DETAILED ACTION

	Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
The following is a non-final office action. Claims [1-8, 10-18, and 20-22] are currently pending and have been examined on their merits. 
Claims 1-8 and 11-18 are currently amended see REMARKS June 22, 2022.
Claims 21 and 22 are newly added see REMARKS June 22, 2022.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on August 08, 2022 has been entered.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-8, 10-18, and 20-22 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception that is an abstract idea without a practical application or significantly more.

Step 1: Claims 1-8, 10, and 21 recite a method (i.e. a process such as an act or series of steps), claims 11-18, 20, and 22 recite a computing apparatus, and therefore each claim falls within one of the four statutory categories.

Step 2A prong 1 (Is a judicial exception recited?): 
The representative claims 1 and 11 recite: A method for automatically updating an access control; the method comprising: obtaining, employment status data for a first user; comparing the employment status data with a most recent version of an employee record for the first user; when both of the employment status data and the most recent version of the employee record include information indicating that an employment of the first user is active, after a first predetermined amount of time, obtaining an updated version of the employment status data for the first user; and when the most recent version of the employee record includes the information indicating that the employment of the first user is active and the employment status data includes information that indicates that the employment of the first user has been terminated, automatically causing a disablement of an access of the first user, wherein the first predetermined amount of time is an amount of time that is required for the script to cycle through all employee records, and wherein the amount of time that is required for the script to cycle through all employee records is less than 24 hours.
The claims recite a mental process and a certain method of organizing human activity. Before computers one could mentally determine an employment status of a user and disable their access to a company’s network, supplies, buildings, etc. The Examiner find the recited claims to be similar to a claim to "collecting information, analyzing it, and displaying certain results of the collection and analysis," where the data analysis steps are recited at a high level of generality such that they could practically be performed in the human mind, Electric Power Group v. Alstom, S.A., 830 F.3d 1350, 1353-54, 119 USPQ2d 1739, 1741-42 (Fed. Cir. 2016), which the courts have also found to recite a mental process. Additionally, the claims are directed to a certain method of organizing human activity as the disclosure is directed to managing personal behavior or relationships or interactions between people. The Examiner finds the claims to simply recite a method of gathering information pertaining to an individual’s status and depending on their status executing a protocol. Therefore, the Examiner finds the claims to be similar to an example the courts have identified as being a certain method of organizing human activity: considering historical usage information while inputting data, BSG Tech. LLC v. Buyseasons, Inc., 899 F.3d 1281, 1286, 127 USPQ2d 1688, 1691 and a series of instructions of how to hedge risk, Bilski v. Kappos, 561 U.S. 593, 595, 95 USPQ2d 1001, 1004 (2010).
Step 2A Prong 2 (Is the exception integrated into a practical application?): The claims additionally recite; 
Claim 1: A distributed computer network, the method being implemented by at least one processor, and a distributed computing script.
Claim 11: A computing apparatus configured to implement an execution of a method, a memory, a communication interface coupled to each of the processor and the memory, a distributed computing network, and a distributed computing script.
The additional element of using social media data to help rate or assess an institution and a user is directed to merely a method of applying the known use of a computer to store and execute the method in the recited claim limitations. Therefore, the limitations merely amount to adding the words “apply it” (or an equivalent) to the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea, as discussed in MPEP 2106.05(f) and generally linking the use of the judicial exception to a particular technological environment or field of use, as discussed in MPEP 2106.05(h). Furthermore, a method for transmitting, receiving, and processing information does not amount to improvements to the functioning of a computer, or to any other technology or technical field, as discussed in MPEP 2106.05(a), applying the judicial exception with, or by use of, a particular machine, as discussed in MPEP 2106.05(b), effecting a transformation or reduction of a particular article to a different state or thing, as discussed in MPEP 2106.05(c), or applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception, as discussed in MPEP 2106.05(e). Accordingly, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. As the claims are merely directed to utilizing a computer to perform a generic functions such as using a computing to receive information pertaining to a user’s status and execute a procedure based on the received information, which is not significant improvements to the functionality of a generic computer and are directed to merely “apply it” or applying the abstract idea on a computer. Furthermore, these elements are similar to the examples in MPEP 2106.05(f)(2), Applicant's additional elements are similar to TLI Comms, Ultramercial, and Intellectual Ventures v. Cap One. As the claims invoke a computer merely as a tool to perform an existing process. Moreover, as the claims do not recite an improvement to a computer or technical field but just apply a known technology to an abstract idea they are still directed to an abstract idea and not integrated into a practical application (MPEP 2106.05(b) – an abstract idea applied to a computer does not improve the computer).  


