breach event.

(Original) The method of claim 1, wherein at least a portion of the one or more protected information elements is associated with one or more compliance-related activities defined by one or more of laws, regulations, policies, procedures, and contractual obligations associated with the protected information elements.

(Currently Amended) A method of analyzing a collection of data files in data file collections for the presence of protected information elements associated with unique entities comprising:
receiving, by a computer, a first data file collection comprising a plurality of data files stored on or associated with an enterprise IT network, wherein:
the first data file collection includes the plurality of data files comprising structured, unstructured, and semi-structured file types; and
at least a portion of the plurality of data files comprise one or more protected information elements associated with one or more unique entities having one or more entity identifications;
analyzing, by the computer, the plurality of data files in the first data file collection for a presence of protected information elements;
generating, by the computer, information about the first data file collection comprising:
a count of data files;
a listing of data file types;
a listing of protected information element types in the plurality of data files;
a count of protected information element types;
a count of protected information elements in the plurality of data files;
a count of protected information elements in each data file;
a count of protected information elements per each data file type;
a count of data files including at least one protected information element; and
an entity count, wherein the entity count includes more than one entity identification associated with some unique entities; and 
generating, by the computer, a data file review plan associated with human review of at least a portion of the plurality of data files in the first data file collection for identification, by one or more human reviewers, of a presence of one or more protected information element types associated with the one or more unique entities having one or more entity identifications; and
configuring, by the computer, the data file review plan for use in one or more of:
a user notification;
a report; 
a dashboard; or
machine learning information for use in data file analysis;
wherein the generated information about the first data file collection is configured as the machine learning information and the method further comprises:
f.	generating, by the computer, a second data file collection comprising each first collection data file determined by the computer as including one or more protected information elements; 
g.	configuring, by the computer, a plurality of determined data files in the second data file collection for display and selection on a user device;
h.	displaying, by the computer, one or more of the plurality of determined data files on the user device;
i.	analyzing, by a human reviewer, the one or more displayed data files to confirm the computer identification of the one or more protected information elements in each or the one or more displayed data files, wherein:
i.	if the human reviewer confirms that the one or more protected information elements are not present in the displayed data file, the method further comprises:
1.	selecting, by the human reviewer, that displayed data file for removal from the second data file collection; and
2.	removing, by the computer, that displayed data file from the second data file collection; or
ii.	if the human reviewer confirms that the one or more protected information elements are present in the displayed data file, the method further comprises:
1.	selecting, by the human reviewer, that displayed data file to remain in the second data file collection; and
2.	linking, by either or both the human reviewer or the computer, each of the one or more protected information elements with a unique entity having one or more entity identifications; and
j.	recording, by the computer, information associated with the human reviewer’s actions; and
k.	incorporating, by the computer, information derived from the human reviewer’s actions into the machine learning information for use in subsequent data file analyses. 

(Canceled).

(Currently Amended) The method of claim [[12]] 11 wherein the one or more displayed data files are derived from the plurality of determined data files by a filtering process in which a data file comprising a larger number of protected information elements is selected for display prior to a data file comprising a fewer number of protected information elements. 

(Currently Amended) The method of claim [[12]] 11 wherein the one or more displayed data files are derived from the plurality of determined data files by a filtering step in which a data file is selected for display according to a generated probability that the computer’s determination about the presence of the one or more protected information elements is a correct identification of the presence of the one or more protected information elements. 

(Currently Amended) The method of claim [[12]] 11 wherein linkage information for the linked protected information and unique entity is generated by the human reviewer and the method further comprises:
analyzing, by the computer, each of the first and second data file collections to determine the presence of additional data files including one or more protected information elements associated with the unique entity; and
when a determination is made that an additional data file includes one or more protected information elements associated with the unique entity, linking, by the computer or the human reviewer, the one or more protected information elements in that data file with the unique entity. 

(Currently Amended) The method of claim [[12]] 11, wherein a plurality of entity identifications for a unique entity are present in at least a portion of the data files of the first and second data file collections and the method further comprises performing, by the computer, an entity resolution step, wherein the entity resolution step comprises combining a plurality of entity identifications with a unique entity, thereby generating resolved entity identifications for at least a portion of the unique entities in the data files. 

(Original) The method of claim 16 further comprising:
generating, by the computer, a confidence level that a resolved entity identification for a unique entity correctly resolves the plurality of entity identifications to that unique entity and, if the generated confidence level is below a threshold level, configuring one or more resolved data files linked with the unique entity for display and selection on the user device; 
displaying, by the computer, at least a portion of the resolved data files on the user device;
confirming, by the human reviewer, that the computer-generated entity resolution correctly assigned each of the plurality of entity identifications to the unique entity, wherein:
if the human reviewer confirms that the computer-generated entity resolution correctly assigned each of the plurality of entity identifications to the unique entity, maintaining the previously generated resolved entity identification; and
if the human reviewer does not confirm that the computer-generated entity resolution correctly assigned each of the plurality of entity identifications to the unique entity, removing each incorrect resolved entity identification; and
recording, by the computer, information associated with the human reviewer’s entity resolution confirmation actions for use in subsequent data file analyses.

(Original) The method of claim 16, wherein each resolved entity identification is linked to one or more protected information elements, and wherein linkage information for the resolved entity identification and one or more protected information elements is configured for use in one or more of:
the user notification;
the report; 
the dashboard; 
the machine learning information for use in subsequent data file analyses; or 
a notification to a unique entity having one or more protected information elements present in one or more data files in the first or second data file collections.

(Currently Amended) The method of claim [[12]] 11, wherein the first and second data file collections include data files comprising tabular data associated with a plurality of unique entities having one or more entity identifications, and the method further comprises:
identifying, by the computer, a first data file comprising tabular data having one or more rows or columns including either or both of one or more protected information elements and one or more entity identifications associated with a unique entity;
configuring, by the computer, the first data file for display and selection on the user device;
displaying, by the computer, the first data file on the user device;
identifying, by the human reviewer, one or more columns or rows on the displayed first data file as corresponding to a protected information element type or an entity identification; 
generating, by the computer, linkage information for the protected information element type and a corresponding entity identification;
recording, by the computer, information derived from the human reviewer’s actions in:
identifying the protected information element type;
identifying the entity identification; and
generating the generated linkage information; and 
incorporating, by the computer, the recorded information into the machine learning information for use in subsequent data file analyses.

(Currently Amended) The method of claim [[12]] 11, wherein the first data file collection is derived from analysis of the enterprise IT network after receipt of a notification of a data breach event.

(Currently Amended) The method of claim [[12]] 11, wherein at least a portion of the one or more protected information elements is associated with one or more compliance-related activities defined by one or more of laws, regulations, policies, procedures, and contractual obligations associated with the protected information elements.

(Currently Amended) The method of claim [[12]] 11, wherein the subsequent data file analyses of a data file collection of interest comprises analysis of one or more of:
the first data file collection derived from the enterprise IT network;
the second data file collection;
a third data file collection derived from a bulk data file collection stored on or associated with the enterprise IT network; or
a fourth data file collection derived from a bulk data file collection stored on or associated with a second enterprise IT network that is different from the enterprise IT network.

Reasons for Allowance

The following is an examiner’s statement of reasons for allowance: 

The present invention is directed to method/system for analyzing a collection of data files to identify protected information elements associated with unique entities, which comprises receiving a first data file collection including a plurality of data files, analyzing the plurality of data files to identify a presence of protected information elements, generating information about the first data file collection, configuring the generated information about the first data file collection for variety of uses, generating a data file review plan and/or a second data file collection including each first collection data file identified by the computer as including one or more protected information elements, providing  the second data file collection for human review process, recording information associated with human review actions, and incorporating information derived from human review actions into the machine learning information for use in subsequent data file analyses.
 
The closest prior art of record, Bhowan et al. (U.S. Publication No. 2019/0213354) teaches a method/system for analyzing a corpus of documents relating to an organization to identify a set of values indication personal information associated with one or more individuals by using a set of natural language processing techniques (see Abstract), which comprises accessing/receiving a corpus of document, analyzing documents in the corpus to identify a set of values indicating personal information for particular individual, determining a set of relationships between one or more values of the set of value indicating the personal information, and automatically generating a set of user profiles that associates personal information of individual with documents in the corpus (see [0016]-[0017], [0022]-[0023], [0026]-[0027] and [0030]-[0031]).  The system further classifies types of personal information, provides information included in the corpus of document for use in machine learning (see [0072]-[0073]), and provides a list of documents to a user for performing risk management assessments by identifying which documents (as well as a percentage of total documents) have personal document (see [0106]).
 
However, Bhowan et al. fails to anticipate or render obvious at least the recited features of a computer/human review process/action including analyzing, by a human reviewer, the one or more displayed data files to confirm the computer identification of the one or more protected information elements in each of the one or more displayed data files, wherein: (1) if the human reviewer confirms that the one or more protected information elements are not present in the displayed data file, the method further comprises: (i) selecting, by the human reviewer, that displayed data file for removal from the second data file collection; and (ii) removing, by the computer, that displayed data file from the second data file collection; OR (2) if the human reviewer confirms that the one or more protected information elements are present in the displayed data file, the method further comprises: (i) selecting, by the human reviewer, that displayed data file to remain in the second data file collection; and (ii) linking, by either or both the human reviewer or the computer, each of the one or more protected information elements with a unique entity having one or more entity identifications, as similarly presented in independent claims 1 and 11.
 
These features, together with the other limitations of the independent claims are novel and non-obvious over the prior art of record.  The dependent claims 2-3, 5-10 and 13-22being definite, enabled by the specification, and further limiting to the independent claim, are also allowable.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”









Contact Information

Any inquiry concerning this communication or earlier communications from the examiner should be directed to PHUONG THAO CAO whose telephone number is (571)272-2735. The examiner can normally be reached Monday - Friday: 9:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashish Thomas can be reached on 571-272-0631. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Phuong Thao Cao/Primary Examiner, Art Unit 2164