The dependent claims 2-8, 10, 12-18, and 20-22 further narrow the abstract idea recited in the independent claims 1 and 11 and are therefore directed towards the same abstract idea. 

Step 2B (Does the claim recite additional elements that amount to significantly more that the judicial exception?): As discussed above, the additional imitations amount to adding the words “apply it” (or an equivalent) with the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea, as discussed in MPEP 2106.05(f) and generally linking the use of the judicial exception to a particular technological environment or field of use, as discussed in MPEP 2106.05(h). See reasoning for Step 2A prong 2. It is well- understood, routine, and conventional for a computer to be able to monitor a source of information for a target trigger and subsequently perform actions such as sending information or deleting information (see court case A web browser’s back and forward button functionality, Internet Patent Corp. v. Active Network, Inc., 790 F.3d 1343, 1348, 115 USPQ2d 1414, 1418 (Fed. Cir. 2015). See MPEP 2106.05(d) as well as USPTO Memorandum: Revising 101 Eligibility Procedure in view of Berkheimer v. HP, Inc. (April 19, 2018). It is also clear the recited claims would be well understood, routine, and conventional for a company or business to monitor their employee’s status’s and determine if the employees are still a part of the company and if not terminating that employee’s access to the company’s network (see Specification [0003-0004]). (See MPEP 2106.05(d). Electronic recordkeeping, Alice Corp., 134 S. Ct. at 2359, 110 USPQ2d at 1984 (creating and maintaining "shadow accounts"); Ultramercial, 772 F.3d at 716, 112 USPQ2d at 1755 (updating an activity log); Storing and retrieving information in memory, Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); OIP Techs., 788 F.3d at 1363, 115 USPQ2d at 1092-93; Electronically scanning or extracting data from a physical document, Content Extraction and Transmission, LLC v. Wells Fargo Bank, 776 F.3d 1343, 1348, 113 USPQ2d 1354, 1358 (Fed. Cir. 2014) (optical character recognition); Arranging a hierarchy of groups, sorting information, eliminating less restrictive pricing information and determining the price, Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1331, 115 USPQ2d 1681, 1699 (Fed. Cir. 2015) and Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information);


Dependent claims 2-5 and 12-15 are directed towards further narrowing the abstract idea of verifying a user’s status and sending a message to confirm their access.
Dependent claims 6-7 and 16-17 are directed towards further narrowing the abstract idea of verifying a user’s status and generating a verified report based on the status.
Dependent claims 8, 10, 18, and 20-22 are directed towards further narrowing the abstract idea of verifying a user’s status at a predetermined time intervals and disabling their access if the status is changed.

Claims 21-22 recite the additional elements of a powershell script, however, these claims are directed to merely reciting “apply it” or applying a known technology to perform the abstract idea. 


Therefore, claims 1-8, 10-18, and 20-22 are rejected under 35 U.S.C. 101.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 10, 11, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erhart (US 2010/0153171) in view of Todd (US 2012/0030756) further in view of Korkus (US 2011/0061093).
Claim 1 and 11: Erhart discloses (Claim 1) a method for automatically updating an access control with respect to a network, the method being implemented by at least one processor, the method comprising: (Paragraph [0024]) (Claim 11) a computing apparatus configured to implement an execution of a method for automatically updating an access control with respect to a network, the computing apparatus comprising: a processor; a memory; and a communication interface coupled to each of the processor and the memory, wherein the processor is configured to: (Paragraph [0028]) obtaining, from within the network, employment status data for a first user (Paragraph [0002]; [0038]; [0044]; Fig. 4, the embodiments include a system that allows an enterprise to manage employees based on both geo-location information and other characteristics of the employee or company policy. The system can identify the person and determine the status of the person. A status can be any status of the employee while working with the enterprise or not working with the enterprise. For example, status may include vacation, leave, terminated, shift assignment, legal or contractual obligation, or some other status of the employee or his employer. (The examiner notes that the broadest reasonable interpretation of a system capable of verifying an employees work status would include verifying if the employee is currently under contract or on leave or terminated as is disclosed by Erhart)). Comparing the employment status data with a most recent version of an employee record for the first user (Paragraph [0002]; [0026]; [0038]; [0041-0044]; Figs. 4-5, the embodiments include a system that allows an enterprise to manage employees based on both geo-location information and other characteristics of the employee or company policy. The system can identify the person and determine the status of the person. A status can be any status of the employee while working with the enterprise or not working with the enterprise. For example, status may include vacation, leave, terminated, shift assignment, legal or contractual obligation, or some other status of the employee or his employer. The enterprise data database stores data about persons associated with the enterprise about the relationships between the enterprise and the people (employment status), and other information. The personal data database may receive, store, or send one or more portions of the data structures. The data structures may include one or more fields. The data structure may include a person identifier field, a user status field. The persona may be an employee, an independent contractor, a former employee, or some other type of person which lasts over a period of time). And when the most recent version of the employee record includes the information indicating that the employment of the first user is active and the employment status data includes information that indicates that the employment of the first user has been terminated, automatically causing a disablement of an access of the first user to the network (Paragraph [0050-0053] the enterprise server can determine the status associated with a person. The enterprise server searches for the person identity in the personal data database. Upon finding the person ID the enterprise server can retrieve the user status. With the user status the enterprise server may search one or more even data structures for an event identity. Depending upon the event response and the outcome to the rule determination by the decision support system the decision support system may determine if an action is required. As an example, the action may be denying a person access to a location associated with an enterprise, disabling a device, denying a person access to a system associated with an enterprise, denying a person the operation of a system, sending a message to at least a second person to respond to the status associated with the first person, etc.).
However, Erhart does not disclose when both of the employment status data and the most recent version of the employee record include information indicating that an employment of the first user is active, waiting for a first predetermined amount of time and then obtaining an updated version of the employment status data for the first user, wherein the first predetermined amount of time is an amount of time that is required for the distributed computing script to cycle through all employee records, and wherein the amount of time that is required for the distributed computing script to cycle through all employee records less than 24 hours.
In the same field of endeavor of determining a user’s status regarding access permissions Todd teaches when both of the employment status data and the most recent version of the employee record include information indicating that an employment of the first user is active, waiting for a first predetermined amount of time and then obtaining an updated version of the employment status data for the first user (Paragraph [0023]; Figs. 3-4, the records from various systems and formats may be loaded into the permissions verification system and the system may process the access levels, user identifier, and/or other resources associated with each record. In arrangements in which records are received in various formats, some or all records may be formatted into a common record format. In some examples, the records may be collected over a period of time in order to obtain a spectrum of users. In one example of verifying user permissions in a mainframe system. The user records are received and may be collected over a predetermined time frame, such as one week, one month, one year, etc. The records may be received from varying systems or types of systems and in varying formats as needed. The records are transmitted to the permissions verification system). 
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system of when both of the employment status data and the most recent version of the employee record include information indicating that an employment of the first user is active, waiting for a first predetermined amount of time and then obtaining an updated version of the employment status data for the first user as taught by Todd (Todd [0023]). With the motivation of being a simple substitution as Erhart teaches a system of checking a user’s status periodically or whenever needed to verify their level of access would be substituted by a system that is capable of running the verification check at a predetermined time. Additionally, with the motivation of helping the process of verifying a user’s access level in a more efficient and faster process that leads to less errors or inaccurate results (Todd [0001]).
In the same field of endeavor of monitoring an employee’s status and changes to permissions Korkus teaches wherein the first predetermined amount of time is an amount of time that is required for the distributed computing script to cycle through all employee records, and wherein the amount of time that is required for the distributed computing script to cycle through all employee records less than 24 hours (Paragraph [0012-0016]; [0062-0067]; Figs. 1A-1C and 6, the present invention seeks to improve data access permission management systems. The system includes an access permission subsystem which governs access permissions of users to a network in real time and a future condition-based permission instruction subsystem providing instructions to grant or revoke access permissions of a user to the network in real time. The permission instruction subsystem provides instructions to the access permission system to grant or revoke access of the user to a network based on changes in at least one characteristic of at least one user of the network. The system continuously monitors relevant resources on the computer network for the existence of the state. Upon discovering the existence of the state, the system implements access permission modification instructions).
At the time the invention was effectively filed
Claims 10 and 20: Modified Erhart discloses the method as per claim 1 and the computing apparatus as per claim 11. However, Erhart does not disclose wherein the first predetermined amount of time is five hours or less.
In the same field of endeavor of determining a user’s status regarding access permissions Todd teaches wherein the first predetermined amount of time is five hours or less (Paragraph [0026]; Fig. 3, one example method of verifying user permissions in the mainframe system includes the records being collected over a predetermined time frame, such as one week, one month, one year, etc. (The examiner notes that the broadest reasonable interpretation of being able to set the predetermined period of time to various lengths such as a week, month, or year would also include a smaller range such as five hours or less)).
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system of wherein the first predetermined amount of time is five hours or less as taught by Todd (Todd [0023]). With the motivation of being a simple substitution as Erhart teaches a system of checking a user’s status periodically or whenever needed to verify their level of access would be substituted by a system that is capable of running the verification check at a predetermined time. Additionally, with the motivation of helping the process of verifying a user’s access level in a more efficient and faster process that leads to less errors or inaccurate results (Todd [0001]).
Claims 2-5 and 12-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erhart (US 2010/0153171) in view of Todd (US 2012/0030756) further in view of Korkus (US 2011/0061093) even further in view of McQuaide (US 2003/0217001).
Claims 2 and 12: Modified Erhart discloses the method as per claim 1 and the computing apparatus as per claim 11. However, Erhart does not disclose wherein when the access of the first user is disabled, the distributed computing script that is executed by the at least one processor to perform the method is further configured to perform the following operations: generating a notification message that includes information relating to the access disablement and transmitting the notification message to a predetermined destination.
In the same field of endeavor of managing a user’s access to a network McQuaide teaches wherein when the access of the first user is disabled, the distributed computing script that is executed by the at least one processor to perform the method is further configured to perform the following operations: generating a notification message that includes information relating to the access disablement and transmitting the notification message to a predetermined destination (Paragraph [0024] each server system receives requests from the server computer system requesting that one or more accounts be frozen or canceled due to loss. The servers may employ a security measure to ensure the server computer system has proper authorization to cancel the accounts. Once authorized the accounts are then frozen and canceled. The servers may further provide notifications to the user relating to the status of the accounts either directly or through the server).
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system of wherein when the access of the first user is disabled, the method further comprises generating a notification message that includes information relating to the access disablement and transmitting the notification message to a predetermined destination as taught by McQuaide (McQuaide [0024]). With the motivation of helping managing an individual’s access to a network to improve system security (McQuaide [0007]).
Claims 3 and 13: Modified Erhart discloses the method as per claim 2 and the computing apparatus as per claim 12. However, Erhart does not disclose wherein the distributed computing script that is executed by the at least one processor to perform the method, is further configured to perform the following operations: receiving a confirmation that the notification message is successfully received.
In the same field of endeavor of managing a user’s access to a network McQuaide teaches  wherein the distributed computing script that is executed by the at least one processor to perform the method, is further configured to perform the following operations: receiving a confirmation that the notification message is successfully received (Paragraph [0024]; [0051-0052] each server system receives requests from the server computer system requesting that one or more accounts be frozen or canceled due to loss. The servers may employ a security measure to ensure the server computer system has proper authorization to cancel the accounts. Once authorized the accounts are then frozen and canceled. The servers may further provide notifications to the user relating to the status of the accounts either directly or through the server. Following the notification operation, the client receives a confirmation form the server system that the cancellation request has been made).
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system of wherein when the access of the first user is disabled, the method further comprises generating a notification message that includes information relating to the access disablement and transmitting the notification message to a predetermined destination as taught by McQuaide (McQuaide [0024]). With the motivation of helping managing an individual’s access to a network to improve system security (McQuaide [0007]).
Claims 4 and 14: Modified Erhart discloses the method as per claim 2 and the computing apparatus as per claim 12. However, Erhart does not disclose wherein when a confirmation that the notification message is successfully received is not received within a second predetermined amount of time, wherein the distributed computing script that is executed by the at least one processor to perform the method, is further configured to perform the following operations: generating a reminder message that includes information relating to prompting a response from a recipient and transmitting the reminder message to the predetermined destination.
In the same field of endeavor of managing a user’s access to a network McQuaide teaches wherein when a confirmation that the notification message is successfully received is not received within a second predetermined amount of time, wherein the distributed computing script that is executed by the at least one processor to perform the method, is configured to perform the following operations: generating a reminder message that includes information relating to prompting a response from a recipient and transmitting the reminder message to the predetermined destination  (Paragraph [0024]; [0051-0052]; [0058] each server system receives requests from the server computer system requesting that one or more accounts be frozen or canceled due to loss. The servers may employ a security measure to ensure the server computer system has proper authorization to cancel the accounts. Once authorized the accounts are then frozen and canceled. The servers may further provide notifications to the user relating to the status of the accounts either directly or through the server. Following the notification operation, the client receives a confirmation. Alternatively, a general confirmation may be displayed indicating follow up capabilities. Once the confirmation is displayed the flow ends at end operation).
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system of wherein when the access of the first user is disabled, the method further comprises generating a notification message that includes information relating to the access disablement and transmitting the notification message to a predetermined destination as taught by McQuaide (McQuaide [0024]). With the motivation of helping managing an individual’s access to a network to improve system security (McQuaide [0007]).
Claims 5 and 15: Modified Erhart discloses the method as per claim 2 and the computing apparatus as per claim 12. Erhart further discloses wherein the distributed computing script that is executed by the at least one processor to perform the method, is further configured to perform the following operations: logging a first parameter that indicates an identification of the employment termination (Paragraph [0002] the embodiments of the system is able to identify a person and determine a status of the person. A status can include any status of the employee while working or not working with the enterprise such as terminated or some other status). A second parameter that indicates a success/failure status of the access disablement (Paragraph [0031] The action identifier module is operable to determine an action that must be conducted in response to an event. For example, the action may include denying a person access to a system with an enterprise, disabling a device, etc.).
However, Erhart does not disclose and a third parameter that indicates whether the notification message has been transmitted.
In the same field of endeavor of managing a user’s access to a network McQuaide teaches a third parameter that indicates whether the notification message has been transmitted (Paragraph [0024]; [0051-0052] each server system receives requests from the server computer system requesting that one or more accounts be frozen or canceled due to loss. The servers may employ a security measure to ensure the server computer system has proper authorization to cancel the accounts. Once authorized the accounts are then frozen and canceled. The servers may further provide notifications to the user relating to the status of the accounts either directly or through the server. Following the notification operation, the client receives a confirmation).
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system of a third parameter that indicates whether the notification message has been transmitted as taught by McQuaide (McQuaide [0024]). With the motivation of helping managing an individual’s access to a network to improve system security (McQuaide [0007]).
Claims 6 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erhart (US 2010/0153171) in view of Todd (US 2012/0030756) further in view of Korkus (US 2011/0061093) even further in view of Newman (US 2012/0311706).
Claims 6 and 16: Modified Erhart discloses the method as per claim 1 and the computing apparatus as per claim 11. However, Erhart does not disclose wherein the distributed computing script that is executed by the at least one processor to perform the method, is further configured to perform the following operations verifying a compliance with at least one rule that relates to a Payment Card Industry Data Security Standard (PCI DSS).
In the same field of endeavor of managing a systems security and controlling user access Newman teaches wherein the distributed computing script that is executed by the at least one processor to perform the method, is further configured to perform the following operations: verifying a compliance with at least one rule that relates to a Payment Card Industry Data Security Standard (PCI DSS) (Paragraph [0008]; [0030-0031]; [0047-0048] in an exemplary embodiment the system ensures compliance with data security standards for merchants that store, process, and transmit secure data including a security appliance located at a merchant’s site to perform multiple security functions). 
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system of further comprising verifying a compliance with at least one rule that relates to a Payment Card Industry Data Security Standard as taught by Newman (Newman [0047]). With the motivation of helping to maintain a more secure system environment for a company (Newman [0002]).
Claims 7 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erhart (US 2010/0153171) in view of Todd (US 2012/0030756) further in view of Korkus (US 2011/0061093) even further in view of Villars (US 2009/0313258).
Claims 7 and 17: Modified Erhart discloses the method as per claim 1 and the computing apparatus as per claim 11. However, Erhart does not disclose wherein the distributed computing script that is executed by the at least one processor to perform the method, is further configured to perform the following operations: generating a Service Organization Control 1 (SOC 1) report that relates to a result of executing the method. 
In the same field of endeavor of managing a series of rules pertaining to user verification Villars teaches wherein the distributed computing script that is executed by the at least one processor to perform the method, is further configured to perform the following operations: generating a Service Organization Control 1 (SOC 1) report that relates to a result of executing the method (Paragraph [0003]; [0018-0020]; Figs. 2-3, a user of the computing system logs into a network in order to access the SOCS reporting application. Once the user initiates the application to start a processing job, the user may be presented with a GUI that allows the user to input information to configure the output data that will be contained within a SOCS status report. The generated SOCS status reports are associated with the login verification/ validation information of a computer system user that initiated the SOCS status report generating job).
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system of further comprising generating a Service Organization Control 1 (SOC 1) report that relates to a result of executing the method as taught by Villars (Villars [0018]). With the motivation of helping to provide specifically needed information pertaining to a work order or an employee for an organization to provide an ease of access (Villars [0002]).
Claims 8 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erhart (US 2010/0153171) in view of Todd (US 2012/0030756) further in view of Korkus (US 2011/0061093) even further in view of Greff (US 2007/0174903).
Claims 8 and 18: Modified Erhart discloses the method as per claim 1 and the computing apparatus as per claim 11. However, Erhart does not disclose wherein the causing the disablement of the access of the first user to the distributed computer network comprises resetting a password that relates to the access of the first user to the distributed computer network.
In the same field of endeavor of managing employees’ access to a network Greff teaches wherein the causing the disablement of the access of the first user to the distributed computer network comprises resetting a password that relates to the access of the first user to the distributed computer network (Paragraph [0013]; [0031-0033]; [0039]; Fig. 5, the present invention is for an improved method and system for managing user identities in a network. An administrator is provided with the ability to add, modify, and delete actors (employees/ users) on the network. Each actor such as a help desk, is ascribed use cases, such as enabling passwords, resetting passwords, and disenabling passwords that are appropriate for the actor).
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of managing a company’s employees and their respective access to the system by determining various statuses as disclosed by Erhart (Erhart [0002]) with the system wherein the causing the disablement of the access of the first user to the network comprises resetting a password that relates to the access of the first user to the network as taught by Greff (Greff [0033]). With the motivation of helping to track a large amount of information within a company’s network to help better manage a series of employees (Greff [0002-0003]).
Claims 21-22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erhart (US 2010/0153171) in view of Todd (US 2012/0030756) further in view of Korkus (US 2011/0061093) even further in view of Catrinescu, Vlad. Essential PowerShell for Office 365. Apress:, 2018.
Claims 21-22: Modified Erhart discloses the method as per claim 1 and the computing apparatus as per claim 11. However, Erhart does not disclose wherein the distributed computing script that is executed by the at least one processor to perform the method, is a PowerShell script.
In the same field of endeavor of disclosing systems to manage software used to manage tasks in a business Catrinescu teaches wherein the distributed computing script that is executed by the at least one processor to perform the method, is a PowerShell script (Chapter 1 pp. 1-4: office 365 admin app allows administrators to manage users and do easy tasks, such as assigning a license. Office 365 can be used by developers in a company to create applications that will make management easier. Powershell is really the most powerful tool out there to manage office 365. Powershell is a command-line environment that is designed specifically for system administration in the Microsoft environment and extends to Linux as well. Powershell allows you to automate stuff done on a regular basis).
At the time the invention was effectively filed it would have been obvious to one of ordinary skill in the art to modify the system of creating a software program which runs a in a network to determine if a worker’s status has changed and apply a rule or conduct an action based on the change in status as disclosed by Erhart (Erhart [0005]; [0012]). For example, denying a user’s access to a device such as a laptop in a network while their status is set to be on leave (Erhart [0005]). With the system of wherein the distributed computing script that is executed by the at least one processor to perform the method, is a PowerShell script at taught by Catrinescu (Catrinescu page 2). At Catrinescu teaches utilizing Powershell as a cross platform scripting language that is commonly used to automate tasks in a business environment. With the motivation of being “obvious to try” as Catrinescu teaches it is common in the art of business to utilize a Powershell script as a type of language to create automated tasks in a digital environment. Additionally, it would be a simple substitution for one of ordinary skill in the art to substitute the recited “combination of hardware and software that is capable of performing the functionality associated with that element” as disclosed by Erhart (Erhart [0012]) with a Powershell script.
Therefore, claims 1-8, 10-18, and 20-22 are rejected under 35 U.S.C. 103.
Response to arguments
Applicant’s arguments, see REMARKS, filed June 22, 2022, with respect to the rejections of claims 1-8, 10-18, and 20-22 under U.S.C. 101 have been fully considered but are not persuasive.
The applicant argues that the claims are not directed to a mental process as they recite continuously executing a distributed computing script that is necessary to ensure access removal being executed in a timely manner. However, the examiner respectfully disagrees as the claims are directed to obtaining employment status data, comparing the status data with a most recent version of an employee record, after a predetermined amount of time obtaining an updated version of the employment data, and when the employee record includes information indicating the employment status data includes information that indicates that the employment of the user has been terminated disabling an access of the user. The examiner finds that an HR representative of a corporation would be routinely performing these actions before computers regarding the employment of individuals and their access to various corporate assets. Examples of cases the courts have identified as reciting a mental process includes: a claim to "collecting information, analyzing it, and displaying certain results of the collection and analysis," where the data analysis steps are recited at a high level of generality such that they could practically be performed in the human mind, Electric Power Group v. Alstom, S.A., 830 F.3d 1350, 1353-54, 119 USPQ2d 1739, 1741-42 (Fed. Cir. 2016) and a claim to collecting and comparing known information (claim 1), which are steps that can be practically performed in the human mind, Classen Immunotherapies, Inc. v. Biogen IDEC, 659 F.3d 1057, 1067, 100 USPQ2d 1492, 1500 (Fed. Cir. 2011). Furthermore, the courts do not distinguish a mental process performed in the human mind and that performed by a generic computer an example of a case identifying a mental process performed on a generic computer as an abstract idea is Voter Verified, Inc. v. Election Systems & Software, LLC, 887 F.3d 1376, 1385, 126 USPQ2d 1498, 1504 (Fed. Cir. 2018). In this case, the Federal Circuit relied upon the specification in explaining that the claimed steps of voting, verifying the vote, and submitting the vote for tabulation are "human cognitive actions" that humans have performed for hundreds of years. The claims therefore recited an abstract idea, despite the fact that the claimed voting steps were performed on a computer. 887 F.3d at 1385, 126 USPQ2d at 1504. Another example is Versata, in which the patentee claimed a system and method for determining a price of a product offered to a purchasing organization that was implemented using general purpose computer hardware. 793 F.3d at 1312-13, 1331, 115 USPQ2d at 1685, 1699. The Federal Circuit acknowledged that the claims were performed on a generic computer, but still described the claims as "directed to the abstract idea of determining a price, using organizational and product group hierarchies, in the same way that the claims in Alice were directed to the abstract idea of intermediated settlement, and the claims in Bilski were directed to the abstract idea of risk hedging." 793 F.3d at 1333; 115 USPQ2d at 1700-01.
The applicant argues that the claims are directed to a practical application as they recite an improvement in automating the access removal process for terminated employees. However, the examiner respectfully disagrees as the courts have identified that a claims needs to include an improvement in the functioning of a computer, or an improvement to other technology or technical field, applying or using a judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition, Implementing a judicial exception with, or using a judicial exception in conjunction with, a particular machine or manufacture that is integral to the claim, Effecting a transformation or reduction of a particular article to a different state or thing, or Applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception to be integrated into a practical application. The examiner does not believe the recited claims are directed into any of these categories as they merely recite a method for verifying a user’s access status by obtaining and comparing their access status to a the most recent version of employee records. This process is directed to a mental process and merely recites “apply it” or applying a generic computer or known technology to perform the abstract idea. Improving a standard business practice by automating it using a computer does not recite an improvement to a technology or technical field. Similar examples of cases the courts have identified as not disclosing an improvement to a computer or technical field include: Mere automation of manual processes, such as using a generic computer to process an application for financing a purchase, Credit Acceptance Corp. v. Westlake Services, 859 F.3d 1044, 1055, 123 USPQ2d 1100, 1108-09 (Fed. Cir. 2017) or speeding up a loan-application process by enabling borrowers to avoid physically going to or calling each lender and filling out a loan application, LendingTree, LLC v. Zillow, Inc., 656 Fed. App'x 991, 996-97 (Fed. Cir. 2016) (non-precedential); Recording, transmitting, and archiving digital images by use of conventional or generic technology in a nascent but well-known environment, without any assertion that the invention reflects an inventive solution to any problem presented by combining a camera and a cellular telephone, TLI Communications, 823 F.3d at 611-12, 118 USPQ2d at 1747; A commonplace business method being applied on a general purpose computer, Alice Corp., 573 U.S. at 223, 110 USPQ2d at 1976; Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); and Gathering and analyzing information using conventional techniques and displaying the result, TLI Communications, 823 F.3d at 612-13, 118 USPQ2d at 1747-48.
The applicant further argues that the claims are directed to being significantly more because they provide a mechanism for periodically updating the access control and automatically disabling access in prescribed circumstances. However, the examiner respectfully disagrees as the mere automation of a manual process using a generic computer does not integrate the claims into a practical application. The claims are directed to an abstract idea of a mental process and merely “apply it” or applying a known technology or generic computer to perform the abstract idea of periodically updating the access controls and disabling access in prescribed circumstances. 
The applicant further argues that the claims are directed to a practical application as they recite an unconventional technical solution to a technical problem by using a distributed computing script to continuously monitor a distributed computer network. However, the examiner respectfully disagrees as a computing script is a series of instructions to be carried out by a computer or computing network and using a computing script to tell a computing network to follow a series of rules to improve the speed and efficacy of monitoring employee turnover if a large organization is not an improvement to a technical problem. But, merely using a generic computer to perform an abstract idea in a larger environment that possible without the aid of a generic computer but not beyond what would be typical for a generic computer. Therefore, the examiner maintains the current 101 rejection.
Applicant argues that claims 2-8, 10, 12-18, and 20 are allowable as being dependent on claims 1 and 11 and therefore are rejected under the same rejection.
Applicant’s arguments, see REMARKS, filed June 22, 2022, with respect to the rejections of claims 1, 10, 11, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Erhart (US 2010/0153171) in view of Todd (US 2012/0030756) further in view of Korkus (US 2011/0061093), are moot because Applicant has amended the claims, which required further search and consideration and new art was applied. However, where applicable the examiner will respond to arguments.
Claims 1 and 11: Applicant argues that the combination of Erhart and Todd does not disclose the newly amended claim limitation of “the first predetermined amount of time is an amount of time that is required for the distributed computing script to cycle through all employee records, and wherein the amount of time that is required for the distributed computing script to cycle through all employee records is less than 24 hours.” However, the examiner finds that Korkus can be used in combination with Erhart to teach the claim limitations. As Erhart discloses a system of determining access rules for employee’s based on changes in user’s status (Erhart [0002]). Erhart further discloses monitoring user’s status and changes over time to determine a user’s access permission based on those changes (Erhart [0044]). While Korkus discloses continuously monitoring the status of users in a system for changes to their access permissions (Korkus [0065]). Therefore, the continuous monitoring performed by Korkus can be used in combination with Erhart to disclose the amended claim limitation of cycling through employee records to determine changes to their status or access permissions in less than 24 hours.
Claims 2-8, 10, 12-18, and 20-22 were argued as being allowable only as being dependent on claims 1 and 11. Therefore, they are also rejected under the same rejection as above. 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
Woodings (US 2004/0267595) Worker and document management system.
Faitelson (US 2014/0059654) Access permissions entitlement review.
McQuaide Jr. (US 2003/0217001) Lost credit card notification system and method.
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COREY RUSS whose telephone number is (571)270-5902.  The examiner can normally be reached on M-F 7:30-4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynda Jasmin can be reached on 5712726782.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/COREY RUSS/Examiner, Art Unit 3629        

/RICHARD W. CRANDALL/Examiner, Art Unit 3689